Tag: iran
-
Elusive Iranian APT Phishes Influential US Policy Wonks
Iran is spying on American foreign policy influencers. But exactly which of its government’s APTs is responsible remains a mystery. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/iranian-apt-phishes-us-policy-wonks
-
Data Leak Outs Hacker Students of Iran’s MOIS Training Academy
Ravin Academy, a school for the Iranian state hackers of tomorrow, has itself, ironically, been hacked. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/data-leak-students-iran-mois-training-academy
-
Data Leak Outs Hacker Students of Iran’s MOIS Training Academy
Ravin Academy, a school for the Iranian state hackers of tomorrow, has itself, ironically, been hacked. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/data-leak-students-iran-mois-training-academy
-
Data Leak Outs Students of Iran’s MOIS Training Academy
A school for the Iranian state hackers of tomorrow has itself, ironically, been hacked. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/data-leak-students-iran-mois-training-academy
-
Data Leak Outs Students of Iran’s MOIS Training Academy
A school for the Iranian state hackers of tomorrow has itself, ironically, been hacked. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/data-leak-students-iran-mois-training-academy
-
The Shadow War: Predatory Sparrow vs. Iran’s Infrastructure
Inside the cyber shadow war where Predatory Sparrow targets Iran’s vital systems. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/the-shadow-war-predatory-sparrow-vs-irans-infrastructure/
-
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Tags: attack, backdoor, cyber, espionage, government, group, intelligence, international, iran, middle-east, phishing, threatAdvanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high confidence, revealing an alarming escalation in the group’s espionage capabilities and operational sophistication. The attack…
-
MuddyWater’s Phoenix Backdoor Infects More Than 100 Government Organizations
Tags: attack, backdoor, cyber, espionage, government, group, intelligence, international, iran, middle-east, phishing, threatAdvanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attributed the campaign to the Iran-linked threat actor with high confidence, revealing an alarming escalation in the group’s espionage capabilities and operational sophistication. The attack…
-
Iranian Intel-Linked Cybersecurity School Hit by Data Breach
Ravin Academy Records Reveal Identities of More Than 1,000 Participants. A public database of internal records from Iran’s Ravin Academy – a cyber school linked to the Ministry of Intelligence – has been published online, exposing potentially sensitive data on over 1,000 trainees, including individuals reportedly tied to Western institutions. First seen on govinfosecurity.com Jump…
-
Iran’s school for cyberspies could’ve used a few more lessons in preventing breaches
Ravin Academy confirms the intrusion on Telegram, says student data was stolen First seen on theregister.com Jump to article: www.theregister.com/2025/10/27/breach_iran_ravin_academy/
-
Breach at Iran’s cyberspy factory results in leak of student data
Ravin Academy confirms the intrusion on Telegram, says investigation continues First seen on theregister.com Jump to article: www.theregister.com/2025/10/27/breach_iran_ravin_academy/
-
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure
A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative political messages. Security…
-
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure
A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative political messages. Security…
-
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure
A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative political messages. Security…
-
Iran’s MuddyWater wades into 100+ government networks in latest spying spree
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/iran_muddywater_campaign/
-
Iran’s MuddyWater wades into 100+ government networks in latest spying spree
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East First seen on theregister.com Jump to article: www.theregister.com/2025/10/24/iran_muddywater_campaign/
-
Phishing campaign across Mideast, North Africa is attributed to Iranian group
The well-known Iranian cyber-espionage operation tracked as MuddyWater spread backdoor malware in recent months through a compromised email account, researchers said. First seen on therecord.media Jump to article: therecord.media/iran-muddywater-phishing-campaign-north-africa-middle-east
-
New Malware Toolkit from MuddyWater Delivers Phoenix Backdoor to Global Targets
