6 matches found
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Iranian state-sponsored threat actor known as Nimbus Manticore aka Screening Serpens and UNC1549 has been attributed to a fresh campaign using lures impersonating organizations in the aviation and software sectors across the U.S., Europe, and the Middle East following the joint U.S.-Israeli...
New TSA Cybersecurity Emergency Action Rule Impacts Cybersecurity and Compliance
On March 7, 2023, in the wake of President Joe Biden’s National Cybersecurity Strategy announcement, the U.S. Transportation Security Administration TSA issued a cybersecurity emergency action amendment for certain regulated airport and aircraft operators. The new Action Rule can have significant...
Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years
A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under the radar. Cisco Talos dubbed the malware...
WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers
Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy backdoors and other kinds of malware, including multi-functional remote access tools RATs and cryptominers. Named "Vollgar " after the...
Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware
When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a...
Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware
When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a...