Govt hackers impersonate HR employees to hit Israeli targets

Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets. The campaigns have been attributed to the Iranian APT group known as Lyceum, Read More …

Hackers used never-before-seen wiper in recent attack on Iranian train system

Researchers with cybersecurity company SentinelOne reconstructed the recent cyberattack on Iran’s train system in a new report, uncovering a new threat actor — which they named ‘MeteorExpresss’ — and a never-before-seen wiper. On July 9, local news outlets began reporting Read More …

Iran’s secret cyber files on how cargo ships and petrol stations could be attacked

Classified documents, allegedly from Iran, reveal secret research into how a cyber attack could be used to sink a cargo ship or blow up a fuel pump at a petrol station. The internal files, obtained by Sky News, also include Read More …

TA456 hackers built an elaborate online profile to fool their targets into downloading malware

Iranian hackers spent 18 months masquerading as an aerobics instructor in a cyber-espionage campaign designed to infect employees and contractors working in defence and aerospace with malware in order to steal usernames, passwords and other information which could be exploited. Read More …

Operation SpoofedScholars: Iranian hackers posed as academics in a bid to steal email passwords

An Iranian cyber espionage campaign used spoofed identities of real academics at a UK university in phishing attacks designed to steal password details of experts in Middle Eastern affairs from universities, think tanks and the media. Detailed by cybersecurity researchers Read More …

Iranian hacking group targets Israel with wiper disguised as ransomware

An Iranian hacking group has been observed camouflaging destructive attacks against Israeli targets as ransomware attacks while maintaining access to victims’ networks for months in what looks like an extensive espionage campaign. The threat actor, tracked as Agrius by SentinelLabs Read More …

Iran calls blackout at Natanz atomic site ‘nuclear terrorism’

Iran condemned a blackout at its underground Natanz nuclear facility early on Sunday as an act of “nuclear terrorism” and said Tehran reserves the right to respond, but did not specify who was responsible and how Iran may react. “The Read More …

APT Charming Kitten Pounces on Medical Researchers

Security researchers have linked a late-2020 phishing campaign aimed at stealing credentials from 25 senior professionals at medical research organizations in the United States and Israel to an advanced persistent threat group with links to Iran called Charming Kitten. The Read More …

Digital Footprint Intelligence Report

The Digital Footprint Intelligence Service announces the results of research on the digital footprints of governmental, financial and industrial organizations for countries in the Middle East region: Bahrain, Egypt, Iran, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Sudan, Syria, Read More …