#IranianThreat

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

by

August 20, 2024 at 06:40AM Summary: Iranian state-sponsored threat actors, identified as TA453, have orchestrated spear-phishing campaigns targeting a prominent Jewish figure to deliver a new intelligence-gathering tool called AnvilEcho. The enterprise security company Proofpoint is tracking this activity, reflecting IRGC intelligence priorities, and the adversary’s active retooling of its arsenal with the new Go-based … Read more

Iran named as source of Trump campaign phish, leaks

by

August 20, 2024 at 02:36AM US authorities have implicated Iran in a recent cyber attack on the US Republican Party’s presidential nominee, Donald Trump’s campaign. The joint statement from the Office of the Director of National Intelligence, FBI, and CISA warned of Iran’s attempts to influence the US elections and undermine democratic institutions. The agencies … Read more

Iranian Cyber Threat Group Drops New Backdoor, ‘BugSleep’

by

July 18, 2024 at 02:06AM MuddyWater, an Iranian cyber-espionage group, has shifted from using legitimate remote management software to deploying a custom backdoor implant known as BugSleep. This shift was prompted by the ineffectiveness of their previous approach. The group’s tactics involve phishing, deploying malicious PDFs, and targeting various government and critical industries in the … Read more

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors

by

February 28, 2024 at 10:45AM Iran-nexus threat actor UNC1549 attributed to cyber attacks in Middle East, including Israel and U.A.E. Also targeting Turkey, India, and Albania. Suspected activity ongoing since June 2022, using Microsoft Azure infrastructure, spear-phishing emails, and custom backdoors MINIBIKE and MINIBUS for intelligence collection and network access. Evasion methods make detection challenging. … Read more

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

by

February 4, 2024 at 12:19PM The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on six Iranian intelligence officials connected to cyber attacks on critical infrastructure in the U.S. and abroad. The officials, including Reza Lashgarian, are linked to the Iranian Revolutionary Guard Corps Cyber-Electronic Command. The attack involved hacking into programmable … Read more

Iran-Linked Agrius APT Group Targets Israeli Education, Tech Sectors

by

November 7, 2023 at 12:34PM Throughout this year, Israel’s higher education and technology sectors have been targeted by a series of attacks. The attackers, identified as the advanced persistent threat (APT) Agonizing Serpens, associated with Iran, have exploited Web servers and deployed Web shells to gain access to networks. The attacks involve stealing sensitive information, … Read more