APT Charming Kitten Pounces on Medical Researchers

Security researchers have linked a late-2020 phishing campaign aimed at stealing credentials from 25 senior professionals at medical research organizations in the United States and Israel to an advanced persistent threat group with links to Iran called Charming Kitten. The Read More …

Digital Footprint Intelligence Report

The Digital Footprint Intelligence Service announces the results of research on the digital footprints of governmental, financial and industrial organizations for countries in the Middle East region: Bahrain, Egypt, Iran, Iraq, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Sudan, Syria, Read More …

Rana Android Malware Updates Allow WhatsApp, Telegram IM Snooping

Researchers have discovered new samples of a previously discovered Android malware, which is believed to be linked to the APT39 Iranian cyberespionage threat group. The new variant comes with new surveillance capabilities – including the ability to snoop on victims’ Read More …

DarkSide ransomware’s Iranian hosting raises U.S. sanction concerns

Ransomware negotiation firm Coveware has placed the DarkSide operation on an internal restricted list after the threat actors announced plans to host infrastructure in Iran. When the DarkSide ransomware operation encrypts a network, their affiliates steal unencrypted files, which they Read More …

Recent ransomware wave targeting Israel linked to Iranian threat actors

Two recent ransomware waves that targeted Israeli companies have been traced back to Iranian threat actors, multiple sources have told ZDNet today. The ransomware attacks have been taking place since mid-October, have ramped up this month, and have repeatedly focused Read More …

SMS Phishing Attempts Are Riding the Presidential Election Wave

SMS-based outreach has become a standard in the political playbook, with candidates and their supporters soliciting financial support, opinions, and votes through texting with increasing frequency and sophistication. In the course of protecting enterprise endpoints, Symantec, a division of Broadcom, Read More …

Seedworm: Iran-Linked Group Continues to Target Organizations in the Middle East

The Iran-linked espionage group Seedworm (aka MuddyWater) has been highly active in recent months, attacking a wide range of targets, including a large number of government organizations in the Middle East. Many of the organizations attacked by Seedworm in recent Read More …

Iranian state hacker group linked to ransomware deployments

Security researchers said they found clues linking recent attacks with the Thanos ransomware to a group of Iranian state-sponsored hackers. While investigating security incidents at several Israeli prominent organizations, security researchers from ClearSky and Profero said they linked the intrusions Read More …

Latest U.S. Indictments Target Iranian Espionage Actors

The U.S. government has indicted three Iranian nationals on charges related to cyber attacks against aerospace and satellite technology companies. Said Pourkarim Arabi, Mohammad Reza Espargham, and Mohammad Bayati are alleged to have carried out a string of attacks between Read More …

Iran’s RampantKitten spy crew were snooping on expats and dissidents for six years

Infosec outfit Check Point says it has uncovered a six-year Iranian cyber-spying campaign directed at expats and dissidents worldwide. The Iranian crew, nicknamed RampantKitten, used a variety of infostealers to help themselves to targets’ files, as well as extracting passwords Read More …