Tag: iran
-
Iran claims to repel cyberattack on critical infrastructure
First seen on scworld.com Jump to article: www.scworld.com/news/iran-claims-to-repel-cyberattack-on-critical-infrastructure
-
Iran claims it stopped large cyberattack on country’s infrastructure
An Iranian state official said the country repelled “widespread and complex cyber attacks” on unspecified infrastructure over the weekend. First seen on therecord.media Jump to article: therecord.media/iran-cyberattack-national-infrastructure
-
Israel subjected to persistent targeting by Iranian hackers
First seen on scworld.com Jump to article: www.scworld.com/brief/israel-subjected-to-persistent-targeting-by-iranian-hackers
-
Erodiert die Security-Reputation der USA?
Tags: business, ceo, china, cisa, ciso, cybersecurity, cyersecurity, endpoint, exploit, germany, governance, government, intelligence, iran, kaspersky, north-korea, service, strategy, threat, usaTrump stiftet Verunsicherung auch wenn’s um Cybersicherheit geht.Nachdem US-Präsident Donald Trump nun auch Cybersicherheitsunternehmen per Executive Order für abweichende politische Positionen abstraft, befürchten nicht wenige Branchenexperten, dass US-Sicherheitsunternehmen künftig ähnlich in Verruf geraten könnten wie ihre russischen und chinesischen Konkurrenten. Die zentralen Fragen sind dabei:Können sich CISOs beziehungsweise ihre Unternehmen künftig noch auf US-amerikanische Bedrohungsinformationen…
-
CyberAv3ngers: The Iranian Saboteurs Hacking Water and Gas Systems Worldwide
Despite their hacktivist front, CyberAv3ngers is a rare state-sponsored hacker group bent on putting industrial infrastructure at risk”, and has already caused global disruption. First seen on wired.com Jump to article: www.wired.com/story/cyberav3ngers-iran-hacking-water-and-gas-industrial-systems/
-
Israel Enters ‘Stage 3’ of Cyber Wars With Iran Proxies
While Israel and Iranian proxies fight it out IRL, their conflict in cyberspace has developed in parallel. These days attacks have decelerated, but advanced in sophistication. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/israel-stage-3-cyber-wars-with-iran-proxies
-
Iran’s MOIS-Linked APT34 Spies on Allies Iraq & Yemen
The Islamic Republic is keeping its enemies close and its friends closer, with espionage attacks aimed at nearby neighbors. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/irans-mois-linked-apt34-spies-allies-iraq-yemen
-
New IOCONTROL Malware Let Attackers Control Critical Infrastructure Gain Remote Access
A new malware strain called IOCONTROL has emerged, posing a significant threat to Internet of Things (IoT) devices and operational technology (OT) systems, particularly those in critical infrastructure. First observed in December 2024, IOCONTROL is allegedly created by the anti-Israeli and pro-Iranian hacktivist group >>Cyber Av3ngers.
-
Windows Shortcut-Exploit seit 2017 von staatlichen Hackers als 0-Day genutzt
Sicherheitsforscher der Trend Micro Zero Day Initiative (ZDI) weisen auf eine 0-Day-Schwachstelle ( ZDI-CAN-25373) in Windows hin, die wohl seit 2017 von 11 staatlich unterstützten Hackergruppen aus Nordkorea, Iran, Russland und China ausgenutzt wird. Microsoft hat die Schwachstelle in Verknüpfungsdateien … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/20/windows-shortcut-exploit-seit-2017-von-staatlichen-hackers-als-0-day-genutzt/
-
State-Backed Hackers Exploiting Windows Zero-Day Since 2017
At least 11 state-sponsored hacking groups from North Korea, Iran, Russia, and China have been actively exploiting a newly uncovered Windows zero-day vulnerability in cyber espionage and data theft attacks since 2017. Despite clear evidence of exploitation, Microsoft has declined… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/zdi-can-25373-zero-day-exploited-since-2017/
-
New Windows zero-day feared abused in widespread espionage for years
.The zero-day vulnerability, tracked as ZDI-CAN-25373, has yet to be publicly acknowledged and assigned a CVE-ID by Microsoft. ZDI-CAN-25373 has to do with the way Windows displays the contents of .lnk files, a type of binary file used by Windows to act as a shortcut to a file, folder, or application, through the Windows UI.A…
-
Hacker nutzen alte Windows-Sicherheitslücke aus Microsoft tut nichts
Tags: bug, bug-bounty, china, cyberattack, exploit, germany, hacker, iran, microsoft, military, north-korea, update, vulnerability, windowsExperten des Sicherheits-Unternehmens Trend Micro haben eine als ZDI-CAN-25373 bezeichnete Sicherheitslücke in Windows entdeckt, die Angreifer seit mindestens 2017 ausnutzen. Über die Lücke können die Angreifer Schadcode auf den betroffenen Windows-Rechnern ausführen, sofern der Benutzer eine verseuchte Webseite besucht oder eine infizierte Datei öffnet.Die Lücke steckt in der Vorgehensweise, wie Windows .lnk-Dateien (Verknüpfungsdateien) verarbeitet. Angreifer können Kommandozeilen-Befehle, die…
-
New Windows zero-day exploited by 11 state hacking groups since 2017
At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…
-
Groups From China, Russia, Iran Hitting OT Systems Worldwide
