Security News
A new ransomware gang known as 'N3TW0RM' is targeting Israeli companies in a wave of cyberattacks starting last week. Like other ransomware gangs, N3TW0RM has created a data leak site where they threaten to leak stolen files as a way to scare their victims into paying a ransom.
Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. "My policy as prime minister of Israel is clear: I will never allow Iran to obtain the nuclear capability to carry out its genocidal goal of eliminating Israel," Netanyahu said.
Deviating from their typical activity, an Iranian threat actor known as TA453 has mounted a phishing campaign targeting senior medical professionals in the United States and Israel, cybersecurity firm Proofpoint reports. Also referred to as Charming Kitten, Phosphorus, APT35, Ajax Security Team, ITG18, NewsBeef, and Newscaster, the group has been active since at least 2011, mainly targeting activists, journalists, and other entities in the Middle East, the U.K., and the U.S. The new campaign, which Proofpoint named BadBlood due to its focus on medical personnel, targeted individuals specialized in genetic, neurology, and oncology research, in line with a broader trend in which threat actors are targeting medical research.
The SolarWinds supply chain attack has dominated this week's cybersecurity news, but there was still plenty of ransomware news this week. Michael Gillespie found a new STOP Ransomware variant that appends the.
Since the beginning of 2020, the North Korea-linked threat group known as Lazarus has successfully compromised dozens of organizations in Israel and other countries by targeting their employees with appealing job offers, UK-based cybersecurity firm ClearSky reported this week. Earlier this week, the Israeli defense ministry claimed to have successfully prevented a Lazarus attack targeting the country's defense manufacturers, but ClearSky says that the attackers were in fact successful in their attempts.
The Israeli defence ministry said on Wednesday that it had foiled an attempted cyber attack by a foreign group targeting the country's defence manufacturers. The United States has linked Lazarus to North Korea's regime, but the Israeli statement did not identify the foreign country concerned, nor did it say when the attempted attack took place or which firms it targeted.
A threat actor believed to be working for the Iranian government recently launched another round of attacks on Israel's water sector, and a source tells SecurityWeek that the attackers used vulnerable cellular equipment as a point of entry. A new round of attacks on Israel's water sector was reported last week and, similar to the first attacks, they targeted smaller, local facilities.
An Israeli court Monday rejected a bid by rights group Amnesty International to revoke the export license of spyware firm NSO Group over hacking allegations. NSO has faced multiple accusations of cyber-espionage on human rights activists and others, including by the messaging service WhatsApp, which is suing the company in a US court.
Amnesty International said Monday that software developed by Israeli security firm NSO Group was used to attack a Moroccan journalist, the latest in a series of allegations against the company. Amnesty said the Moroccan authorities used NSO's Pegasus software to insert spyware onto the cellphone of Omar Radi, a journalist convicted in March over a social media post.
Hacked websites in Israel, a reported cyberattack in Iran and a Twitter war between their leaders: the arch foes' animosity is flaring up online. The latest volleys in Israel and Iran's longstanding rivalry coincide with the 20th anniversary of the Israeli army's withdrawal from southern Lebanon, forced out by Iranian-backed militant group Hezbollah.