Latest Iran news

FBI: Iranian hackers lurked in Albania’s govt network for 14 months

The Federal Bureau of Investigation (FBI) and CISA said that one of the Iranian threat groups behind the destructive attack on the Albanian government's network in July lurked inside its systems for roughly 14 months.
- Sergiu Gatlan
- September 21, 2022
- 02:44 PM
- 0
The Week in Ransomware - September 16th 2022 - Iranian Sanctions

It has been a fairly quiet week on the ransomware front, with the biggest news being US sanctions on Iranians linked to ransomware attacks.
- Lawrence Abrams
- September 16, 2022
- 04:26 PM
- 0
US govt sanctions ten Iranians linked to ransomware attacks

The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks.
- Sergiu Gatlan
- September 14, 2022
- 11:43 AM
- 0
Hackers now use ‘sock puppets’ for more realistic phishing attacks

An Iranian-aligned hacking group uses a new, elaborate phishing technique involving multiple personas and email accounts to lure targets into opening malicious documents.
- Bill Toulas
- September 13, 2022
- 05:23 PM
- 0
US sanctions Iran’s Ministry of Intelligence over Albania cyberattack

The U.S. Treasury Department announced sanctions today against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence for their role in the July cyberattack against the government of Albania, a U.S. ally and a NATO member state.
- Sergiu Gatlan
- September 09, 2022
- 12:35 PM
- 0
Microsoft: Iranian hackers encrypt Windows systems using BitLocker

Microsoft says an Iranian state-sponsored threat group it tracks as DEV-0270 (aka Nemesis Kitten) has been abusing the BitLocker Windows feature in attacks to encrypt victims' systems.
- Sergiu Gatlan
- September 08, 2022
- 11:30 AM
- 2
New Iranian hacking group APT42 deploys custom Android spyware

A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest.
- Bill Toulas
- September 07, 2022
- 10:18 AM
- 0
Albania blames Iran for July cyberattack, severs diplomatic ties

Albanian Prime Minister Edi Rama announced on Wednesday that the entire staff of the Embassy of the Islamic Republic of Iran was asked to leave within 24 hours.
- Sergiu Gatlan
- September 07, 2022
- 08:37 AM
- 0
Microsoft: Iranian hackers still exploiting Log4j bugs against Israel

Hackers continue to exploit the Log4j vulnerability in vulnerable applications, as shown by the Iranian 'MuddyWater' threat actor who was found targeting Israeli organizations using the SysAid software.
- Bill Toulas
- August 26, 2022
- 10:31 AM
- 0
Google: Iranian hackers use new tool to steal email from victims

State-sponsored Iranian hacking group Charming Kitten has been using a new tool to download email messages from targeted Gmail, Yahoo, and Microsoft Outlook accounts.
- Ionut Ilascu
- August 23, 2022
- 07:00 AM
- 0
The Week in Ransomware - August 5th 2022 - A look at cyber insurance

For the most part, it has been a quiet week on the ransomware front, with a few new reports, product developments, and attacks revealed.
- Lawrence Abrams
- August 05, 2022
- 05:35 PM
- 0
Hackers pose as journalists to breach news media org’s networks

Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.
- Bill Toulas
- July 16, 2022
- 11:07 AM
- 0
Privacy protection agency seizes servers of hacked travel company

The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals.
- Ionut Ilascu
- July 03, 2022
- 03:34 PM
- 0
Iranian hackers target energy sector with new DNS backdoor

The Iranian Lycaeum APT hacking group uses a new .NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors.
- Bill Toulas
- June 10, 2022
- 02:06 PM
- 0
Microsoft disrupts Bohrium hackers’ spear-phishing operation

The Microsoft Digital Crimes Unit (DCU) has disrupted a spear-phishing operation linked to an Iranian threat actor tracked as Bohrium that targeted customers in the U.S., Middle East, and India.
- Sergiu Gatlan
- June 03, 2022
- 11:24 AM
- 0
Iranian hackers exposed in a highly targeted espionage campaign

Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools.
- Bill Toulas
- May 12, 2022
- 05:30 PM
- 0
Hackers exploit critical VMware RCE flaw to install backdoors

Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager).
- Bill Toulas
- April 26, 2022
- 08:51 AM
- 0
US and UK expose new malware used by MuddyWater hackers

US and UK cybersecurity and law enforcement agencies today shared info on new malware deployed by the Iranian-backed MuddyWatter hacking group in attacks targeting critical infrastructure worldwide.
- Sergiu Gatlan
- February 24, 2022
- 12:56 PM
- 0
Iranian hackers target VMware Horizon servers with Log4j exploits

An Iranian-aligned hacking group tracked as TunnelVision was spotted exploiting Log4j on VMware Horizon servers to breach corporate networks in the Middle East and the United States.
- Bill Toulas
- February 18, 2022
- 02:55 PM
- 0
Cyberspies linked to Memento ransomware use new PowerShell malware

An Iranian state-backed hacking group tracked as APT35 (aka Phosphorus or Charming Kitten) is now deploying a new backdoor called PowerLess and developed using PowerShell.
- Sergiu Gatlan
- February 01, 2022
- 02:00 PM
- 0