Tag: iran
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Overview This is an update to the Cyber Heads-up we posted back on March 4, 2026, with detailed information about Iranian threat activity tied to ongoing U.S./Israeli operations. Analysis At the start of hostilities with Iran, we at Assura took proactive steps to identify and create alerts for known Iranian-sponsored Indicators of Compromise (IOC). We”¦…
-
New Federal Strategies, Rising Risk From Iran Top Cyber Themes
When cybersecurity experts from the public and private sectors gathered this week, AI and critical infrastructure took a back seat to frontline defense in light of recent international headlines. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/new-federal-strategies-rising-risk-from-iran-top-cyber-themes/
-
ISMG Editors: Iran Conflict Expands Into Cyber Warfare
Also: the Pentagon-Anthropic AI Legal Showdown, the New Reality of Document Fraud. In this week’s panel, four ISMG editors discuss the cyber activity tied to the U.S.-Israel-Iran conflict, the Pentagon’s standoff with AI firm Anthropic and a new report that reveals how document fraud reflects deeper weaknesses in verification systems. First seen on govinfosecurity.com Jump…
-
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/
-
Iran-Linked Hacktivists Claim Destructive Cyberattack on Medtech Firm Stryker
A hacktivist group with alleged links to Iran’s intelligence agencies has claimed responsibility for a destructive cyberattack against Stryker, the Michigan-based global medical technology company, in an incident that reportedly disrupted operations across the company’s international network. News reports from Ireland, Stryker’s largest hub outside the United States, said the company sent more than 5,000…
-
Iran War Bait Fuels TA453, TA473 Phishing Campaigns
Tags: cloud, credentials, cyber, espionage, exploit, government, iran, malware, middle-east, phishing, service, theft, threatTA453, TA473, and several emerging threat clusters are exploiting breaking news about the Iran war to run highly targeted phishing campaigns against governments and policy organizations across the Middle East and beyond. These operations blend traditional espionage with opportunistic credential theft and malware delivery, often abusing compromised government accounts and trusted cloud services to increase…
-
Iran-Linked Handala Ramps Up Wiper Attacks on Israeli, Western Targets
Tracking an increased risk of wiper attacks related to the conflict with Iran, including multiple related incidents impacting organizations in Israel and the US. For the latest intelligence on cyberattacks. The campaign uses destructive “wiper” malware designed to erase systems and disrupt business operations permanently. Security experts believe these activities are part of a broader…
-
Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict
It’s been difficult early on to separate signal from noise, even if the attack on the medical device maker looks like a qualified success for the attackers. First seen on cyberscoop.com Jump to article: cyberscoop.com/stryker-cyberattack-iranian-hackers-handala/
-
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they’re working with actual cybercriminal groups. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-mois-criminals-cyberattacks
-
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
Tags: access, attack, authentication, best-practice, ceo, computer, credentials, cyber, cyberattack, data, flaw, group, hacker, identity, infrastructure, intelligence, iran, jobs, mobile, phone, service, software, supply-chain, theft, threat, updateHandala claims credit: The Handala threat group quickly claimed responsibility for the attack. While the group’s involvement is just a claim for now, Stryker employees reportedly saw a version of the Handala logo a cartoon of a Palestinian boy with his back turned and hands crossed behind him on affected devices.Handala’s identity is hard to…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…
-
Why Stryker’s Outage Is a Disaster Recovery Wake-Up Call
The Iranian cyberattack on Stryker is the kind of stress test that business continuity and disaster recovery programs often do not plan for. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/stryker-outage-disaster-recovery-wake-up-call
-
“Handala Hack” Unveiling Group’s Modus Operandi
ey Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destructive wiping attacks combined with “hack and leak” operations. The threat actor operates several online personas, with the most prominent among them beingHomeland Justice, maintained from mid-2022 specifically for multiple attacks…
-
Payment Giant Verifone Disputes Iranian Hacking Group Hit
Tehran-Linked Handala Hackers Disrupt Medtech Giant Stryker, Claim Verifone Breach. As the United States and Israel continue their war with Iran, Tehran-linked hacking group Handala has entered the fray, claiming credit for wiping systems at medical technology firm Stryker, which confirmed the attack, as well as breaching payment device maker Verifone, which denied being breached.…
-
How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks
Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran’s use of “hacktivism” as cover for chaotic, retaliatory state-sponsored cyberattacks. First seen on wired.com Jump to article: www.wired.com/story/handala-hacker-group-iran-us-israel-war/
-
Iran-Linked Hacktivists Hit Stryker, Knocking Employees Offline Across Multiple Countries
A cyberattack disrupted global operations at medical device maker Stryker, knocking employees offline and raising concerns about destructive wiper attacks. The post Iran-Linked Hacktivists Hit Stryker, Knocking Employees Offline Across Multiple Countries appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-stryker-cyberattack-global-systems-disruption/
-
Coalition of information-sharing groups warns of cyber, physical attacks
A joint advisory says Iran-linked groups are targeting U.S. critical infrastructure using DDoS, phishing and other retaliatory techniques. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/information-sharing-groups-warns-cyber-physical-attacks/814539/
-
Iran-Linked Hacktivists Claim Wiper Attack on Stryker Systems
Iran-linked hacktivists claim responsibility for a cyberattack that disrupted global operations at medical technology company Stryker. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/iran-linked-hacktivists-claim-wiper-attack-on-stryker-systems/
-
The State of Cyber Warfare in 2026: Nation-State Attacks, AI Weapons, and the New Digital Battlefield
Cyber operations no longer occur only during wartime. Digital activity now runs continuously alongside diplomacy, sanctions, and military tensions. This has become particularly visible amid escalating hostilities involving Iran, Israel, and the United States, where intelligence agencies have warned of possible retaliatory cyber activity linked to the conflict. In this environment, cyber warfare 2026 is highlighted by persistent nation-state cyberattacks, covert intrusion…
-
Iran-linked group says it hacked US company in retaliation for Minab school bombing
Hacker group Handala claimed responsibility for attack that caused ‘global disruption’ to Stryker Corporation’s systemsAn Iran-linked group said it hacked a US medical company, causing “global disruption” to its systems, in retaliation for the bombing of the Minab school in Iran, in an attack seen as widening the Middle East into the cyber realm.Handala, a…
-
War spreads into cyberspace after Iran-linked hackers hit medtech giant Stryker
An Iran-linked hacking group has claimed responsibility for a cyberattack on U.S. medical device giant Stryker, marking a potential escalation of cyber activity tied to the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/12/iran-linked-hacking-group-stryker-cyberattack/
-
Iran Claim Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/
-
Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker’s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at…
-
Pro-Iran hacktivist group says it is behind attack on medical tech giant Stryker
The hacktivist group claimed the attack was in retaliation for a U.S. strike on a Tehran school that killed more than 175 people, most of them children. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/11/stryker-hack-pro-iran-hacktivist-group-handala-says-it-is-behind-attack/
-
News brief: Strikes on Iran put cybersecurity teams on alert
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366639824/News-brief-Strikes-on-Iran-put-cybersecurity-teams-on-alert