Security News

American authorities seized a range of Iran's state-linked news website domains they accused of spreading disinformation, the U.S. Justice Department said Tuesday, a move that appeared to be a far-reaching crackdown on Iranian media amid heightened tensions between the two countries. Relations between Iran and the U.S. have deteriorated for years following President Donald Trump's withdrawal from Tehran's nuclear deal and the return of devastating sanctions on the country.

Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan capable of stealing sensitive information from targets' devices since at least 2015. Russian cybersecurity firm Kaspersky, which pieced together the activity, attributed the campaign to an advanced persistent threat group it tracks as Ferocious Kitten, a group that has singled out Persian-speaking individuals allegedly based in the country while successfully operating under the radar.

Israeli spy agencies accused Iran on Monday of using fake social media accounts to lure citizens of the Jewish state abroad "To harm or abduct them". The Israeli claim came hours after Iran accused its arch-enemy of orchestrating an attack on a key nuclear site and vowed "Revenge".

Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. "My policy as prime minister of Israel is clear: I will never allow Iran to obtain the nuclear capability to carry out its genocidal goal of eliminating Israel," Netanyahu said.

Iran has admitted that one of its nuclear facilities went offline over the weekend, and a single report claiming Israeli cyber-weapons were the cause has been widely accepted as a credible explanation for the incident. Iran on Sunday published this announcement that said an "Accident" impacted the "Electricity distribution network" at its Natanz enrichment facility.

Iran on Sunday described a blackout at its underground Natanz atomic facility an act of "Nuclear terrorism," raising regional tensions as world powers and Tehran continue to negotiate over its tattered nuclear deal. Ali Akbar Salehi, the American-educated head of the Atomic Energy Organization of Iran, who once served as the country's foreign minister, offered what appeared to be the harshest comments of his long career, which included the assassination of nuclear scientists a decade ago.

A declassified joint report from several United States agencies assesses that Russian and Iranian threat actors did attempt to meddle in the 2020 U.S. presidential election, but claims that the technical integrity of the voting process wasn't affected. The joint report is meant to provide information on the extent to which foreign actors attempted interference with the 2020 U.S. elections, along with details on whether these adversaries targeted political organizations, campaigns, or election candidates, and an assessment on whether the attacks were able to successfully compromise the targeted infrastructure.

The USA's Office of National Intelligence today released its previously classified assessment of "Foreign Threats to the 2020 US Federal Elections" and found "Some successful compromises of state and local government networks prior to Election Day-as well as a higher volume of unsuccessful attempts". It's described as the intelligence community's collective assessment of attempts to disrupt the 2020 election and to contain "Analytic judgments identical to those in the classified version" but without "Full supporting information" or information on "Specific intelligence reports, sources , or methods."

Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish natives. Tracing the extensive espionage operations to two advanced Iranian cyber-groups Domestic Kitten and Infy, cybersecurity firm Check Point revealed new and recent evidence of their ongoing activities that involve the use of a revamped malware toolset as well as tricking unwitting users into downloading malicious software under the guise of popular apps.

Iranian cyber actors are likely behind a campaign that encouraged deadly violence against U.S. state officials certifying the 2020 election results. Titled "Enemies of the People," the website was created on December 6, and by the middle of the month included personal details of individuals that did not support the current U.S. President's claims of voter fraud.