August 28, 2024 at 02:04PM Iranian government-sponsored cybercriminals continue to attack US and foreign networks, using VPN and firewall vulnerabilities. The FBI, CISA, and the Department of Defense warn that Pioneer Kitten targets schools, banks, hospitals, and government agencies. Another group, Peach Sandstorm, linked to the Iranian Islamic Revolutionary Guard Corps, employs a new custom … Read more
April 23, 2024 at 02:43PM The Treasury Department’s OFAC has sanctioned four Iranian nationals for cyberattacks against the U.S. government and defense contractors. Two front companies and top officials from the Iranian Armed Forces service have also been targeted. The Justice Department has charged individuals involved in the cyber campaign and is offering rewards for … Read more
February 4, 2024 at 10:42AM The US government has imposed sanctions on six Iranian officials from the Islamic Revolutionary Guard Corps Cyber-Electronic Command for launching cyberattacks against an Israeli company, Unitronics. The attacks targeted critical infrastructure in the US and other countries. This action aims to hold the perpetrators accountable for their malicious cyber activities, … Read more
December 18, 2023 at 01:24AM The U.S. CISA stresses eliminating default passwords on internet-exposed systems due to severe risks exploited by Iranian threat actors. Mitigation measures include utilizing unique setup passwords or enabling multi-factor authentication. CISA advises strong passwords, network segregation, and encryption to enhance security. Additionally, recommendations for hardening software supply chains have been … Read more
December 1, 2023 at 09:58PM The FBI, CISA, NSA, EPA, and INCD issued a joint advisory about Iranian IRGC-affiliated cyber actors targeting operational technology, specifically Israeli-made Unitronics PLCs used in critical sectors in the US. Since November 2023, these actors have exploited poor security, primarily default passwords, to deface and potentially disrupt systems. Mitigations include … Read more
November 12, 2023 at 10:37AM Imperial Kitten, a threat actor linked to the Iranian Armed Forces, has been conducting cyberattacks since 2017. Recently, they targeted transportation, logistics, and technology firms using phishing emails with malicious attachments. They gained network access, moved laterally, and communicated with a command and control server using custom malware. Previously, they … Read more