Tag: iran
-
Europe sanctions Chinese and Iranian firms for cyberattacks
The European Union Council has announced sanctions against three entities and two individuals for their involvement in cyberattacks targeting critical infrastructure in the region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europe-sanctions-chinese-and-iranian-firms-for-cyberattacks/
-
Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices
The hack, which brought ongoing widespread disruption to the company’s operations, is thought to be the first major cyberattack in the United States in response to the Trump administration’s war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/17/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices/
-
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach
State-sponsored attackers joined by Chinese snoops and hackers-for-hire in latest round of economic penalties First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/eu_iran_cyber_sanctions/
-
Iran War: Kinetic, Cyber, Electronic and Psychological Warfare Convergence
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/iran-war-kinetic-cyber-electronic-and-psychological-warfare-convergence
-
Iranian Hackers Use Compromised Cameras for Regional Surveillance
Tags: apt, cctv, cyber, exploit, group, hacker, infrastructure, intelligence, Internet, iran, middle-eastIranian cyber actors are expanding operations targeting US organizations while also exploiting internet-connected cameras across the Middle East for intelligence collection and battlefield awareness. Recent incidents tied to APT group MuddyWater, camera”‘focused infrastructure, and hacktivist collective Handala point to an ecosystem that is operational but constrained, prioritizing persistence, visibility, and selective disruption over large”‘scale, coordinated cyber campaigns.…
-
EU sanctions Chinese company behind 65,000-device hack
The EU Council has sanctioned companies from China and Iran, along with two individuals, over cyberattacks targeting its member states and partners. “Those listed are subject … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/17/eu-sanctions-china-iran-cyberattacks/
-
Cyberangriffe seit Iran-Krieg um 245 Prozent gestiegen
Der Sicherheitsanbieter Akamai meldet einen Zuwachs von 245 Prozent beim schädlichen Internetverkehr. Angreifer operieren vor allem über Proxy-Infrastruktur in Russland und China. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberangriffe-seit-iran-krieg
-
Stryker Targeted by Large-Scale Wiper Attack, Tens of Thousands of Devices Lost
Global medical technology giant Stryker suffered a massive cybersecurity incident on March 11, 2026, resulting in the remote wiping of thousands of corporate devices. A pro-Iranian hacktivist group known as Handala has claimed responsibility for the attack, which severely disrupted Stryker’s internal Microsoft environment, manufacturing, and shipping operations. Technical Execution Vector Unlike traditional destructive cyberattacks,…
-
Health Sector Braces for Stryker Hack Supply Chain Shock
Medical Device Manufacturer Hack Was Likely Opportunistic. An Iranian cyberattack on medical device maker Stryker’s internal IT environment does not appear to affect connected products used by the company’s healthcare clients. But an outage of Stryker’s electronic ordering system could lead to supply chain issues for its customers. First seen on govinfosecurity.com Jump to article:…
-
Cybercrime has skyrocketed 245% since the start of the Iran war
Hacktivists use proxy services from Russia, China for ‘billions of designed-for-abuse connection attempts’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/16/cybercrime_iran_war_245_percent_rise/
-
Poland Suspects Iranian Actors are Behind Attack on Its Nuclear Power Center
Poland officials say the cyberattack late last week appears to have been launched by an Iranian threat group, though they noted that bad actors not associated with any country in the war could have been behind it and used tactics associated with Iranian threat groups to cover their own tracks. First seen on securityboulevard.com Jump…
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Handala Hackers Exploit RDP and NetBird in Coordinated Wiper Attacks
Handala Hack is an Iranian state-linked destructive actor that combines old-school RDP-heavy intrusions with new tools like NetBird and AI-assisted wipers to devastate victim networks rapidly. Handala Hack is an online persona operated by Void Manticore (also tracked as Red Sandstorm and Banished Kitten), a threat actor affiliated with Iran’s Ministry of Intelligence and Security (MOIS). Additional…
-
Iranian-U.S./Israeli Hostilities Lead to Increased Threat Landscape
Overview This is an update to the Cyber Heads-up we posted back on March 4, 2026, with detailed information about Iranian threat activity tied to ongoing U.S./Israeli operations. Analysis At the start of hostilities with Iran, we at Assura took proactive steps to identify and create alerts for known Iranian-sponsored Indicators of Compromise (IOC). We”¦…
