August 30, 2024 at 07:30AM Cybersecurity researchers have discovered a new network infrastructure set up by Iranian threat actors to support recent targeting of U.S. political campaigns, displaying a meticulously crafted system using dynamic DNS providers for phishing attacks. This comes amid increased Iranian cyber activity against the U.S., including ramped-up malicious cyber activities. After … Read more
May 21, 2024 at 05:15PM Iranian state-backed groups, Scarred Manticore and Void Manticore, collaborate to conduct espionage and destructive cyber operations in Albania and Israel. Scarred Manticore excels in sophisticated, stealthy spying using the Liontail malware framework, while Void Manticore employs hack-and-leak tactics and destructive operations, making defense challenging for targeted organizations. Both groups require … Read more
May 4, 2024 at 12:19PM APT42, an Iranian state-backed threat actor, is using social engineering, specifically posing as journalists, to breach Western and Middle Eastern corporate networks and cloud environments. The group, affiliated with Iran’s IRGC-IO, targets NGOs, media outlets, and more. They employ custom backdoors “Nicecurl” and “Tamecat” to gain access and exfiltrate data. … Read more
February 9, 2024 at 04:09PM Iran’s offensive operations against Israel in the Israel-Hamas conflict quickly escalated and expanded, with cyberattacks and influence operations increasing. Iranian threat actors coordinated with Hamas and expanded their targets to Albania, Bahrain, and the US. The collaboration between Iranian threat actors increased, leading to higher effectiveness. The increased collaboration poses … Read more