Tag: iran
-
FBI Seizes Two Websites Linked to Pro-Iranian Group Handala
The FBI has seized two websites, including the leak site, of Handala, a highly active pro-Iranian threat group responsible for the high-profile wiping attack on U.S.-based medical tech company Stryker in which it erased the data from about 80,000 corporate and personal devices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/fbi-seizes-two-websites-linked-to-pro-iranian-group-handala/
-
Microsoft Intune MDM Gains Notoriety After Stryker Hack
Properly Configured Mobile Development Management Tools Can’t Wipe Personal Data. Mobile device management software is having a moment of notoriety after Iran-aligned hacking group Handala used Microsoft Intune to wipe the mobile devices of employees at medical device manufacture Stryker. Tens of thousands of personal devices were likely affected. First seen on govinfosecurity.com Jump to…
-
Microsoft Intune MDM Gains Notoriety After Stryker Hack
Properly Configured Mobile Development Management Tools Can’t Wipe Personal Data. Mobile device management software is having a moment of notoriety after Iran-aligned hacking group Handala used Microsoft Intune to wipe the mobile devices of employees at medical device manufacture Stryker. Tens of thousands of personal devices were likely affected. First seen on govinfosecurity.com Jump to…
-
Feds keep eyes peeled for Iran cyberattacks, respond to Stryker breach
There’s been no visible surge, at least not yet, said DOD’s Terry Kalka and CISA’s Nick Andersen. First seen on cyberscoop.com Jump to article: cyberscoop.com/feds-keep-eyes-peeled-for-iran-cyberattacks-respond-to-stryker-breach/
-
FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker
The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
-
FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker
The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
-
Lock down Microsoft Intune, feds warn after Stryker attack
Iran-linked attackers wiped employees’ devices using Intune First seen on theregister.com Jump to article: www.theregister.com/2026/03/19/microsoft_intune_lockdown_stryker/
-
Lock down Microsoft Intune, feds warn after Stryker attack
Iran-linked attackers wiped employees’ devices using Intune First seen on theregister.com Jump to article: www.theregister.com/2026/03/19/microsoft_intune_lockdown_stryker/
-
Cisa tells US organisations to harden endpoint management after Stryker attack
Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640448/Cisa-tells-US-organisations-to-harden-endpoint-management-after-Stryker-attack
-
FBI, CISA warn on Microsoft Intune risks after Iran-linked cyberattack on Stryker
The attackers behind a recent attack on Stryker did not use malware, instead breaking into a legitimate Microsoft device management system called Intune and wiping the company’s data that way. First seen on therecord.media Jump to article: therecord.media/fbi-cisa-warn-of-microsoft-intune-risks-stryker
-
FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
The FBI and the Justice Department took down two websites linked to the pro-Iranian hacktivist group Handala, which last week hacked medical tech giant Stryker. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/
-
Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network
A misconfigured open directory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a single actor stitched together a 15-node network across Iran and Finland using commodity tools and sloppy operational security. The discovery shows how financially or personally motivated actors can reuse tradecraft seen in Iranian APT…
-
EU Sanctions Companies in China, Iran for Cyberattacks
Already sanctioned in the US and the UK, these rulings prohibit companies and a couple of principals from entering or doing business in the European Union. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/eu-sanctions-companies-china-iran-cyberattacks
-
Stryker Wiper Attack: Hackers Boast as Lawsuits Pile Up
Medtech Maker Is Still Recovering While Iranian Hackers Threaten More Attack Victims. As medtech maker Stryker continues working to restore global IT systems brought offline by a cyberattack last week, class action lawsuits against the company are piling up in federal court and the Iranian hackers claiming credit for the attack are warning of more…
-
US intelligence chief grilled on absence of election threats in security assessment
Previous clandestine community assessments have documented, at least at a high level, attempts by Iran, Russia or China to sway voters with online propaganda or through cyber operations. First seen on therecord.media Jump to article: therecord.media/us-intel-chief-senate-election-security-threat-assessment
-
Threat groups target cyber-physical systems to disrupt critical infrastructure providers
The Iran war has raised concerns that key industrial sectors could be the target of hacktivists, state actors and other groups. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-target-cyber-physical-systems-to-disrupt-critical-infrastruct/815074/
-
News brief: Risk of Iran-backed cyberattacks rising in U.S.
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366640393/News-brief-Risk-of-Iran-backed-cyberattacks-rising-in-US
-
CISA official says agency has not seen uptick in cyber threats amid Iran war
Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks. First seen on therecord.media Jump to article: therecord.media/cisa-official-says-agency-has-not-seen-uptick-cyber-threats-iran
-
Tracking the Iran War: A Month of Escalation and Regional Impact
Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Follow me on Twitter:@securityaffairsandFacebookandMastodon PierluigiPaganini (SecurityAffairs hacking, Iran) First seen on securityaffairs.com Jump to article: securityaffairs.com/189604/cyber-warfare-2/tracking-the-iran-war-a-month-of-escalation-and-regional-impact.html
-
Iran Cyber Ops Merge With PsyOps and EW Amid Escalating Conflict
A new phase of the Iran war is unfolding in which ballistic missiles, drones, electronic warfare, and cyber operations are being deployed in parallel, with cyber activity increasingly tied to kinetic targeting, damage assessment, and strategic messaging. Iran’s leadership has framed retaliation as a duty following the death of Ayatollah Ali Khamenei, while President Donald…
-
Iran’s cyberattack against med tech firm is ‘just the beginning’
Even without a navy, or air power, ‘They’ll still have the ability to hack’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/irans_cyberattack_against_stryker/
-
Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran
Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch increasingly decentralized and destructive cyberattacks, which are expected to increase as long as the kinetic battle continues. First seen on securityboulevard.com Jump to…
-
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure
EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners. >>The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried…
-
EU Belatedly Sanctions Chinese and Iranian Hackers
Chinese Hacking Firm iSoon and Iran’s Emennet Pasargad Among Targets. The European Union sanctioned three Chinese and Iranian hacking operations that have been under U.S. indictments or sanctions for over a year – or, in one case, since 2019. The sanctions freeze assets and forbid EU citizens and companies from funding or otherwise doing business…