May 6, 2024 at 09:15AM Iran’s state-sponsored cyberespionage group APT42, also known as Calanque and UNC788, has been using new backdoors to target NGOs, government, and intergovernmental organizations. The group, operating since at least 2015 and believed to be linked to the Islamic Revolutionary Guard Corps, uses social engineering to target academia, activists, media organizations, … Read more
February 21, 2024 at 03:06AM Summary: Iranian state-backed APT groups are posing as hacktivists, carrying out cyberattacks against Israeli critical infrastructure. Referred to as “faketivists,” they aim to create plausible deniability for the state and offer support to the Israeli-Gaza war. Meanwhile, Hamas-related cyber activity has significantly reduced, possibly due to internet disruptions. Based on … Read more
December 20, 2023 at 12:33PM Iran-backed cyberespionage group, Seedworm, is targeting telecommunication organizations in North and East Africa, using tools like PowerShell, SimpleHelp, and Venom Proxy. Seedworm has been active since 2017 and previously linked to Iran’s MOIS. This group typically relies on spear-phishing emails containing various legitimate remote administration tools. Seedworm’s targets include government … Read more