Security News

China, Russia and Iran all attacking US elections and using some nasty new tactics, says Microsoft
2020-09-11 01:26

Microsoft believes there have been extensive "Cyberattacks targeting people and organizations involved in the upcoming presidential election," and that foreign government hackers responsible for attacks ahead of the 2016 vote are back with new and nastier tactics. The Windows giant's corporate veep for Customer Security & Trust Tom Burt said both sides of US politics are being attacked, that China, Russia and Iran are all active, and that the spies are also actively targeting UK political parties and other international institutions.

Iran-Linked ‘Newbie’ Hackers Spread Dharma Ransomware Via RDP Ports
2020-08-24 15:23

While the ransomware was previously used by advance persistent threat actors, its source code surfaced in March 2020, making it available to a wider breadth of attackers. "The fact Dharma source code has been made widely available led to the increase in the number of operators deploying it," Oleg Skulkin, senior digital forensics specialist with Group-IB, said in an analysis of the attacks posted Monday.

Iran-Linked Hackers Accidentally Exposed 40 GB of Their Files
2020-07-16 15:49

A state-sponsored hacking group linked to Iran accidentally exposed one of its servers, giving researchers access to roughly 40 GB of videos and other files associated with the threat actor's operations. Some of the videos uncovered by IBM on the exposed server showed successful attacks against a member of the U.S. Navy and an officer in the Hellenic Navy, the naval force of Greece.

Google Says Iran-Linked Hackers Targeted WHO
2020-05-28 11:43

Google reported on Wednesday that it continues to see attacks launched by the Iran-linked threat group named Charming Kitten against medical and healthcare professionals, including employees of the World Health Organization. The attacks launched by Iranian hackers against WHO staff were first reported by Reuters in early April.

Bitter Israel-Iran Rivalry Takes New Forms Online
2020-05-22 08:59

Hacked websites in Israel, a reported cyberattack in Iran and a Twitter war between their leaders: the arch foes' animosity is flaring up online. The latest volleys in Israel and Iran's longstanding rivalry coincide with the 20th anniversary of the Israeli army's withdrawal from southern Lebanon, forced out by Iranian-backed militant group Hezbollah.

Iran Paper Accuses US of Stealing Its .Com
2020-04-27 17:36

The government newspaper of Iran has lost its.com website, with its publisher on Monday accusing the United States of "Stealing" the domain name. Contacted by AFP, Mehdi Shafii, head of the media group that publishes Iran, accused the US Treasury of wanting to "Block" and "Confiscate" the company's domain names.

Nazar: Old Iran-Linked APT Operation Monitored by NSA
2020-04-23 17:05

A security researcher says he has uncovered an advanced persistent threat operation that started over a decade ago and which is referenced in the collection of National Security Agency hacking tools that the Shadow Brokers made public in 2017. The researcher, who refers to the operation as 'Nazar', based on "Debug paths left alongside Farsi resources in some of the malware droppers," believes that the activity was centered around the 2010-2013 timeframe, based on submission times in VirusTotal.

Cyber-wrath of Iran for top general's assassination hasn't progressed beyond snooping and nicking logins... yet
2020-02-27 16:09

The Iranian cybercrime group that was expected to spearhead the rogue Middle East nation's revenge for the US assassination of General Qasem Soleimani has quite the arsenal at its digital fingertips. They added: "From a threat management and risk assessment perspective, we advise organisations not to conflate ongoing espionage operations with a retaliatory response. However, continually leveraging threat intelligence to assess and improve controls will help network defenders secure their environments against malicious activity regardless of intent."

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign
2020-02-18 19:48

According to the analysis, Fox Kitten's objective has been to develop and maintain access routes to the targeted organizations, establishing persistent footholds within them; stealing information; and pivoting from within to additional targets via supply-chain attacks. The APT34 connection stems from the fact that part of the attack infrastructure used by the group in previous campaigns has been reused for Fox Kitten.

Was Internet in Iran Hit by DDoS Attack?
2020-02-10 20:03

Over the weekend, an extensive disruption to Iran's telecommunication networks knocked out about 25 percent of the country's internet service for several hours, according to NetBlocks, a nonprofit organization that tracks internet freedom across the globe. The disruption, which took place at about 11:45 a.m. local time Saturday, caused an initial outage of cellular and fixed-line services in Iran for nearly an hour, with the country only able to partially recover its full internet service several hours after the incident, NetBlocks says.