Lucene search
K

21 matches found

The Hacker News
The Hacker News
added 2025/06/26 8:45 a.m.21 views

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps IRGC has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. "In some of those campaigns, Israeli technology a...

8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/18 4:16 a.m.47 views

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2024/01/17 5:0 p.m.21 views

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm PHOSPHORUS targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign,...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/14 11:0 a.m.27 views

Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

Germany's Federal Office for the Protection of the Constitution BfV has warned of cyber attacks targeting Iranian persons and organizations in the country since the end of 2022. "The cyber attacks were mainly directed against dissident organizations and individuals – such as lawyers, journalists,...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/06 6:6 p.m.52 views

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified...

9.8CVSS6.8AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2023/06/30 1:54 p.m.28 views

Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks

Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps IRGC, has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/25 1:4 p.m.64 views

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that's designed to deploy an updated version of a Windows backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/19 6:42 a.m.121 views

Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems

An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. "This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing...

9.8CVSS9AI score0.99968EPSS
Exploits20
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/04/18 3:0 p.m.50 views

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

Over the past several months, Microsoft has observed a mature subgroup of Mint Sandstorm, an Iranian nation-state actor previously tracked as PHOSPHORUS, refining its tactics, techniques, and procedures TTPs. Specifically, this subset has rapidly weaponized N-day vulnerabilities in common...

9.3CVSS9.9AI score0.99999EPSS
Exploits373
The Hacker News
The Hacker News
added 2023/03/09 12:20 p.m.40 views

Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably the targets in this instance were all women who are actively involved in political affairs and human rights in the Middle East region,"...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/15 6:49 a.m.254 views

U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks

The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Wednesday announced sweeping sanctions against ten individuals and two entities backed by Iran's Islamic Revolutionary Guard Corps IRGC for their involvement in ransomware attacks at least since October 2020. The agency said...

10CVSS0.5AI score0.99999EPSS
Exploits393
The Hacker News
The Hacker News
added 2022/08/23 2:50 p.m.73 views

Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts

The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group TAG, the actively in-development malicious software ...

1.9AI score
Exploits0
hivepro
hivepro
added 2022/03/29 1:56 p.m.169 views

Weekly Threat Digest: 21 – 27 March 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 340 10 5 53 24 84 The fourth week of March 2022 witnessed the discovery of 340 vulnerabilities out of which 10...

10CVSS0.99999EPSS
Exploits91
hivepro
hivepro
added 2022/03/25 4:5 a.m.454 views

Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...

10CVSS0.9AI score0.99999EPSS
Exploits18
ThreatPost
ThreatPost
added 2022/02/02 1:58 p.m.75 views

Charming Kitten Sharpens Its Claws with PowerShell Backdoor

The Iranian advanced persistent threat APT Charming Kitten is sharpening its claws with a new set of tools, including a novel PowerShell backdoor and related stealth tactics, that show the group evolving yet again. The new tools may signal that it’s getting ready to pounce on new victims,...

7.5AI score
Exploits0References19
The Hacker News
The Hacker News
added 2022/02/01 10:28 a.m.43 views

Iranian Hackers Using New PowerShell Backdoor in Cyber Espionage Attacks

An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess Backdoor, according to new research published by Cybereason. The Boston-headquartered cybersecurity company attributed the malware to a hacking group...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/01/13 8:37 a.m.115 views

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation. "The actor's attack setup was...

10CVSS0.8AI score0.99999EPSS
Exploits351
The Hacker News
The Hacker News
added 2021/10/14 4:30 p.m.26 views

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google's Threat Analysis Group TAG on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. The warnings mark a 33%...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2020/08/28 10:36 a.m.54 views

Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware

An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware. Detailing the new tactics of the "Charming Kitten" APT group,...

0.2AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/07/16 10:0 a.m.19 views

Iranian Spies Accidentally Leaked Videos of Themselves Hacking

IBM’s X-Force security team obtained five hours of APT35 hacking operations, showing exactly how the group steals data from email accounts—and who it’s targeting...

4.1AI score
Exploits0
Rows per page
Query Builder