-
New Federal Strategies, Rising Risk From Iran Top Cyber Themes
When cybersecurity experts from the public and private sectors gathered this week, AI and critical infrastructure took a back seat to frontline defense in light of recent international headlines. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/new-federal-strategies-rising-risk-from-iran-top-cyber-themes/
-
ISMG Editors: Iran Conflict Expands Into Cyber Warfare
Also: the Pentagon-Anthropic AI Legal Showdown, the New Reality of Document Fraud. In this week’s panel, four ISMG editors discuss the cyber activity tied to the U.S.-Israel-Iran conflict, the Pentagon’s standoff with AI firm Anthropic and a new report that reveals how document fraud reflects deeper weaknesses in verification systems. First seen on govinfosecurity.com Jump…
-
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/
-
Iran-Linked Hacktivists Claim Destructive Cyberattack on Medtech Firm Stryker
A hacktivist group with alleged links to Iran’s intelligence agencies has claimed responsibility for a destructive cyberattack against Stryker, the Michigan-based global medical technology company, in an incident that reportedly disrupted operations across the company’s international network. News reports from Ireland, Stryker’s largest hub outside the United States, said the company sent more than 5,000…
-
Iran War Bait Fuels TA453, TA473 Phishing Campaigns
Tags: cloud, credentials, cyber, espionage, exploit, government, iran, malware, middle-east, phishing, service, theft, threatTA453, TA473, and several emerging threat clusters are exploiting breaking news about the Iran war to run highly targeted phishing campaigns against governments and policy organizations across the Middle East and beyond. These operations blend traditional espionage with opportunistic credential theft and malware delivery, often abusing compromised government accounts and trusted cloud services to increase…
-
Iran-Linked Handala Ramps Up Wiper Attacks on Israeli, Western Targets
Tracking an increased risk of wiper attacks related to the conflict with Iran, including multiple related incidents impacting organizations in Israel and the US. For the latest intelligence on cyberattacks. The campaign uses destructive “wiper” malware designed to erase systems and disrupt business operations permanently. Security experts believe these activities are part of a broader…
-
Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict
It’s been difficult early on to separate signal from noise, even if the attack on the medical device maker looks like a qualified success for the attackers. First seen on cyberscoop.com Jump to article: cyberscoop.com/stryker-cyberattack-iranian-hackers-handala/
-
Iran MOIS Colludes With Criminals to Boost Cyberattacks
Iranian APTs have long pretended to be cybercriminal groups. Now they’re working with actual cybercriminal groups. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/iran-mois-criminals-cyberattacks
-
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
Tags: access, attack, authentication, best-practice, ceo, computer, credentials, cyber, cyberattack, data, flaw, group, hacker, identity, infrastructure, intelligence, iran, jobs, mobile, phone, service, software, supply-chain, theft, threat, updateHandala claims credit: The Handala threat group quickly claimed responsibility for the attack. While the group’s involvement is just a claim for now, Stryker employees reportedly saw a version of the Handala logo a cartoon of a Palestinian boy with his back turned and hands crossed behind him on affected devices.Handala’s identity is hard to…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…
-
Why Stryker’s Outage Is a Disaster Recovery Wake-Up Call
The Iranian cyberattack on Stryker is the kind of stress test that business continuity and disaster recovery programs often do not plan for. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/stryker-outage-disaster-recovery-wake-up-call
-
“Handala Hack” Unveiling Group’s Modus Operandi
ey Findings Introduction Handala Hack, also tracked by Check Point Research as Void Manticore, is an Iranian threat actor that is known for multiple destructive wiping attacks combined with “hack and leak” operations. The threat actor operates several online personas, with the most prominent among them beingHomeland Justice, maintained from mid-2022 specifically for multiple attacks…
-
Payment Giant Verifone Disputes Iranian Hacking Group Hit
Tehran-Linked Handala Hackers Disrupt Medtech Giant Stryker, Claim Verifone Breach. As the United States and Israel continue their war with Iran, Tehran-linked hacking group Handala has entered the fray, claiming credit for wiping systems at medical technology firm Stryker, which confirmed the attack, as well as breaching payment device maker Verifone, which denied being breached.…