10 matches found
Inside Iran's Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event. The activity has...
Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware
Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint is tracking the...
CISA and Partners join ASD’S ACSC to Release Advisory on PRC State-Sponsored Group, APT 40
CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre ASD's ACSC to release an advisory, People’s Republic of China PRC Ministry of State Security APT40 Tradecraft in Action outlining a PRC state-sponsored cyber group’s activity. The following...
People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action
Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre ASD’s ACSC, the United States Cybersecurity and Infrastructure Security Agency CISA, the United States National Security Agency NSA, the United States Federal Bureau of Investigati...
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks...
CVE-2023-36884
Windows Search Remote Code Execution Vulnerability Recent assessments: cbeek-r7 at August 24, 2023 1:46pm UTC reported: CVE-2023-36884 is a fixed vulnerability that permitted remote code execution. Attackers could manipulate Microsoft Office files to bypass the Mark of the Web MoTW security...
From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control C2 framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023...
Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack
An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack of the French satirical magazine Charlie Hebdo in early January 2023. Microsoft, which disclosed details of the incident, is tracking the activity cluster under its chemical element-themed moniker...
FBI Releases PIN on Iranian Cyber Group Emennet Pasargad
The Federal Bureau of Investigation FBI has released a Private Industry Notification PIN that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against the group’s malicious cyber activities...
VMPanel 2.7.4 - SQL Injection Web Vulnerability
Document Title: =============== VMPanel 2.7.4 - SQL Injection Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2022 Release Date: ============= 2016-12-14 Vulnerability Laboratory ID VL-ID: ==================================== 2022 Comm...