Collecting Cyber-News from over 60 sources

Tag: iran

CISOs should address identity management ‘as fast as they can’ says CrowdStrike exec

Mar 4, 2025 12:34 AM

Tags: access, ai, attack, authentication, business, china, ciso, crowdstrike, cvss, cyberattack, disinformation, email, exploit, finance, government, identity, iran, jobs, malicious, malware, mfa, microsoft, network, north-korea, password, phishing, phone, powershell, russia, service, social-engineering, spam, switch, tactics, threat, tool, update, vulnerability

Breakout time, how long it takes for an adversary to start moving laterally across at IT network, reached an all-time low last year. The average fell to 48 minutes, while the fastest breakout time dropped to a mere 51 seconds;Voice phishing (vishing) attacks, where adversaries call victims to amplify their activities with persuasive social engineering…
US Cybercom, CISA retreat in fight against Russian cyber threats: reports

Mar 3, 2025 7:34 PM

Tags: apt, blizzard, china, cisa, cyber, cybersecurity, data, government, group, hacker, infrastructure, international, iran, lockbit, microsoft, ransomware, risk, risk-management, russia, threat

Purported shift at CISA away from reporting on Russian threats: Shortly after The Record issued its report, The Guardian reported that the US Cybersecurity and Infrastructure Security Agency (CISA) sent an internal memo setting out new priorities for the agency, including China but excluding Russia. One source said analysts at the agency were verbally informed…
Massive Iran-linked botnet launches DDoS attacks against telecom, gaming platforms

Mar 3, 2025 6:34 PM

Tags: attack, botnet, ddos, iran

Researchers from Nokia Deepfield and GreyNoise warn the botnet has grown to more than 30,000 devices. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/massive-iran-botnet-ddos-telecom/741359/
Microsoft Names Suspects in Lawsuit Against AI Hackers

Feb 28, 2025 12:34 PM

Tags: ai, china, cybercrime, hacker, iran, microsoft, service

In a lawsuit targeting cybercriminals who abuse AI services, Microsoft has named individuals from Iran, the UK, China and Vietnam. The post Microsoft Names Suspects in Lawsuit Against AI Hackers appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/microsoft-names-suspects-in-lawsuit-against-ai-hackers/
Nico Lange: ‘Cybersicherheit ist eine Frage der Verteidigung”

Feb 17, 2025 5:46 PM

Tags: ai, china, conference, cyberattack, cybercrime, cyersecurity, germany, governance, government, infrastructure, iran, north-korea, risk, ukraine, usa

Munich Security Conference Live Studio powered by APCO in Munich, Germany on February 15, 2025. (Photo by Christopher Pike / christopherpike.com) APCO.Welches sind laut dem Münchner Sicherheitsindex die größten Risiken für Europa im Jahr 2025?Nun, ich denke, das größte Risiko besteht in der sogenannten Multipolarisierung. Europa wird Schwierigkeiten haben, sein Geschäftsmodell fortzuführen, das auf den…
APT Groups Using Ransomware ‘Smokescreen’ for Espionage

Feb 13, 2025 11:49 PM

Tags: apt, china, cyberattack, espionage, group, hacker, iran, ransomware, russia

Russian, Iranian and Chinese APTs Among Most Active Ransomware Collaborators. Security researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities. First seen on govinfosecurity.com Jump to article:…
Threat Actors in Russia, China, and Iran Targeting Local communities in the U.S

Feb 13, 2025 2:48 PM

Tags: ai, china, cyber, government, group, intelligence, iran, russia, threat

Foreign adversaries, including Russia, China, and Iran, are intensifying their efforts to manipulate public opinion and destabilize local communities across the United States. These campaigns, once primarily focused on national-level politics, have increasingly targeted state and local governments, community groups, and individuals. Leveraging advanced technologies such as generative artificial intelligence (AI), these actors aim to…
Warning: Cybercrime Services Underpin National Security Risk

Feb 12, 2025 6:55 PM

Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, service

Russia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
Cyber crime meshes with cyber warfare as states enlist gangs

Feb 12, 2025 11:55 AM

Tags: attack, china, crime, cyber, google, group, intelligence, iran, korea, north-korea, russia, threat, warfare

A report from the Google Threat Intelligence Group depicts China, Russia, Iran and North Korea as a bloc using cyber criminal gangs to attack the national security of western countries First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619194/Google-Cyber-crime-meshes-with-cyber-warfare-as-states-enlist-gangs
Extensive Israeli police breach alleged by Iran-linked hackers