Threat Groups Are Mapping OT Networks for Future Targeting, Warns Dragos. A China-linked threat group called Voltzite is targeting operational technology systems at critical infrastructure organizations worldwide to steal network diagrams, OT operating instructions and information about geographic information systems, said cybersecurity firm Dragos. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/groups-from-china-russia-iran-hitting-ot-systems-worldwide-a-27722
-
Russland, China, Nordkorea und der Iran – Staaten profitieren durch finanziell motivierte Cyberkriminalität
First seen on security-insider.de Jump to article: www.security-insider.de/google-mandiant-anstieg-finanziell-motivierter-cyberangriffe-a-74abaf676d92e40033d97f21784161f4/
-
CISOs müssen OT-Risiken stärker adressieren
Tags: china, ciso, cyber, cyberattack, exploit, firewall, hacker, infrastructure, Internet, iran, kev, kritis, military, ransomware, risk, technology, update, vulnerabilityDa Angriffe auf OT-Bereiche zunehmen, sollten CISOs einen Exposure-Management-Ansatz verfolgen.Die Bedrohungen gegen die Betriebstechnik (Operational Technology, OT) der kritischen Infrastruktur (KRITIS) verschärfen sich kontinuierlich. China baut offensive Komponenten in amerikanische Militär- und Unternehmensnetzwerke ein. Zudem haben chinesische Hacker Telekommunikationsunternehmen und Internetdienstleister infiltriert, um Zivilisten auszuspionieren. Seit etlichen Jahren, also bereits deutlich vor dem Angriffskrieg, greift…
-
Breach Roundup: US Sanctions Iran-Based Nemesis Admin
Also, BianLian Ransomware Hackers Aren’t Really Mailing You. This week, the U.S. sanctioned the Nemesis admin, Poco RAT spotted in Latin America, Apple challenged a British order to weaken encryption and the FBI warned against scam letters purportedly from BianLian. Also, a Nigerian tax scammer extradited to the U.S., a new botnet and a Webex…
-
Identifying Cyber Attack Patterns Through Threat Actor Infrastructure Analysis
Kudelski Security Research recently published an article detailing advanced methods for tracking and analyzing threat actor infrastructure, providing valuable insights into cyber attack patterns and attribution techniques. Decoding Threat Actor Infrastructure: A Case Study The research team demonstrated their approach using a phishing campaign targeting U.S. and Israeli government officials, attributed to the Iranian group…
-
Iranian Hackers Target UAE Firms With Polyglot Files
An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano. The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/iranian-hackers-target-uae-firms-with-polyglot-files/
-
U.S. Cracks Down on Nemesis Darknet Admin with New Treasury Sanctions
The U.S. Department of the Treasury has intensified its global campaign against darknet-facilitated drug trafficking by sanctioning Behrouz Parsarad, the Iran-based administrator of the notorious Nemesis Marketplace. The move, announced on March 5, 2025, follows a 2024 international law enforcement operation that dismantled the platform, which enabled over $30 million in illicit drug sales”, including…
-
US Sanctions Iranian Administrator of Nemesis Darknet Marketplace
Iranian national Behrouz Parsarad sanctioned for running Nemesis, a marketplace used for narcotics trafficking and cybercrime. The post US Sanctions Iranian Administrator of Nemesis Darknet Marketplace appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-sanctions-iranian-administrator-of-nemesis-darknet-marketplace/
-
Iran linked to more than 20 plots to kill or kidnap British citizens and residents
The Iranian regime “has become increasingly emboldened, asserting itself more aggressively,” including kidnapping and murder plots, said Dan Jarvis, the U.K. government’s security minister. First seen on therecord.media Jump to article: therecord.media/iran-britain-kidnapping-murder-plots-dan-jarvis-mi5
-
More than 86K IoT devices compromised by fast-growing Eleven11 botnet
The Iran-linked botnet has a large presence in the U.S. and is targeting telecom and other firms with DDoS attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/86000-iot-compromised-eleven11-botnet/741507/
-
Treasury sanctions Iranian national behind defunct Nemesis darknet marketplace
The Iran-based administrator behind a darknet marketplace was sanctioned by the Treasury Department on Tuesday, one year after the platform was taken down in a law enforcement operation. First seen on therecord.media Jump to article: therecord.media/iran-national-sanctioned-nemesis-marketplace
-
Suspected Iran-backed hackers target UAE with newly discovered ‘Sosano’ malware
Researchers say they spotted new backdoor malware that suspected Iranian regime-backed hackers have aimed at sectors such as aviation, satellite communications and critical transportation infrastructure in the United Arab Emirates. First seen on therecord.media Jump to article: therecord.media/sosano-malware-targets-uae-iran-suspected
-
Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector
Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano.The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October First seen…