Group-IB Threat Intelligence has uncovered a sophisticated phishing campaign orchestrated by the Iran-linked Advanced Persistent Threat group MuddyWater, targeting international organizations worldwide to gather foreign intelligence. The campaign demonstrates the threat actor’s evolving tactics and enhanced operational maturity in exploiting trusted communication channels to infiltrate high-value targets. MuddyWater launched the operation by accessing a compromised…
-
Iran-Linked MuddyWater Deploys Phoenix v4 Backdoor via Compromised Emails and NordVPN Exit Node
The post Iran-Linked MuddyWater Deploys Phoenix v4 Backdoor via Compromised Emails and NordVPN Exit Node appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/iran-linked-muddywater-deploys-phoenix-v4-backdoor-via-compromised-emails-and-nordvpn-exit-node/
-
Iranian hackers targeted over 100 govt orgs with Phoenix backdoor
State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backdoor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/iranian-hackers-targeted-over-100-govt-orgs-with-phoenix-backdoor/
-
Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign
The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute a backdoor called Phoenix to various organizations across the Middle East and North Africa (MENA) region, including over 100 government entities.The end goal of the campaign is to infiltrate high-value targets and…
-
MuddyWater Uses Compromised Mailboxes in Global Phishing Campaign
Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/muddywater-compromised-mailboxes/
-
MuddyWater Targets 100+ Gov Entities in MEA with Phoenix Backdoor
The Iranian threat group is using a compromised mailbox accessed through NordVPN to send phishing emails that prompt recipients to enable macros. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/muddywater-100-gov-entites-mea-phoenix-backdoor
-
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/john-bolton-charged-over-classified-emails-after-iranian-hack-of-his-aol-account
-
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/john-bolton-charged-over-classified-emails-after-iranian-hack-of-his-aol-account
-
John Bolton charged over classified emails after Iranian hack of his AOL account
Former US national security adviser John Bolton is the latest in a line of Donald Trump’s critics to find themselves on the sharp end of charges from the US Department of Justice. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/john-bolton-charged-over-classified-emails-after-iranian-hack-of-his-aol-account
-
Cybersecurity Snapshot: F5 Breach Prompts Urgent U.S. Gov’t Warning, as OpenAI Details Disrupted ChatGPT Abuses
Tags: ai, attack, awareness, backdoor, breach, business, chatgpt, china, cisa, cloud, control, corporate, cve, cyber, cybersecurity, data, data-breach, defense, detection, exploit, framework, fraud, governance, government, group, hacker, incident, infrastructure, Internet, iran, law, LLM, malicious, malware, mitigation, monitoring, network, openai, organized, phishing, privacy, resilience, risk, russia, scam, security-incident, service, software, strategy, supply-chain, technology, threat, training, update, vulnerabilityF5’s breach triggers a CISA emergency directive, as Tenable calls it “a five-alarm fire” that requires urgent action. Meanwhile, OpenAI details how attackers try to misuse ChatGPT. Plus, boards are increasing AI and cyber disclosures. And much more! Key takeaways A critical breach at cybersecurity firm F5, attributed to a nation-state, has triggered an urgent…
-
John Bolton indictment says suspected Iranian hackers accessed his emails, issued threats
The indictment of the former national security adviser is the latest against President Donald Trump’s political enemies. First seen on cyberscoop.com Jump to article: cyberscoop.com/john-bolton-indictment-says-suspected-iranian-hackers-accessed-his-emails-issued-threats/
-
Deutschland größtes Hacker-Ziel in der EU
Tags: authentication, china, cyberattack, defense, extortion, germany, hacker, iran, login, mail, mfa, microsoft, north-korea, password, phishing, ransomware, software, ukraineLaut einer Studie von Microsoft richteten sich 3,3 Prozent aller Cyberangriffe weltweit im ersten Halbjahr 2025 gegen Ziele in Deutschland.Kein Land in der Europäischen Union steht so sehr im Fokus von kriminellen Hackern wie Deutschland. Das geht aus dem Microsoft Digital Defense Report 2025 hervor, den der Software-Konzern in Redmond veröffentlicht hat. Danach richteten sich…
-
APT35: Inside the Structure, Toolset, and Espionage Operations of an IRGC-Linked Group
In a groundbreaking disclosure, CloudSEK’s TRIAD unit has unearthed internal operational materials that shed light on Charming Kitten (APT35), revealing an intricate espionage apparatus linked to Iran’s Islamic Revolutionary Guard Corps (IRGC). The leak comprises over 100 Persian-language files marked with Jalali calendar dates and aligned with Tehran time, underscoring its authenticity. At the apex,…