The Federal Bureau of Investigation (FBI), U.S. Department of Treasury, and Israel National Cyber Directorate are releasing this Cybersecurity Advisory (CSA) to warn network defenders of new cyber tradecraft of the Iranian cyber group Emennet Pasargad, which has been operating under the company name Aria Sepehr Ayandehsazan (ASA) and is known by the private sector terms Cotton Sandstorm, Marnanbridge, and Haywire Kitten.
The group exhibited new tradecraft in its efforts to conduct cyberenabled information operations into mid-2024 using a myriad of cover personas, including multiple cyber operations that occurred during and targeting the 2024 Summer Olympics – including the compromise of a French commercial dynamic display provider. ASA has also undertaken a project to harvest content from IP cameras and used online resources related to Artificial Intelligence.
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Related:
- Supply Chain Compromises Impact Nx Console and GitHub Repositories
May 28, 2026
CISA is prioritizing the response to multiple emerging software supply chain intrusion campaigns targeting developer ecosystems Continuous Integration/Continuous Development (CI/CD) pipelines. These recent incidents, including the GitHub compromise via a malicious Nx Console Visual Studio Code (VS Code) extension and the “Megalodon” supply chain intrusion campaign, demonstrate how cyber threat actors are abusing tools and ...
- Threat Actors Spoofing FIFA Websites in Advance of the 2026 World Cup
May 27, 2026
The FBI is issuing this Public Service Announcement (PSA) to warn the public that cyber threat actors are conducting spoofing attacks against the Fédération Internationale de Football Association (FIFA) website in advance of the 2026 FIFA World Cup. A spoofed website is designed to pose as a legitimate website, with branding, product listings, etc., and malicious ...
- NYC Health + Hospitals says hackers stole medical data affecting at least 1.8m people
May 18, 2026
New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or ...
- Scammers are targeting World Cup fans
May 16, 2026
We’re less than a month away from the biggest sporting event of the year, the FIFA World Cup, and scammers are already busy stealing money, passwords, and other sensitive data from fans and visitors, experts have warned. Kaspersky has published a breakdown of the different scam techniques cybercriminals are using to target football fans as they ...
- Hackers have breached tank readers at US gas stations
May 15, 2026
US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases ...
- ShinyHunters: Cyber Criminal Group Attacks Learning Management System
May 15, 2026
The Federal Bureau of Investigation (FBI) is providing this Public Service Announcement (PSA) to warn of potential future impacts related to a cyber-attack that affected an online Learning Management System (LMS), resulting in an interruption of service to educational institutions and students across the country. The LMS platform is now fully operational. ShinyHunters (SH) — which ...