Tag: iran

US sanctions Russian, Iranian groups for election interference

Dec 31, 2024 9:27 PM

Tags: ai, election, group, intelligence, iran, russia

The two entities are accused of partnering with intelligence agencies using artificial intelligence to conduct information operations against U.S. audiences. First seen on cyberscoop.com Jump to article: cyberscoop.com/russia-china-sanctions-election-interference/
US sanctions Russian and Iranian entities for interfering in presidential election

Dec 31, 2024 7:27 PM

Tags: election, iran, russia

The Treasury Department announced sanctions against the Moscow-based Center for Geopolitical Expertise and Iran’s Cognitive Design Production Center, accusing each entity of operations targeted at American voters prior to the 2024 elections.]]> First seen on therecord.media Jump to article: therecord.media/2024-election-influence-operations-russia-iran-sanctions
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

Dec 31, 2024 1:29 PM

Tags: china, data, iran, korea, north-korea, privacy, russia, threat

The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela.”This final rule is a crucial step forward in addressing the extraordinary…
Top 12 ways hackers broke into your systems in 2024

Dec 31, 2024 8:27 AM

Tags: access, adobe, ai, api, apt, attack, authentication, backdoor, breach, business, china, cloud, control, corporate, credentials, cve, cvss, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, finance, flaw, fortinet, government, group, hacker, healthcare, identity, infection, injection, Internet, iran, ivanti, jobs, malicious, malware, mfa, microsoft, mitigation, mobile, moveIT, north-korea, okta, open-source, phishing, pypi, ransomware, rce, remote-code-execution, risk, russia, scam, software, sql, strategy, supply-chain, tactics, theft, tool, unauthorized, update, vpn, vulnerability, zero-day

In 2024, hackers had a field day finding sneaky ways into systems, from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices.”While every year brings new…
BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Dec 25, 2024 11:43 PM

Tags: apt, group, iran, kaspersky, malicious, malware

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao malware dubbed BellaCPP, Kaspersky researchers warn. The Iran-linked APT group Charming Kitten has been observed using a C++ variant of the BellaCiao malware, dubbed BellaCPP. BellaCiao, a .NET-based malware, combines webshell persistence with covert tunneling. The malicious code was first…
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

Dec 25, 2024 12:43 PM

Tags: cybersecurity, group, hacking, iran, kaspersky, malware

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao.Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the BellaCiao…
The 2024 cyberwar playbook: Tricks used by nation-state actors

Dec 25, 2024 7:43 AM

Tags: access, ai, apt, at&t, attack, authentication, backdoor, blizzard, botnet, breach, china, cisa, cloud, control, credentials, cve, cvss, cyber, cybersecurity, data, ddos, defense, detection, email, espionage, exploit, flaw, fortinet, google, government, group, hacker, hacking, healthcare, india, infrastructure, iran, ivanti, linux, login, malicious, malware, mfa, microsoft, mobile, network, offense, office, open-source, password, phishing, powershell, remote-code-execution, router, russia, service, social-engineering, software, spear-phishing, spy, strategy, supply-chain, tactics, theft, threat, tool, unauthorized, update, vpn, vulnerability, warfare, windows, worm, zero-day

In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless, they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.”There was definitely a continued and noted uptick in nation-state activity in…
Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access

Dec 23, 2024 12:44 PM

Tags: access, advisory, cyber, cybersecurity, exploit, hacker, iran

A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using the online persona >>CyberAv3ngers.
Iranian Hackers Launched A Massive Attack to Exploit Global ICS Infrastructure

Dec 19, 2024 10:42 AM

Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, hacker, infrastructure, iran, malicious, tactics, threat

In a joint cybersecurity advisory, the FBI, CISA, NSA, and partner agencies from Canada, the United Kingdom, and Israel have issued an urgent warning about ongoing malicious cyber activities by advanced persistent threat (APT) actors affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). The advisory provides critical new details on tactics, techniques, and procedures (TTPs)…
Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls

Dec 16, 2024 2:42 PM

Tags: attack, cctv, control, cyber, cyberattack, exploit, firewall, hacker, infrastructure, iot, iran, malware, router, vulnerability

Recent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in Israel and the US, have been attributed to the Iranian-backed CyberAv3ngers. The attacks, leveraging a custom-built malware named IOCONTROL, exploit vulnerabilities in IoT and OT devices, such as routers, PLCs, HMIs, and firewalls. The malware, designed to operate on various platforms,…
IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Dec 15, 2024 12:05 AM

Tags: group, infrastructure, iot, iran, malware, threat

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty’s Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-linked threat actors to target devices in infrastructure located in Israel and U.S.. According to the experts Iran-linked threat group CyberAv3ngers reportedly targeted fuel…
Iranian malware linked to recent attacks on US, Israeli infrastructure

Dec 14, 2024 10:07 PM

Tags: attack, infrastructure, iran, malware

First seen on scworld.com Jump to article: www.scworld.com/news/iranian-malware-linked-to-recent-attacks-on-us-israeli-infrastructure
Iran-linked crew used custom ‘cyberweapon’ in US critical infrastructure attacks

