IRGC-Linked Hackers Package Modular Malware in Monolithic Trojan

August 20, 2024 at 05:06AM State-level Iranian APT TA453 (aka APT42) recently executed a phishing attack by disguising as the research director of ISW and engaging with an Israeli rabbi. They delivered a new monolithic PowerShell Trojan, “AnvilEcho,” bundling their previous espionage tools into a single script. This change aims to reduce malware download size … Read more

In Other News: WEF’s Unsurprising Cybersecurity Findings, KyberSlash Cryptography Flaw

January 12, 2024 at 09:46AM A weekly cybersecurity roundup by SecurityWeek provides a concise compilation of noteworthy stories often overlooked. This week’s round-up includes the WEF’s cybersecurity report, a kyber vulnerability, a self-spreading botnet, Iranian APT attacking Albania, North Korean crypto theft, a new cybersecurity institute, disclosures of vulnerabilities, reports from Cloudflare, and patches for … Read more

Iran-Linked ‘OilRig’ Cyberattackers Target Israel’s Critical Infrastructure, Over & Over

December 14, 2023 at 11:28AM Iranian APT group OilRig has targeted Israeli organizations in 2022 through cyberattacks leveraging custom downloaders. These downloaders, using legitimate Microsoft cloud services, facilitated command-and-control communications and data exfiltration. ESET researchers warned that OilRig’s continuous development of new variants makes them a formidable threat, specializing in cyber espionage primarily in the … Read more

Iranian APT Targets Israeli Education, Tech Sectors With New Wipers

November 6, 2023 at 06:54AM Since January 2023, an Iranian advanced persistent threat (APT) group called Agrius, also known as Agonizing Serpens, BlackShadow, Pink Sandstorm, and DEV-0022, has been targeting higher education and technology organizations in Israel. The group, believed to be sponsored by the Iranian government, is engaging in espionage and destructive attacks, mainly … Read more