A joint announcement from the Ministry of Health and the National Cyber Directorate in Israel describes a spike in ransomware attacks over the weekend that targeted the systems of nine health institutes in the country. In the joint announcement, the Israeli government states that the attempts resulted in no damage to the hospitals and the medical organizations, thanks to national-level coordination and the quick and decisive response of the local IT teams.
An emerging threat actor likely supporting Iranian national interests has been behind a password spraying campaign targeting U.S., E.U., and Israeli defense technology companies, with additional activity observed against regional ports of entry in the Persian Gulf as well as maritime and cargo transportation companies focused in the Middle East. Microsoft is tracking the hacking crew under the moniker DEV-0343.
Swedish digital rights organisation Qurium has alleged that an Israeli company called Bright Data has helped the government of the Philippines to DDOS local human rights organisation Karapatan. In July, Qurium reported that the Philippines Department of Science and Technology and Army had conducted DDOS attacks on local media critical of the nation's government, and targeted Karapatan.
IT and communication companies in Israel were at the center of a supply chain attack campaign spearheaded by an Iranian threat actor that involved impersonating the firms and their HR personnel to target victims with fake job offers in an attempt to penetrate their computers and gain access to the company's clients. ClearSky theorized that the attacks' focus on IT and communication companies suggest they are intended to facilitate supply chain attacks on their clients.
Hackers associated with the Iranian government have focused attack efforts on IT and communication companies in Israel, likely in an attempt to pivot to their real targets. The campaigns have been attributed to the Iranian APT group known as Lyceum, Hexane, and Siamesekitten, running espionage campaigns since at least 2018 [1, 2]. In multiple attacks detected in May and July, the hackers combined social engineering techniques with an updated malware variant that would ultimately give them remote access to the infected machine.
Authorities from multiple agencies of the Israeli government paid a visit the offices of the NSO Group as part of a new investigation into claims that the secretive firm is selling its spyware to threat actors for targeted attacks, according to the Israeli Ministry of Defense. Specifically, Israeli agents visited NSO Group's offices in Herzliya, near the city of Tel Aviv, according to a post by analyst firm Recorded Future's The Record.
Israel's Ministry of Defense says the nation's government has visited spyware-for-governments developer NSO Group to investigate allegations its wares have been widely - and perhaps willingly - misused. The allegations were raised by Amnesty International and a consortium of newspapers that gained access to a 50,000-entry list of mobile phone numbers claimed to have been touched by NSO's Pegasus product - spyware that makes a smartphone an open book.
Start-Up Nation Central, the independent not-for-profit organization connecting global corporations, investors, and governments to the Israeli tech innovation ecosystem, revealed that Israel's FinTech sector experienced a record-breaking first half of 2021 in terms of VC investments. According to a data gathered from Start-Up Nation Central Finder, Israeli companies raised $2.3B in the first half representing a staggering 260% increase over H1 2020 funding, and even surpassing the 2020 full-year total of $1.8B by 28%. Investments in FinTech made up 19% of the total funding in Israeli innovation technology companies during H1, which amounted to $12.2B. When it comes to international comparisons, data from PitchBook showed that Israel's 28% increase in FinTech funding over the 2020 total surpassed the 20% increase in US company funding and the negative growth exhibited by the Asian ecosystem but fell short of Europe's impressive 63% growth during the same period.
Human rights and press freedom activists are up in arms about a new report on NSO Group, the notorious Israeli hacker-for-hire company. The report, by a global media consortium, expands public knowledge of the target list used in NSO's military-grade spyware.
The spyware vendor was also formally identified as the commercial surveillance company that Google's Threat Analysis Group revealed as exploiting multiple zero-day vulnerabilities in Chrome browser to target victims located in Armenia, according to a report published by the University of Toronto's Citizen Lab. "Candiru's apparent widespread presence, and the use of its surveillance technology against global civil society, is a potent reminder that the mercenary spyware industry contains many players and is prone to widespread abuse," Citizen Lab researchers said.