Cyberattack forces Iran steel company to halt production

One of Iran’s major steel companies said Monday it was forced to halt production after being hit by a cyberattack, apparently marking one of the biggest such assaults on the country’s strategic industrial sector in recent memory. The Iranian government Read More …

A hacker group said it has broken into the Israeli electricity network

A hacker group identifying itself as the “Moses Staff” said it has broken into the Israeli electricity network, vowing to plunge the regime into darkness. The group said on Wednesday it had targeted the Israel Electric Corporation, the largest supplier Read More …

Microsoft seizes 41 domains tied to ‘Iranian phishing ring’

Microsoft has obtained a court order to seize 41 domains used by what the Windows giant said was an Iranian cybercrime group that ran a spear-phishing operation targeting organizations in the US, Middle East, and India. The Microsoft Digital Crimes Read More …

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attack Read More …

Iran-linked Cobalt Mirage extracts money, info from US orgs – report

The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks’ threat intelligence team. The cybercriminal gang has been around since June 2020, and its most recent activities have been Read More …

APT34 hackers exposed in a highly targeted espionage campaign

Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. The attack involved advanced anti-detection and anti-analysis techniques and had some characteristics that Read More …

Tracking cyber activity in Eastern Europe

In early March, Google’s Threat Analysis Group (TAG) published an update on the cyber activity it was tracking with regard to the war in Ukraine. Since our last update, TAG has observed a continuously growing number of threat actors using Read More …

Israel: Mossad head’s personal files, photos leaked by Iran-linked Telegram group

Photos and personal documents disclosing information on Mossad director David Barnea and his family were leaked in a Telegram channel called “Open Hands” on Tuesday, Walla reported. Created hours before the leak was published to some 30 followers, the channel Read More …

Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have observed a group of Iranian government-sponsored advanced persistent Read More …

Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables

MuddyWater has conducted various campaigns against entities spread throughout the U.S.A, Europe, Middle East and South Asia. A typical TTP employed by the group is the heavy use of scripting in their infection chains using languages like PowerShell and Visual Read More …