Feb 11, 2025 9:56 PM

Tags: breach, hacker, iran

First seen on scworld.com Jump to article: www.scworld.com/brief/extensive-israeli-police-breach-alleged-by-iran-linked-hackers
Handala Hackers Claim Massive Data Breach on Israeli Police, Leak 350,000 Files

Feb 10, 2025 5:55 PM

Tags: breach, data, data-breach, hacker, iran, leak

Iranian-linked hackers claim to have breached Israeli police systems, stealing 2.1TB of sensitive data. Police deny the breach. Learn more about the alleged hack and its implications. First seen on hackread.com Jump to article: hackread.com/handala-hackers-israeli-police-breach-data-leak/
Hackers hijack emergency sirens in kindergartens across Israel

Jan 27, 2025 10:03 PM

Tags: cyber, group, hacker, iran

A hacker group with suspected Iranian links breached an Israeli electronics firm that operates emergency systems in schools and “played songs supporting terrorism” through the devices, Israel’s cyber agency said.]]> First seen on therecord.media Jump to article: therecord.media/hackers-hijack-sirens-iran-israel
Increased cybersecurity cooperation forged by Russia, Iran

Jan 23, 2025 9:22 PM

Tags: cybersecurity, iran, russia

First seen on scworld.com Jump to article: www.scworld.com/brief/increased-cybersecurity-cooperation-forged-by-russia-iran
Iran and Russia deepen cyber ties with new agreement

Jan 22, 2025 7:22 PM

Tags: cyber, iran, russia

The pact between the world’s two most sanctioned nations aims to elevate relations “to a new level,” the Kremlin said.]]> First seen on therecord.media Jump to article: therecord.media/russia-iran-cyber-ties-agreement
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks

Jan 8, 2025 12:18 PM

Tags: attack, botnet, china, ddos, exploit, flaw, infection, iran, router, russia, service, vulnerability

A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States. First seen on…
US military allocated about $30 billion to spend on cybersecurity in 2025

Jan 7, 2025 8:17 AM

Tags: access, ai, attack, best-practice, china, communications, computing, cyber, cybersecurity, data, defense, disinformation, framework, government, group, guide, infrastructure, intelligence, international, iran, law, military, mobile, network, office, ransomware, risk, russia, software, spy, spyware, technology, terrorism, threat, tool, unauthorized, vulnerability

The United States military will receive about $30 billion in cybersecurity funding in fiscal 2025 from $895.2 billion earmarked for US military activities under the National Defense Authorization Act (NDAA), an annual piece of must-pass legislation signed by President Joe Biden last month.The nearly 1,000-page bill’s budget doesn’t enable clear-cut or quick calculations of how…
US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters

Jan 3, 2025 1:17 PM

Tags: disinformation, group, iran, russia

The United States has imposed sanctions on two groups linked to Iranian and Russian efforts to target American voters with disinformation ahead of this year’s election. The post US Imposes Sanctions on Russian and Iranian Groups Over Disinformation Targeting American Voters appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-imposes-sanctions-on-russian-and-iranian-groups-over-disinformation-targeting-american-voters/
Iranian, Russian entities face US sanctions over election interference

Jan 2, 2025 9:17 PM

Tags: election, iran, russia

First seen on scworld.com Jump to article: www.scworld.com/brief/iranian-russian-entities-face-us-sanctions-over-election-interference
US sanctions Russian, Iranian groups for election interference

Dec 31, 2024 9:27 PM

Tags: ai, election, group, intelligence, iran, russia

The two entities are accused of partnering with intelligence agencies using artificial intelligence to conduct information operations against U.S. audiences. First seen on cyberscoop.com Jump to article: cyberscoop.com/russia-china-sanctions-election-interference/
US sanctions Russian and Iranian entities for interfering in presidential election

Dec 31, 2024 7:27 PM

Tags: election, iran, russia

The Treasury Department announced sanctions against the Moscow-based Center for Geopolitical Expertise and Iran’s Cognitive Design Production Center, accusing each entity of operations targeted at American voters prior to the 2024 elections.]]> First seen on therecord.media Jump to article: therecord.media/2024-election-influence-operations-russia-iran-sanctions
New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy

Dec 31, 2024 1:29 PM

Tags: china, data, iran, korea, north-korea, privacy, russia, threat

The U.S. Department of Justice (DoJ) has issued a final rule carrying out Executive Order (EO) 14117, which prevents mass transfer of citizens’ personal data to countries of concern such as China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and Venezuela.”This final rule is a crucial step forward in addressing the extraordinary…
Top 12 ways hackers broke into your systems in 2024

Dec 31, 2024 8:27 AM

Tags: access, adobe, ai, api, apt, attack, authentication, backdoor, breach, business, china, cloud, control, corporate, credentials, cve, cvss, cyber, cybercrime, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, finance, flaw, fortinet, government, group, hacker, healthcare, identity, infection, injection, Internet, iran, ivanti, jobs, malicious, malware, mfa, microsoft, mitigation, mobile, moveIT, north-korea, okta, open-source, phishing, pypi, ransomware, rce, remote-code-execution, risk, russia, scam, software, sql, strategy, supply-chain, tactics, theft, tool, unauthorized, update, vpn, vulnerability, zero-day

In 2024, hackers had a field day finding sneaky ways into systems, from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices.”While every year brings new…
BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Dec 25, 2024 11:43 PM

Tags: apt, group, iran, kaspersky, malicious, malware

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao malware dubbed BellaCPP, Kaspersky researchers warn. The Iran-linked APT group Charming Kitten has been observed using a C++ variant of the BellaCiao malware, dubbed BellaCPP. BellaCiao, a .NET-based malware, combines webshell persistence with covert tunneling. The malicious code was first…
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

Dec 25, 2024 12:43 PM

Tags: cybersecurity, group, hacking, iran, kaspersky, malware

The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao.Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the BellaCiao…
The 2024 cyberwar playbook: Tricks used by nation-state actors

Dec 25, 2024 7:43 AM

Tags: access, ai, apt, at&t, attack, authentication, backdoor, blizzard, botnet, breach, china, cisa, cloud, control, credentials, cve, cvss, cyber, cybersecurity, data, ddos, defense, detection, email, espionage, exploit, flaw, fortinet, google, government, group, hacker, hacking, healthcare, india, infrastructure, iran, ivanti, linux, login, malicious, malware, mfa, microsoft, mobile, network, offense, office, open-source, password, phishing, powershell, remote-code-execution, router, russia, service, social-engineering, software, spear-phishing, spy, strategy, supply-chain, tactics, theft, threat, tool, unauthorized, update, vpn, vulnerability, warfare, windows, worm, zero-day

In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless, they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros.”There was definitely a continued and noted uptick in nation-state activity in…
Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access

Dec 23, 2024 12:44 PM

Tags: access, advisory, cyber, cybersecurity, exploit, hacker, iran

A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using the online persona >>CyberAv3ngers.
Iranian Hackers Launched A Massive Attack to Exploit Global ICS Infrastructure

Dec 19, 2024 10:42 AM

Tags: advisory, attack, cisa, cyber, cybersecurity, exploit, hacker, infrastructure, iran, malicious, tactics, threat

In a joint cybersecurity advisory, the FBI, CISA, NSA, and partner agencies from Canada, the United Kingdom, and Israel have issued an urgent warning about ongoing malicious cyber activities by advanced persistent threat (APT) actors affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). The advisory provides critical new details on tactics, techniques, and procedures (TTPs)…
Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls

Dec 16, 2024 2:42 PM

Tags: attack, cctv, control, cyber, cyberattack, exploit, firewall, hacker, infrastructure, iot, iran, malware, router, vulnerability

Recent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in Israel and the US, have been attributed to the Iranian-backed CyberAv3ngers. The attacks, leveraging a custom-built malware named IOCONTROL, exploit vulnerabilities in IoT and OT devices, such as routers, PLCs, HMIs, and firewalls. The malware, designed to operate on various platforms,…
IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

Dec 15, 2024 12:05 AM

Tags: group, infrastructure, iot, iran, malware, threat

Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware. Claroty’s Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by the Iran-linked threat actors to target devices in infrastructure located in Israel and U.S.. According to the experts Iran-linked threat group CyberAv3ngers reportedly targeted fuel…
Iranian malware linked to recent attacks on US, Israeli infrastructure

Dec 14, 2024 10:07 PM

Tags: attack, infrastructure, iran, malware

First seen on scworld.com Jump to article: www.scworld.com/news/iranian-malware-linked-to-recent-attacks-on-us-israeli-infrastructure