Iran-linked cyber operations are drawing renewed attention for relying less on advanced code and more on human manipulation to gain access to sensitive systems.
At the centre of this activity is Charming Kitten, a group associated with Iran’s security apparatus which has spent years targeting officials, researchers, and corporate employees. Instead of exploiting technical vulnerabilities, operatives frequently impersonate trusted contacts, using carefully crafted messages to trick victims into revealing credentials or installing malicious software.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Britain and Israel to sign trade and defence deal
November 28, 2021
Britain and Israel will sign a 10-year trade and defence pact in London on Monday, promising cooperation on issues such as cybersecurity and a joint commitment to prevent Iran from obtaining nuclear weapons. The agreement was announced by Liz Truss, the foreign secretary, and her Israeli counterpart Yair Lapid, despite evidence that spyware made by Israeli ...
- 2 US defense officials say Israel hacked Iran’s gas system in late October
November 27, 2021
Israel carried out a cyber attack against Iran’s nationwide fuel system last month, two United States defense officials told the New York Times in a report published Saturday. Days later, Iran-affiliated hackers breached an Israeli LGBTQ dating site and released details of its users in a cyber attack that roiled Israel. The exchange points to a new ...
- Iranian targeting of IT sector on the rise
November 18, 2021
Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain. Microsoft has observed multiple Iranian threat actors targeting the IT ...
- Iranian Government-Sponsored APT Cyber Actors Exploiting MS Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
November 17, 2021
This joint cybersecurity advisory is the result of an analytic effort among the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) to highlight ongoing malicious cyber activity by an advanced persistent threat (APT) group that FBI, ...
- Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
November 16, 2021
Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends in Iranian nation state actor activity during a session titled “The Iranian evolution: Observed changes ...
- Meet Lyceum: Iranian hackers targeting telecoms, ISPs
November 9, 2021
Researchers have provided a deep dive into the activities of Lyceum; an Iranian threat group focused on infiltrating the networks of telecoms companies and internet service providers (ISPs). Lyceum, also known as Hexane, Siamesekitten, or Spirlin, has been active since 2017. The advanced persistent threat (APT) group has been linked to campaigns striking Middle Eastern oil ...