Latest Iran news

US govt sanctions Iranians linked to government cyberattacks

The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies.
- Sergiu Gatlan
- April 23, 2024
- 02:40 PM
- 1
U.S. charges Iranian for hacks on defense orgs, offers $10M for info

The U.S. Department of Justice (DoJ) has unveiled an indictment against Alireza Shafie Nasab, a 39-year-old Iranian national, for his role in a cyber-espionage campaign targeting U.S. government and defense entities.
- Bill Toulas
- March 01, 2024
- 09:47 AM
- 0
Microsoft: Iranian hackers target researchers with new MediaPl malware

Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe and the United States in spearphishing attacks pushing new backdoor malware.
- Sergiu Gatlan
- January 17, 2024
- 03:39 PM
- 0
Microsoft: Hackers target defense firms with new FalseFont malware

Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide.
- Sergiu Gatlan
- December 21, 2023
- 03:28 PM
- 0
Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.
- Bill Toulas
- November 12, 2023
- 10:30 AM
- 3
Iranian hackers lurked in Middle Eastern govt network for 8 months

The Iranian hacking group tracked as OilRig (APT34) breached at least twelve computers belonging to a Middle Eastern government network and maintained access for eight months between February and September 2023.
- Bill Toulas
- October 19, 2023
- 12:40 PM
- 0
Iranian hackers breach defense orgs in password spray attacks

Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023.
- Sergiu Gatlan
- September 14, 2023
- 12:30 PM
- 2
Iranian hackers backdoor 34 orgs with new Sponsor malware

A nation-state threat actor known as 'Charming Kitten' (Phosphorus, TA453, APT35) has been observed deploying a previously unknown backdoor malware named 'Sponsor' against 34 companies around the globe.
- Bill Toulas
- September 11, 2023
- 12:19 PM
- 0
Charming Kitten hackers use new ‘NokNok’ malware for macOS

Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems.
- Bill Toulas
- July 09, 2023
- 10:13 AM
- 2
New PowerExchange malware backdoors Microsoft Exchange servers

A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers.
- Sergiu Gatlan
- May 24, 2023
- 03:17 PM
- 4
Iranian hackers use new Moneybird ransomware to attack Israeli orgs

A suspected Iranian state-supported threat actor known as 'Agrius' is now deploying a new ransomware strain named 'Moneybird' against Israeli organizations.
- Bill Toulas
- May 24, 2023
- 12:28 PM
- 0
Microsoft: Iranian hacking groups join Papercut attack spree

Microsoft says Iranian state-backed hackers have joined the ongoing assault targeting vulnerable PaperCut MF/NG print management servers.
- Sergiu Gatlan
- May 08, 2023
- 10:47 AM
- 2
Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs

Microsoft has discovered that an Iranian hacking group known as 'Mint Sandstorm' is conducting cyberattacks on US critical infrastructure in what is believed to be retaliation for recent attacks on Iran's infrastructure.
- Lawrence Abrams
- April 18, 2023
- 04:03 PM
- 0
Hacked corporate email accounts used to send MSP remote access tool

MuddyWater hackers, a group associated with Iran's Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets.
- Ionut Ilascu
- December 08, 2022
- 04:19 PM
- 0
Hackers use new Fantasy data wiper in coordinated supply chain attack

The Iranian Agrius APT hacking group is using a new 'Fantasy' data wiper in supply-chain attacks impacting organizations in Israel, Hong Kong, and South Africa.
- Bill Toulas
- December 07, 2022
- 12:36 PM
- 0
US govt: Iranian hackers breached federal agency using Log4Shell exploit

The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware.
- Sergiu Gatlan
- November 16, 2022
- 11:34 AM
- 1
Iran’s atomic energy agency confirms hack after stolen data leaked online

The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online.
- Bill Toulas
- October 24, 2022
- 01:17 PM
- 0
Hacking group updates Furball Android spyware to evade detection

A new version of the 'FurBall' Android spyware has been found targeting Iranian citizens in mobile surveillance campaigns conducted by the Domestic Kitten hacking group, also known as APT-C-50.
- Bill Toulas
- October 20, 2022
- 05:30 AM
- 0
Hacking group POLONIUM uses ‘Creepy’ malware against Israel

Security researchers reveal previously unknown malware used by the cyber espionage hacking group 'POLONIUM,' threat actors who appear to target Israeli organizations exclusively.
- Bill Toulas
- October 11, 2022
- 05:30 AM
- 0
Signal calls on users to run proxies for bypassing Iran blocks

Signal is urging its global community to help people in Iran stay connected with each other and the rest of the world by volunteering proxies to bypass the aggressive restrictions imposed by the Iranian regime.
- Bill Toulas
- September 23, 2022
- 11:30 AM
- 0