A recent phishing campaign by Iran-linked threat actor APT34 made use of a savvy approach: Asking victims to join their social network. According to FireEye, the adversaries masqueraded as a Cambridge University lecturer, including setting up a LinkedIn page, in Read More …
The US has responded to a recent rise in Iranian cyber-activity and the shooting of an unarmed drone last week by launching cyber-attacks against Iran’s military IT systems. The cyber-attacks were carried out by US Cyber Command with the direct Read More …
In an incident reminiscent of the Shadow Brokers leak that exposed the NSA’s hacking tools, someone has now published similar hacking tools belonging to one of Iran’s elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. The hacking tools are nowhere near as Read More …
U.S. authorities on Wednesday charged former Air Force intelligence officer Monica Witt with helping Iran launch a cyber-spying operation that targeted her former colleagues after she defected from the United States. The U.S. Justice Department said Witt, 39, assembled dossiers Read More …
The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran. A wave of DNS hijacking attacks targeting victims in North America, Europe, Middle East and North Africa have been linked to Iran. The attacks, Read More …
The campaign targets politicians involved in economic and military sanctions against Iran, along with various journalists and human rights activists. A range of political and civil society targets are under fire in an APT attack dubbed the Return of Charming Read More …
The Department of Justice announced Wednesday charges against two Iranian nationals for their involvement in creating and deploying the notorious SamSam ransomware. The alleged hackers, Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah, 27, have been charged on several counts of computer Read More …
A malware similar in nature to Stuxnet but more aggressive and sophisticated allegedly hit the infrastructure and strategic networks in Iran. Details about the supposed new attack are superficial at the moment, as there are no details about the supposed Read More …
The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. OilRig, an APT group believed to have ties to Iran, has been spotted in yet another Read More …
The Iran-linked group is using a variant of the data-exfiltration OopsIE trojan to attack a Mideast government entity. The OilRig group is back, using a reboot of the OopsIE trojan to pump information from its favorite resource: entities in the Read More …