Collecting Cyber-News from over 60 sources

Tag: iran

Cisa tells US organisations to harden endpoint management after Stryker attack

Mar 19, 2026 6:10 PM

Tags: attack, cisa, cyber, endpoint, iran, service

Last week’s cyber attack on the systems of a US medical services company by Iranian hacktivists has prompted an alert from Cisa, urging organisations to reinforce their defensive posture First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640448/Cisa-tells-US-organisations-to-harden-endpoint-management-after-Stryker-attack
FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack

Mar 19, 2026 5:10 PM

Tags: group, hacking, iran

The FBI and the Justice Department took down two websites linked to the pro-Iranian hacktivist group Handala, which last week hacked medical tech giant Stryker. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/
EU Sanctions Companies in China, Iran for Cyberattacks

Mar 19, 2026 9:10 AM

Tags: business, china, cyberattack, iran

Already sanctioned in the US and the UK, these rulings prohibit companies and a couple of principals from entering or doing business in the European Union. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/eu-sanctions-companies-china-iran-cyberattacks
Iran-Linked Botnet Exposed After Open Directory Leak Reveals 15-Node Relay Network

Mar 19, 2026 9:10 AM

Tags: apt, botnet, cyber, data-breach, iran, leak, network, tool

A misconfigured open directory on an Iranian server has exposed a live censorship-bypass relay and SSH-based botnet operation, revealing how a single actor stitched together a 15-node network across Iran and Finland using commodity tools and sloppy operational security. The discovery shows how financially or personally motivated actors can reuse tradecraft seen in Iranian APT…
Stryker Wiper Attack: Hackers Boast as Lawsuits Pile Up

Mar 18, 2026 9:10 PM

Tags: attack, cyberattack, hacker, iran

Medtech Maker Is Still Recovering While Iranian Hackers Threaten More Attack Victims. As medtech maker Stryker continues working to restore global IT systems brought offline by a cyberattack last week, class action lawsuits against the company are piling up in federal court and the Iranian hackers claiming credit for the attack are warning of more…
US intelligence chief grilled on absence of election threats in security assessment

Mar 18, 2026 8:10 PM

Tags: china, cyber, election, intelligence, iran, russia, threat

Previous clandestine community assessments have documented, at least at a high level, attempts by Iran, Russia or China to sway voters with online propaganda or through cyber operations. First seen on therecord.media Jump to article: therecord.media/us-intel-chief-senate-election-security-threat-assessment
Threat groups target cyber-physical systems to disrupt critical infrastructure providers

Mar 18, 2026 6:10 PM

Tags: cyber, group, infrastructure, iran, threat

The Iran war has raised concerns that key industrial sectors could be the target of hacktivists, state actors and other groups. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/threat-groups-target-cyber-physical-systems-to-disrupt-critical-infrastruct/815074/
News brief: Risk of Iran-backed cyberattacks rising in U.S.

Mar 18, 2026 5:10 PM

Tags: cyberattack, iran, risk

Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366640393/News-brief-Risk-of-Iran-backed-cyberattacks-rising-in-US
CISA official says agency has not seen uptick in cyber threats amid Iran war

Mar 18, 2026 4:10 PM

Tags: cisa, cyber, cybersecurity, group, infrastructure, iran, threat

Cybersecurity and Infrastructure Security (CISA) Acting Director Nick Andersen said the agency has been working closely with industry and sector-based groups on threats from Iran in the past couple of weeks. First seen on therecord.media Jump to article: therecord.media/cisa-official-says-agency-has-not-seen-uptick-cyber-threats-iran
Tracking the Iran War: A Month of Escalation and Regional Impact

Mar 18, 2026 11:11 AM

Tags: cyber, iran, middle-east, threat

Iran war likely prolonged, increasing cyber threats, energy disruption, and instability, with companies in the Middle East facing higher risk. Follow me on Twitter:@securityaffairsandFacebookandMastodon PierluigiPaganini (SecurityAffairs hacking, Iran) First seen on securityaffairs.com Jump to article: securityaffairs.com/189604/cyber-warfare-2/tracking-the-iran-war-a-month-of-escalation-and-regional-impact.html
Iran Cyber Ops Merge With PsyOps and EW Amid Escalating Conflict

