Security News

According to the analysis, Fox Kitten's objective has been to develop and maintain access routes to the targeted organizations, establishing persistent footholds within them; stealing information; and pivoting from within to additional targets via supply-chain attacks. The APT34 connection stems from the fact that part of the attack infrastructure used by the group in previous campaigns has been reused for Fox Kitten.

Over the weekend, an extensive disruption to Iran's telecommunication networks knocked out about 25 percent of the country's internet service for several hours, according to NetBlocks, a nonprofit organization that tracks internet freedom across the globe. The disruption, which took place at about 11:45 a.m. local time Saturday, caused an initial outage of cellular and fixed-line services in Iran for nearly an hour, with the country only able to partially recover its full internet service several hours after the incident, NetBlocks says.

Iran repelled a cyberattack on Saturday that disrupted the country's internet services for an hour, a telecommunications ministry official said. "At 11:44 a distributed denial-of-service attack disrupted the internet services of some mobile and fixed operators for an hour," tweeted Sajad Bonabi.

Attacks recently identified to target a key organization in the European energy sector have employed a remote access Trojan previously associated with Iran-linked threat actors, Recorded Future reports. The researchers were able to identify a PupyRAT command and control server that communicated with a mail server for a European energy sector organization between November 2019 and at least January 5, 2020.

Iran is widely expected to ramp up cyberattacks against the United States in response to the US killing of a top Iranian leader this month even as fears have receded about a military confrontation between the two countries. While Iran appeared to be "Standing down" from a military response, according to US President Donald Trump, the cyber threat remains real, said analysts.

Cybersecurity experts believe Iran will likely also respond with cyberattacks to the recent U.S. airstrike that killed senior Iranian military commander Qassem Soleimani, and while many doubt that Iran has the capability to cause significant damage if these attacks are aimed at critical infrastructure or industrial control systems, organizations have still been advised to prepare for the possibility of being targeted. Iran has responded to Soleimani's killing by firing ballistic missiles at two Iraqi bases housing U.S. troop, but Tehran could take other actions as well, including in cyberspace.

TEHRAN, Iran - Iran struck back at the United States for the killing of a top Iranian general early Wednesday, firing a series of ballistic missiles at two Iraqi bases housing U.S. troops in a major escalation that brought the two longtime foes closer to war. Iran's Revolutionary Guard warned the U.S. and its regional allies against retaliating over the missile attack against the Ain al-Asad air base in Iraq's western Anbar province.

With tensions soaring between America and Iran following the drone strike that killed top Persian general Qassem Soleimani, experts are weighing in on what the US could face should the Mid-East nation fully mobilize its cyber resources. "Iran maintains a robust cyber program and can execute cyber attacks against the United States," Uncle Sam warned.

Following the killing of Iran's Major General Qasem Soleimani in a U.S. drone strike in Baghdad late last week, security experts have warned of possible retaliatory cyber strikes. Kellermann, head of cybersecurity strategy at VMware, is the former CEO at Strategic Cyber Ventures.

UPDATE. A U.S. government website was vandalized late Saturday by hackers who posted images of a bloodied President Donald Trump being punched in the face and pro-Iran messages. The hackers, who struck as tensions between the U.S. and Iran heat up, claimed to be "Iran cyber security group hackers," however, there's no evidence to confirm any attribution to Iran at the moment, according to the Department of Homeland Security.