Tag: iran
-
Iranian State APT Blitzes Telcos & Satellite Companies
A Charming Kitten subgroup is performing some of the most bespoke cyberattacks ever witnessed in the wild, to down select high-value targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iranian-state-apt-telcos-satellite-companies
-
Iranian State APT Blitzes Telcos & Satellite Companies
A Charming Kitten subgroup is performing some of the most bespoke cyberattacks ever witnessed in the wild, to down select high-value targets. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iranian-state-apt-telcos-satellite-companies
-
Russland und China nehmen deutsche Wirtschaft ins Visier
Laut einer Bitkom-Umfrage kommen die meisten Cyberangriffe auf Unternehmen hierzulande noch immer aus Russland und China.Knapp drei von vier Unternehmen hierzulande berichten von zunehmenden Angriffen analog und digital. Der Schaden wird auf rund 289 Milliarden Euro geschätzt. Das geht aus einer repräsentativen Befragung von mehr als 1.000 Unternehmen unterschiedlicher Branchen durch den Digitalverband Bitkom hervor. Demnach…
-
Cryptohack Roundup: US Sanctions Iran Shadow Banking Network
Also: Man Denied Bankruptcy Discharge Over $12.5M Crypto Ponzi Debts. U.S. sanctions Iranian shadow banking network, Texas man denied bankruptcy discharge, Nemo blames $2.6M exploit on developer errors, THORChain founder hacked, Shibarium Bridge hit by $2.4M hack, Denver court rules pastor’s $3.3M project a fraud and NYDFS tells banks to use blockchain analytics. First seen…
-
What’s Old Is New Again as Iranian Hackers Exploit Macros
MuddyWater Also Embraces Bulletproof Hosts and Custom Malware. The Iranian nation-state cyberespionage group MuddyWater is going back to the future with attacks featuring Microsoft Office documents with malicious macros. It is also shifting to homegrown malware in place of commercial remote monitoring and management tools, said researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/whats-old-new-again-as-iranian-hackers-exploit-macros-a-29465
-
MuddyWater Deploys Custom Multi-Stage Malware Hidden Behind Cloudflare
Since early 2025, cybersecurity analysts have witnessed a marked evolution in the tactics and tooling of MuddyWater, the Iranian state-sponsored Advanced Persistent Threat (APT) group. Historically known for broad Remote Monitoring and Management (RMM) campaigns, MuddyWater has pivoted to highly targeted spearphishing operations and bespoke backdoors. This shift underscores the group’s growing sophistication and its…
-
Israel announces seizure of $1.5M from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
Israel announces seizure of $1.5 million from crypto wallets tied to Iran
The Israeli government ordered the seizure of 187 wallets it said belong to the IRGC, which have over time received $1.5 billion in crypto, according to a blockchain analysis firm. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/15/israel-announces-seizure-of-1-5-million-from-crypto-wallets-tied-to-iran/
-
Iran-Nexus Hackers Impersonate Omani MFA to Target Governments Entities
Tags: breach, communications, cyber, cybersecurity, exploit, government, group, hacker, intelligence, iran, malicious, mfa, phishing, spear-phishingCybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman to deliver malicious payloads to government entities worldwide. Analysts attribute the operation to the “Homeland Justice” group, believed to be aligned with Iran’s Ministry of Intelligence and Security (MOIS). Leveraging stolen diplomatic communications, encoded macros,…
-
Iran MOIS Phishes 50+ Embassies, Ministries, Int’l Orgs
The Homeland Justice APT tried spying on countries and organizations from six continents, using more than 100 hijacked email accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iran-mois-50-embassies-ministries-intl-orgs
-
Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats
An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world.The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice.”Emails were sent to…
-
Iran-Nexus Hackers Exploit Omani Mailbox to Target Governments
Tags: authentication, communications, cyber, exploit, government, group, hacker, intelligence, iran, mfa, phishing, spear-phishingA sophisticated spear-phishing campaign that exploited a compromised mailbox belonging to the Ministry of Foreign Affairs of Oman. The operation, attributed to an Iranian-aligned group known as Homeland Justice and linked to Iran’s Ministry of Intelligence and Security (MOIS), masqueraded as legitimate multi-factor authentication (MFA) communications to infiltrate governments and diplomatic missions around the world.…
-
Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats
The post Beyond Phishing: Iranian-Aligned Group Abuses Omani Mailbox to Spy on Diplomats appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/beyond-phishing-iranian-aligned-group-abuses-omani-mailbox-to-spy-on-diplomats/
-
Security Affairs newsletter Round 539 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships New zero-click exploit allegedly used…
-
Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships
Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL. The hacking group Lab Dookhtegan allegedly disrupted the communications of 60 Iranian ships. The attack hit at least 39 tankers and 25 cargo ships operated by Iranian maritime companies National Iranian Oil Tanker Company and Iran Shipping Lines, which…
-
DOGE Put Everyone’s Social Security Data at Risk, Whistleblower Claims
Plus: China’s Salt Typhoon hackers target 600 companies in 80 countries, Tulsi Gabbard purges CIA agents, hackers knock out Iranian ship communications, and more. First seen on wired.com Jump to article: www.wired.com/story/doge-social-security-data-at-risk-whistleblower/
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
BSidesSF 2025: WHOIS Your Daddy: Tracking Iranian-Backed Cyber Operations With Passive DNS
Creator, Author and Presenter: Austin Northcutt Our deep appreciation to Security BSides – San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon – certainly a venue like no other; and via the organization’s YouTube…
-
Hackers Lay in Wait, Then Knocked Out Iran Ship Comms
Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/hackers-knocked-out-iran-ship-comms
-
Hackers Lied In Wait, Then Knocked Out Iran Ship Comms
Lab-Dookhtegen claims major attack on more than 60 cargo ships and oil tankers belonging to two Iranian companies on US sanctions list. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/hackers-knocked-out-iran-ship-comms
-
Hackers Disrupt Iranian Ships via Maritime Communication Terminals Exploiting MySQL Database
The National Iranian Tanker Company (NITC) and Islamic Republic of Iran Shipping Lines (IRISL), two sanctioned companies, are the operators of 64 boats, 39 tankers, and 25 cargo ships that were compromised in a targeted attack on Iran’s maritime infrastructure by the hacking collective Lab-Dookhtegan. Rather than attempting direct breaches of individual ships, which are…
-
MuddyWater APT Targets CFOs via OpenSSH; Enables RDP and Scheduled Tasks
A sophisticated spear-phishing campaign attributed to the Iranian-linked APT group MuddyWater is actively compromising CFOs and finance executives across Europe, North America, South America, Africa, and Asia. The attackers impersonate recruiters from Rothschild & Co, deploying Firebase-hosted phishing pages that incorporate custom math-based CAPTCHA challenges to evade detection and lend legitimacy. These lures lead victims…
-
Russia-linked European attacks renew concerns over water cybersecurity
Water utilities should remain vigilant: Although most water facility operators have received repeated warnings over the years that they are desirable targets for Russian, Iranian, and Chinese threat actors, experts say these latest incidents underscore the need to remain vigilant and step up security efforts. If water assets owners have “any kind of control system online,…
-
DEF CON volunteers step up to help water sector after China, Iran attack utilities
The DEF CON Franklin project paired volunteer cybersecurity experts with water utilities in four states, hardening their systems against potential nation-state threats. The founders expect that the model can work on a larger scale. First seen on therecord.media Jump to article: therecord.media/def-con-franklin-water-utility-cybersecurity-volunteers
-
IRGC-Linked Hackers Target Financial, Government, and Media Organizations
A sophisticated network of hackers with ties to Iran’s Islamic Revolutionary Guard Corps (IRGC) unleashed a barrage of cyber-operations designed to disrupt adversaries, steal sensitive data, and propagate ideological narratives. SecurityScorecard’s STRIKE threat intelligence team analyzed over 250,000 messages from 178 active groups, revealing a highly coordinated digital campaign that mirrored military actions on the…
-
Pro-Iran Hackers Aligned Cyber with Kinetic War Aims
SecurityScorecard analysis highlights wide variety of Iranian threat actors and coordination with military activity First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/proiran-hackers-aligned-cyber/
-
32% of exploited vulnerabilities are now zero-days or 1-days
Russian and Iranian threat activity rises: The security industry attributes only some of the newly discovered exploits to known attacker groups, and only some of those groups have known countries of origin. As a result, statistics on the origin of attacks are not perfect.During the first half of 2025, 181 of CVEs added to the…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Lookout Discovers Iranian APT MuddyWater Leveraging DCHSpy During Israel-Iran Conflict Uncovering a Stealthy WordPress Backdoor in mu-plugins NPM package ‘is’ with 2.8M weekly downloads infected devs with malware Coyote in the Wild: First-Ever […]…
-
DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures
The post DCHSpy Android Spyware Linked to Iran’s MuddyWater APT, Targets Geopolitical Foes with Starlink Lures appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/dchspy-android-spyware-linked-to-irans-muddywater-apt-targets-geopolitical-foes-with-starlink-lures/
-
Apple alerted Iranians to iPhone spyware attacks, say researchers
Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/22/apple-alerted-iranians-to-iphone-spyware-attacks-say-researchers/