Mar 18, 2026 11:11 AM

Tags: cyber, iran, warfare

A new phase of the Iran war is unfolding in which ballistic missiles, drones, electronic warfare, and cyber operations are being deployed in parallel, with cyber activity increasingly tied to kinetic targeting, damage assessment, and strategic messaging. Iran’s leadership has framed retaliation as a duty following the death of Ayatollah Ali Khamenei, while President Donald…
Iran’s cyberattack against med tech firm is ‘just the beginning’

Mar 18, 2026 9:10 AM

Tags: cyberattack, iran

Even without a navy, or air power, ‘They’ll still have the ability to hack’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/irans_cyberattack_against_stryker/
Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran

Mar 18, 2026 6:10 AM

Tags: cyberattack, group, iran

Akamai researchers saw a 245% spike in cyberattacks in the first two weeks after the start of the U.S. and Israeli war against Iran as Iranian nation-state groups and independent hacktivists launch increasingly decentralized and destructive cyberattacks, which are expected to increase as long as the kinetic battle continues. First seen on securityboulevard.com Jump to…
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

Mar 18, 2026 5:10 AM

Tags: access, ai, apt, attack, awareness, backdoor, cctv, cisa, cloud, control, cve, cyber, cyberattack, data, data-breach, detection, email, endpoint, exploit, flaw, fortinet, google, government, group, healthcare, identity, infrastructure, intelligence, Internet, iran, kev, malicious, malware, microsoft, mitigation, network, office, phishing, remote-code-execution, risk, technology, theft, threat, training, unauthorized, update, vulnerability, windows, zero-day

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access without triggering user warnings. Key takeaways: CVE-2026-21514 is a Microsoft Word n-day that bypasses OLE and Mark-of-the-Web protections, executing payloads silently without triggering user security prompts Tenable’s…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
Operation Epic Fury: Why exposure data changes everything about Iran’s cyber-kinetic campaign

Mar 18, 2026 5:10 AM

Tags: access, ai, api, apt, attack, backdoor, breach, cctv, cisa, cloud, country, cve, cvss, cyber, cybersecurity, data, data-breach, ddos, detection, dns, espionage, exploit, firewall, flaw, fortinet, government, group, healthcare, identity, infrastructure, intelligence, Internet, iot, iran, kev, malware, microsoft, military, network, office, phishing, radius, remote-code-execution, risk, strategy, supply-chain, technology, threat, unauthorized, update, vpn, vulnerability, warfare, windows

Iran’s retaliatory campaign following Operation Epic Fury has collapsed the boundary between physical and digital warfare. Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets. Key takeaways: Exposure data rebalances the threat picture. A Microsoft…
EU sanctions Chinese and Iranian actors over cyberattacks on critical infrastructure

Mar 18, 2026 12:11 AM

Tags: attack, china, cyber, cyberattack, infrastructure, iran

EU sanctions Chinese and Iranian firms and individuals for cyberattacks targeting critical infrastructure and over 65,000 devices across member states. The Council of the European Union has imposed sanctions on three companies and two individuals linked to cyberattacks against EU countries and partners. >>The Council adopted today restrictive measures against three entities and two individuals responsible for cyber-attacks carried…
EU Belatedly Sanctions Chinese and Iranian Hackers

Mar 18, 2026 12:11 AM

Tags: business, china, hacker, hacking, iran

Chinese Hacking Firm iSoon and Iran’s Emennet Pasargad Among Targets. The European Union sanctioned three Chinese and Iranian hacking operations that have been under U.S. indictments or sanctions for over a year – or, in one case, since 2019. The sanctions freeze assets and forbid EU citizens and companies from funding or otherwise doing business…
Europe sanctions Chinese and Iranian firms for cyberattacks

Mar 17, 2026 8:10 PM

Tags: china, cyberattack, infrastructure, iran

The European Union Council has announced sanctions against three entities and two individuals for their involvement in cyberattacks targeting critical infrastructure in the region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europe-sanctions-chinese-and-iranian-firms-for-cyberattacks/
Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices

