Lucene search
K

23 matches found

The Hacker News
The Hacker News
added 2023/12/22 5:34 a.m.75 views

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector

Organizations in the Defense Industrial Base DIB sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach...

9.8CVSS9.6AI score0.96515EPSS
Exploits17
The Hacker News
The Hacker News
added 2023/08/02 7:31 a.m.35 views

Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers

Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. "Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran – in possible violation of U....

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2022/08/15 12:0 a.m.17 views

Oil and Gas Cybersecurity: Recommendations Part 3

In the final part of our series, we look at the APT33 case study and several recommendations from our expert team...

3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/06/18 4:0 p.m.298 views

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

The increasing pervasiveness of cloud services in today’s work environments, accelerated by a crisis that forced companies around the globe to shift to remote work, is significantly changing how defenders must monitor and protect organizations. Corporate data is spread across multiple...

6.8CVSS8.8AI score0.96274EPSS
Exploits15
ThreatPost
ThreatPost
added 2020/02/18 7:48 p.m.52 views

Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign

Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky. They maintain,...

0.1AI score
Exploits0References11
The Hacker News
The Hacker News
added 2020/02/18 3:6 p.m.7011 views

Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten," the cyber-espionage campaign is said to have been directed at...

10CVSS10AI score0.99999EPSS
Exploits90
ThreatPost
ThreatPost
added 2020/01/10 12:58 p.m.73 views

Oil-and-Gas APT Pivots to U.S. Power Plants.

A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part...

0.7AI score
Exploits0References11
Securelist
Securelist
added 2019/11/29 10:0 a.m.969 views

IT threat evolution Q3 2019

Targeted attacks and malware campaigns Mobile espionage targeting the Middle East At the end of June we reported the details of a highly targeted campaign that we dubbed 'Operation ViceLeaker' involving the spread of malicious Android samples via instant messaging. The campaign affected several...

9.3CVSS9.3AI score0.99964EPSS
Exploits78
Wired Threat Level
Wired Threat Level
added 2019/11/20 12:0 p.m.35 views

Iran’s APT33 Hackers Are Targeting Industrial Control Systems

The recent focus on ICS raises the possibility that Iran's APT33 is exploring physically disruptive cyberattacks...

3.6AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2019/11/15 2:5 p.m.100 views

This Week in Security News: APT33 Botnets Used for Extreme Narrow Targeting and Microsoft’s Patch Tuesday Arrives with A Patch for An IE Zero-Day

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the APT33 threat group that is using live C&C servers for extremely narrow targeting. Also, read about Trend Micro’s complete...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2019/11/14 10:12 p.m.105 views

Double Vision: Stealthy Malware Dropper Delivers Dual RATs

A newly discovered initial-stage malware dropper has been discovered sneaking by antivirus products, with the ultimate goal of delivering a double-pronged whammy of RevengeRAT and WSH RAT payloads onto targeted Windows machines. A FortiGuard Labs team recently captured a sample file that had been...

Exploits0References7
ThreatPost
ThreatPost
added 2019/11/14 2:22 p.m.93 views

APT33 Mounts Focused, Highly Targeted Botnet Attacks Against U.S. Victims

The Iran-linked, espionage-focused advanced threat group known as APT33 has been spotted using more than a dozen obfuscated botnets to carry out narrowly targeted attacks against government and academic targets in the Middle East, the U.S. and Asia. Each botnet, linked to its own...

1.3AI score
Exploits0References5
Securelist
Securelist
added 2019/07/04 3:48 p.m.116 views

‘Twas the night before

Recently, the United States Cyber Command USCYBERCOM Malware Alert @CNMFVirusAlert highlighted several VirusTotal uploads of theirs - and the executable objects relating to 2016 – 2017 NewsBeef/APT33 activity are interesting for a variety of reasons. Before continuing, it's important to restate y...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2019/06/26 7:33 p.m.108 views

Iran-linked APT33 Shakes Up Cyberespionage Tactics

Following a recent report detailing APT33’s infrastructure and tactics, the Iranian state-sponsored threat actor shook up its cyberespionage efforts by adopting new tools and reassigning key domain infrastructure. The infrastructure overhaul stems from a March 2019 Symantec report exposing the...

0.4AI score
Exploits0References6
The Hacker News
The Hacker News
added 2019/03/28 8:18 a.m.286 views

Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms

An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday. Widely known as APT33, which Symantec...

7.8CVSS1AI score0.96274EPSS
Exploits13
FireEye
FireEye
added 2018/12/21 2:0 p.m.265 views

OVERRULED: Containing a Potentially Destructive Adversary

Introduction FireEye assesses APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry. Public reporting indicates this activity may be related to recent destructive attacks. FireEye's Managed Defense has responded to and contained numerous intrusions th...

6.8CVSS0.4AI score0.84138EPSS
Exploits15
Trellix
Trellix
added 2018/12/19 12:0 a.m.23 views

Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems

ARCHIVED STORY Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems By Thomas Roccia · December 19, 2018 Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In...

0.3AI score
Exploits0
Trellix
Trellix
added 2018/12/19 12:0 a.m.14 views

Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems

ARCHIVED STORY Shamoon Attackers Employ New Tool Kit to Wipe Infected Systems By Thomas Roccia · December 19, 2018 Last week the McAfee Advanced Threat Research team posted an analysis of a new wave of Shamoon “wiper” malware attacks that struck several companies in the Middle East and Europe. In...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2018/04/12 2:50 p.m.27 views

New ‘Early Bird’ Code Injection Technique Helps APT33 Evade Detection

Researchers have identified what they are calling an Early Bird code injection technique used by the Iranian group APT33 to burrow the TurnedUp malware inside infected systems while evading anti-malware tools. The Early Bird code injection technique, highlighted in a Wednesday report by Cyberbit,...

0.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/09/21 1:54 p.m.11 views

Iranian APT33 Targets U.S. Firms with Destructive Malware

The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea. The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill...

0.4AI score
Exploits0References3
Rows per page
Query Builder