Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft

February 9, 2024 at 04:09PM Iran’s offensive operations against Israel in the Israel-Hamas conflict quickly escalated and expanded, with cyberattacks and influence operations increasing. Iranian threat actors coordinated with Hamas and expanded their targets to Albania, Bahrain, and the US. The collaboration between Iranian threat actors increased, leading to higher effectiveness. The increased collaboration poses … Read more

Microsoft: Iranian hackers target researchers with new MediaPl malware

January 17, 2024 at 03:39PM Microsoft warns that an Iranian hacker group, linked to the IRGC, is targeting high-profile individuals in research organizations and universities in Europe and the US using spearphishing attacks. The attackers use custom-tailored phishing emails and new backdoor malware called MediaPl to steal sensitive data and gather intelligence aligning with Iranian … Read more

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities

January 2, 2024 at 05:12PM The Aliquippa water authority in western Pennsylvania fell victim to an international cyberattack by Iranian-backed hackers. The attack targeted a piece of Israeli-made equipment, prompting concerns about potential dangers to water utilities across the US. Efforts to address cybersecurity vulnerabilities and funding challenges continue at the state and federal levels. … Read more

Cyberattack Targets Albanian Parliament’s Data System, Halting Its Work

December 28, 2023 at 02:06PM Albania’s Parliament confirmed a cyberattack on its data system, resulting in a temporary service halt. The attack did not compromise the system’s data, but experts are investigating potential consequences. Iranian-based hackers allegedly targeted other entities. This incident follows a previous cyberattack that led to severed diplomatic ties with Iran. The … Read more

Iran’s ‘Peach Sandstorm’ Cyberattackers Target Global Defense Network

December 22, 2023 at 11:52AM Microsoft observed Iranian nation-state cyberattackers Peach Sandstorm delivering FalseFont backdoor to individuals within the military-industrial sector, aiming for global infrastructure supporting military research. FalseFont allows remote access, file execution, and data transmission to control servers. It was first observed in early November, and the group’s ongoing improvements suggest continued interest … Read more

Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity

December 11, 2023 at 07:48AM Recent cyber attacks by Iranian hackers on US water authorities and ransomware attacks on the health care industry should prompt utilities and industries to enhance cybersecurity. Deputy national security adviser Anne Neuberger emphasized the need for stricter digital security, particularly against persistent threats from hostile countries and criminal groups. The … Read more

ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government

December 4, 2023 at 08:12AM Cyber Av3ngers, a group linked to the Iranian government, is attacking industrial control systems (ICS) at several US water facilities, reports SecurityWeek. Clear Takeaways from Meeting Notes: 1. The Cyber Av3ngers group is actively targeting industrial control systems (ICS) at various water facilities. 2. There is an affiliation between the … Read more

MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel

November 9, 2023 at 06:39AM Iranian state-sponsored hacking group MuddyWater is using a new command-and-control framework called MuddyC2Go in attacks targeting Israel. The framework, written in Go programming language, is believed to have been in use since early 2020. MuddyC2Go generates PowerShell payloads for post-exploitation activities, and experts recommend close monitoring of PowerShell activity. Key … Read more