U.S. Agencies Warn of Iranian Hacking Group’s Ongoing Ransomware Attacks

August 29, 2024 at 07:48AM U.S. cybersecurity agencies have exposed an Iranian hacking group, Pioneer Kitten, coordinating ransomware attacks in the U.S. and abroad, targeting various sectors including education, finance, healthcare, defense, as well as local government entities. The group also utilizes fake HR websites to collect personal information and surveillance threats aligned with the … Read more

Google Disrupts Iranian Hacking Activity Targeting US Presidential Election

August 15, 2024 at 09:21AM Google has disrupted an Iranian state-sponsored hacking campaign targeting individuals linked to the US elections. The campaign, attributed to APT42, targeted personal email accounts of former US officials and affiliates of President Biden and former President Trump. Google has proactively referred the activity to law enforcement and observed the use … Read more

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

May 7, 2024 at 09:57AM Iranian state-backed hacking group APT42 utilizes advanced social engineering tactics to breach target networks and cloud environments. The group impersonates journalists and event organizers to gain trust and steal credentials, operating as part of the larger APT35 group. Their operations involve extensive credential harvesting and data exfiltration while evading detection. … Read more

CISO Corner: Operationalizing NIST CSF 2.0; AI Models Run Amok

March 1, 2024 at 05:44PM CISO Corner provides a weekly digest with cybersecurity articles for security operations readers and leaders. The current issue covers topics such as NIST Cybersecurity Framework 2.0, quantum-resistant encryption, managing AI models, SEC penalties for data breach disclosure, biometric regulation challenges, Iranian hacking group targeting aerospace and defense firms, microprocessor security … Read more

Iran Threatens Israel’s Critical Infrastructure With ‘Polonium’ Proxy

December 7, 2023 at 10:29AM Iranian-backed Lebanese hackers, known as Polonium, have escalated cyberattacks on Israel’s critical infrastructure, expanding from espionage to destructive operations. Microsoft reported Polonium targeted multiple Israeli sectors since 2021, with a recent focus on water and energy. They often use fragmented malware to evade detection. Attacks coincide with increased regional tensions … Read more

Iranian hackers lurked in Middle Eastern govt network for 8 months

October 19, 2023 at 12:45PM Iranian hacking group MuddyWater, also known as APT34 or OilRig, breached a Middle Eastern government network and maintained access for eight months. They used a PowerShell backdoor called PowerExchange to steal passwords and data, and blend in with typical network traffic. They also utilized other tools such as Backdoor.Tokel, Trojan.Dirps, … Read more