Lucene search
K

22 matches found

HackRead
HackRead
added 2024/07/08 2:0 p.m.7 views

AI SPERA Partners with Devcons to Expand ‘Criminal IP’ into the Middle Eastern Market

Torrance, United States / California, 8th July 2024, CyberNewsWire...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/07 1:25 p.m.12 views

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud...

7.6AI score
Exploits0
hivepro
hivepro
added 2024/01/22 8:15 a.m.11 views

Mint Sandstorm’s Campaign Targets Researchers with Novel Backdoor

Summary: Mint Sandstorm, a threat actor, focuses on high-profile individuals involved in Middle Eastern affairs at universities and research organizations. The group utilizes phishing lures in a campaign to socially engineer targets, enticing them to download malicious files that deploy new...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/18 4:16 a.m.47 views

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2024/01/17 5:0 p.m.21 views

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm PHOSPHORUS targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign,...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/09/28 5:29 a.m.24 views

Deadglyph Malware Emerges as a Game Changer for Stealth Falcon

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The cyber espionage group Stealth Falcon commenced covert operations and employed advanced backdoor malware called "Deadglyph" primarily to infiltrate Middle Eastern government entities. To receive...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/24 10:21 a.m.17 views

WINTAPIX Kernel Driver Targeting Middle Eastern Nations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The WINTAPIX driver, protected by VMProtect, targets Saudi Arabia and other Gulf countries, possibly linked to Iranian threat actors exploiting Exchange servers for malware deployment. To receive real-ti...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/03/29 8:44 a.m.23 views

Chinese Cyber Espionage Targets Middle Eastern Telecoms

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/02/21 1:21 p.m.6 views

WIP26 attacks Middle Eastern telecom service providers

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The newly discovered WIP26 threat cluster is an espionage-focused group that has been concentrating on infiltrating Middle Eastern telecom companies. To evade detection, the group heavily relies on public...

2.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/05 12:46 p.m.44 views

Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices

A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app. The mobile trojan functions as advanced spyware with capabilities that receives and executes commands to collect and exfiltrat...

1.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2022/08/25 4:0 p.m.252 views

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

In recent weeks, the Microsoft Threat Intelligence Center MSTIC and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high...

9.3CVSS0.5AI score0.99999EPSS
Exploits353
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/08/25 4:0 p.m.218 views

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

In recent weeks, the Microsoft Threat Intelligence Center MSTIC and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high...

9.3CVSS0.5AI score0.99999EPSS
Exploits353
hivepro
hivepro
added 2022/05/18 5:32 a.m.25 views

OilRig is back with another Phishing Email attack, delivering the Saitama Backdoor

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as OilRig has began delivering malicious email to a Jordanian government employee at the foreign ministry. The email includes a malicious Excel sheet that installs the Saitama backdoor...

0.9AI score
Exploits0
hivepro
hivepro
added 2022/02/07 2:23 p.m.21 views

Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables

THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...

0.1AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/01 5:11 p.m.15 views

Stealthy ‘WIRTE’ Gang Targets Middle Eastern Governments

A threat actor tracked as WIRTE has been assaulting Middle East governments since at least 2019 using “living-off-the-land” techniques and malicious Excel 4.0 macros. On Monday, Kaspersky reported that it observed the group in February using Microsoft Excel droppers, which planted hidden...

7.7AI score
Exploits0References17
ThreatPost
ThreatPost
added 2021/07/13 4:44 p.m.46 views

‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars

An Iran-linked advanced persistent threat APT group has taken a scholarly bent with its latest phishing campaign, which involves lengthy chats with professors, think tank higher-ups and journalists focused on Middle Eastern affairs. The threat actor is Charming Kitten – aka a number of names,...

6.5AI score
Exploits0References11
Talos Blog
Talos Blog
added 2020/01/19 2:58 a.m.1183 views

JhoneRAT: Cloud based python RAT targeting Middle Eastern countries

By Warren Mercer, Paul Rascagneres and Vitor Ventura with contributions from Eric Kuhla. Updated January 17th: the documents do not exploit the CVE-2017-0199 vulnerability. Executive Summary Today, Cisco Talos is unveiling the details of a new RAT we have identified we're calling "JhoneRAT." This...

9.3CVSS0.4AI score0.99933EPSS
Exploits29
HackRead
HackRead
added 2019/01/22 3:32 p.m.22 views

DarkHydrus Phishery tool spreading malware using Google Drive

By Waqas DarkHydrus is back in action with a new variant of RogueRobin malware to target Middle Eastern Politicians by abusing Google Drive. The primary focus of cybercriminals nowadays is to use the infrastructure of genuine services in their attacks in order to prevent detection from security...

1.7AI score
Exploits0
Securelist
Securelist
added 2019/01/11 10:0 a.m.140 views

A Zebrocy Go Downloader

Last year at SAS2018 in Cancun, Mexico, "Masha and these Bears" included discussion of a subset of Sofacy activity and malware that we call "Zebrocy", and predictions for the decline of SPLM/XAgent Sofacy activity coinciding with the acceleration of Zebrocy activity and innovation. Zebrocy was...

7AI score
Exploits0
FireEye
FireEye
added 2017/09/20 10:0 a.m.22 views

Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware

When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a...

7.4AI score
Exploits0
Rows per page
Query Builder