Security News

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. The development comes months nearly nine months after the U.S. Cyber Command characterized the advanced persistent threat known as MuddyWater as a subordinate element within MOIS. It also comes almost two years following the Treasury's sanctions against another Iranian APT group dubbed APT39.

The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state. MOIS is the Iranian government's leading intelligence agency, tasked with coordinating intelligence and counterintelligence efforts, as well as covert actions supporting the Islamic regime's goals beyond the country's borders.

This decision comes after severing diplomatic relations with Iran following the attribution of a July cyberattack that targeted Albanian government infrastructure to Iranian threat actors. "The in-depth investigation provided us with indisputable evidence that the cyberattack against our country was orchestrated and sponsored by the Islamic Republic of Iran through the engagement of four groups that enacted the aggression," Rama said.

The IT systems of InterContinental Hotels Group, the massive hospitality organization that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services. "We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG's hotels are still able to operate and to take reservations directly."

Leading hospitality company InterContinental Hotels Group PLC says its information technology systems have been disrupted since yesterday after its network was breached.IHG is a British multinational company that currently operates 6,028 hotels in more than 100 countries and has more than 1,800 in the development pipeline.

One of the UK's largest public transport operators, Go-Ahead Group, has fallen victim to a cyberattack. The Go-Ahead Group, which connects people across its bus and rail networks, reported it was "Managing a cyber security incident" after "Unauthorized activity" was detected on its network.

66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while 64% suspect their organization has been either directly targeted or impacted by a nation-state cyber attack, according to Venafi. This Help Net Security video uncovers how exploiting machine identities is becoming the modus operandi for nation-state attackers.

A combination of ransomware and distributed denial-of-service attacks, the onslaught disrupted government services and prompted the country's electrical utility to switch to manual control. But the attack against Montenegro's infrastructure seemed more sustained and extensive, with targets including water supply systems, transportation services and online government services, among many others.

Members of the government in Montenegro are stating that the country is being hit with sophisticated and persistent cyberattacks that threaten the country's essential infrastructure. Targets include electricity and water supply systems, transportation services, online portals that citizens use to access various state services, and more.

The threat actor behind the Twilio hack used their access to steal one-time passwords delivered over SMS from customers of Okta identity and access management company. Okta provides its customers with multiple forms of authentication for services, including temporary codes delivered over SMS through Twilio.