Mar 17, 2026 6:10 PM

Tags: cyberattack, hacker, iran

The hack, which brought ongoing widespread disruption to the company’s operations, is thought to be the first major cyberattack in the United States in response to the Trump administration’s war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/17/stryker-says-its-restoring-systems-after-pro-iran-hackers-wiped-thousands-of-employee-devices/
EU sanctions Iranian cyber front over election meddling, Charlie Hebdo breach

Mar 17, 2026 6:10 PM

Tags: breach, china, cyber, election, hacker, iran, jobs

State-sponsored attackers joined by Chinese snoops and hackers-for-hire in latest round of economic penalties First seen on theregister.com Jump to article: www.theregister.com/2026/03/17/eu_iran_cyber_sanctions/
Iran War: Kinetic, Cyber, Electronic and Psychological Warfare Convergence

Mar 17, 2026 4:10 PM

Tags: cyber, iran, warfare

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/iran-war-kinetic-cyber-electronic-and-psychological-warfare-convergence
Iranian Hackers Use Compromised Cameras for Regional Surveillance

Mar 17, 2026 3:10 PM

Tags: apt, cctv, cyber, exploit, group, hacker, infrastructure, intelligence, Internet, iran, middle-east

Iranian cyber actors are expanding operations targeting US organizations while also exploiting internet-connected cameras across the Middle East for intelligence collection and battlefield awareness. Recent incidents tied to APT group MuddyWater, camera”‘focused infrastructure, and hacktivist collective Handala point to an ecosystem that is operational but constrained, prioritizing persistence, visibility, and selective disruption over large”‘scale, coordinated cyber campaigns.…
EU sanctions Chinese company behind 65,000-device hack

Mar 17, 2026 2:10 PM

Tags: china, cyberattack, iran

The EU Council has sanctioned companies from China and Iran, along with two individuals, over cyberattacks targeting its member states and partners. “Those listed are subject … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/17/eu-sanctions-china-iran-cyberattacks/
Cyberangriffe seit Iran-Krieg um 245 Prozent gestiegen

Mar 17, 2026 11:10 AM

Tags: cyberattack, infrastructure, iran

Der Sicherheitsanbieter Akamai meldet einen Zuwachs von 245 Prozent beim schädlichen Internetverkehr. Angreifer operieren vor allem über Proxy-Infrastruktur in Russland und China. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberangriffe-seit-iran-krieg
Stryker Targeted by Large-Scale Wiper Attack, Tens of Thousands of Devices Lost

Mar 17, 2026 7:10 AM

Tags: attack, corporate, cyber, cyberattack, cybersecurity, group, iran, microsoft, technology

Global medical technology giant Stryker suffered a massive cybersecurity incident on March 11, 2026, resulting in the remote wiping of thousands of corporate devices. A pro-Iranian hacktivist group known as Handala has claimed responsibility for the attack, which severely disrupted Stryker’s internal Microsoft environment, manufacturing, and shipping operations. Technical Execution Vector Unlike traditional destructive cyberattacks,…
Health Sector Braces for Stryker Hack Supply Chain Shock

Mar 16, 2026 11:10 PM

Tags: cyberattack, healthcare, iran, supply-chain

Medical Device Manufacturer Hack Was Likely Opportunistic. An Iranian cyberattack on medical device maker Stryker’s internal IT environment does not appear to affect connected products used by the company’s healthcare clients. But an outage of Stryker’s electronic ordering system could lead to supply chain issues for its customers. First seen on govinfosecurity.com Jump to article:…
Cybercrime has skyrocketed 245% since the start of the Iran war

Mar 16, 2026 8:09 PM

Tags: china, cybercrime, iran, russia, service

Hacktivists use proxy services from Russia, China for ‘billions of designed-for-abuse connection attempts’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/16/cybercrime_iran_war_245_percent_rise/
Poland Suspects Iranian Actors are Behind Attack on Its Nuclear Power Center

Mar 16, 2026 8:09 PM

Tags: attack, country, cyberattack, group, iran, tactics, threat

Poland officials say the cyberattack late last week appears to have been launched by an Iranian threat group, though they noted that bad actors not associated with any country in the war could have been behind it and used tactics associated with Iranian threat groups to cover their own tracks. First seen on securityboulevard.com Jump…