Dec 14, 2024 5:05 AM

Tags: attack, infrastructure, iot, iran

IOCONTROL targets IoT and OT devices from a ton of makers, apparently First seen on theregister.com Jump to article: www.theregister.com/2024/12/13/iran_cyberweapon_us_attacks/
Researchers: Iranian Custom Malware Targets Fuel Systems

Dec 13, 2024 10:05 PM

Tags: attack, group, hacking, infrastructure, iot, iran, malware

e=4>An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated CyberAv3ngers swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-iranian-custom-malware-targets-fuel-systems-a-27058
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms

Dec 13, 2024 2:05 PM

Tags: attack, cctv, control, cybersecurity, data, iot, iran, linux, malware, router, technology, threat

Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States.The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers,…
Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel

Dec 13, 2024 1:05 PM

Tags: group, hacker, iot, iran, malware, threat

The Iranian threat group CyberAv3ngers has used custom-built malware named IOCONTROL to target IoT and OT devices in the US and Israel. The post Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/iranian-hackers-use-iocontrol-malware-to-target-ot-iot-devices-in-us-israel/
Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems

Dec 13, 2024 1:05 PM

Tags: attack, group, iran, malware

IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-nation-sate-industrial/
New IOCONTROL malware used in critical infrastructure attacks

Dec 12, 2024 10:05 PM

Tags: attack, infrastructure, Internet, iran, malware, threat

Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-iocontrol-malware-used-in-critical-infrastructure-attacks/
Meta’s Q3 2024 Adversarial Threat Report: Global Disinformation Networks Disrupted

Dec 10, 2024 5:07 AM

Tags: disinformation, india, iran, network, threat

Meta has released its Third Quarter Adversarial Threat Report for 2024, detailing the disruption of five covert influence operations across the globe, including networks originating in India, Iran, Lebanon, and... First seen on securityonline.info Jump to article: securityonline.info/metas-q3-2024-adversarial-threat-report-global-disinformation-networks-disrupted/
8 biggest cybersecurity threats manufacturers face

Dec 6, 2024 8:48 AM

Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windows

The manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
Meta: Russia tops disinformation ops, followed by Iran and China

Dec 5, 2024 9:50 PM

Tags: china, disinformation, iran, russia

First seen on scworld.com Jump to article: www.scworld.com/news/meta-russia-tops-disinformation-ops-followed-by-iran-and-china
Nato befürchtet neue schwere Sabotageakte und Cyberangriffe

Dec 5, 2024 2:48 PM

Tags: china, cyberattack, infrastructure, Internet, interpol, iran, mail, north-korea
Cyberangriff auf eine Eisenbahngesellschaft in Iran

Dec 1, 2024 9:22 AM

Tags: cyberattack, iran

First seen on iranintl.com Jump to article: www.iranintl.com/en/202403246859
Cyberangriff auf ein Stahlwerk im Iran

Dec 1, 2024 6:21 AM

Tags: cyberattack, iran

First seen on rferl.org Jump to article: www.rferl.org/a/iran-khuzestan-steel-cyberattack-halts-production/31916878.html
Iranian Cyber Actors (IRGC) – Targeting the 2024 U.S. Presidential Election

Dec 1, 2024 12:18 AM

Tags: cyber, election, iran

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/iranian-cyber-actors-irgc-targeting-the-2024-us-presidential-election
New Backdoor Used By Iranian State-Sponsored Group

Dec 1, 2024 12:18 AM

Tags: backdoor, communications, government, group, intelligence, iran

The backdoor is being used for intelligence gathering campaigns against U.S. organizations in the government, communications equipment, oil and gas an… First seen on duo.com Jump to article: duo.com/decipher/new-backdoor-used-by-iranian-state-sponsored-group
Zero Day Exploit Reuse and A Busy Week for Iranian APTs

Dec 1, 2024 12:18 AM

Tags: apt, cisa, exploit, group, intelligence, iran, threat, zero-day

The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups ta… First seen on duo.com Jump to article: duo.com/decipher/zero-day-exploit-reuse-and-a-busy-week-for-iranian-apts
US offers $10 million bounty for members of Iranian hacking gang

Nov 26, 2024 5:01 PM

Tags: hacking, iran

First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/us-offers-10-million-bounty-for-members-of-iranian-hacking-gang
Israel subjected to Iranian attacks with new WezRat infostealer

Nov 18, 2024 10:53 PM

Tags: attack, iran

First seen on scworld.com Jump to article: www.scworld.com/brief/israel-subjected-to-iranian-attacks-with-new-wezrat-infostealer
WezRat: The Modular Infostealer Weaponized by Iranian Cyber Group Emennet Pasargad

Nov 18, 2024 5:53 AM

Tags: cyber, group, iran, tool

In a comprehensive analysis released by Check Point Research (CPR), the WezRat infostealer has been identified as a sophisticated tool in the arsenal of the Iranian cyber group Emennet Pasargad,... First seen on securityonline.info Jump to article: securityonline.info/wezrat-the-modular-infostealer-weaponized-by-iranian-cyber-group-emennet-pasargad/