Lucene search
K

17 matches found

The Hacker News
The Hacker News
added 2024/09/20 10:11 a.m.48 views

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat APT threat actor likely affiliated with the Ministry of Intelligence and Security MOIS is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster under the moniker...

9.8CVSS7.4AI score0.99913EPSS
Exploits29
The Hacker News
The Hacker News
added 2024/09/12 10:49 a.m.12 views

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister's Office and the Ministry of Foreign Affairs, cybersecurity compa...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2024/05/20 4:5 p.m.41 views

Iranian MOIS-Linked Hackers Behind Destructive Attacks on Albania and Israel

An Iranian threat actor affiliated with the Ministry of Intelligence and Security MOIS has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively. Cybersecurity firm Check Point is tracking the activity under t...

9.8CVSS7.2AI score0.99913EPSS
Exploits29
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/11/09 12:0 p.m.19 views

Microsoft shares threat intelligence at CYBERWARCON 2023

At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity. This blog is intended to summarize the content of the research covered in these presentations and demonstrates Microso...

7AI score
Exploits0
hivepro
hivepro
added 2023/11/03 6:36 a.m.26 views

Scarred Manticore’s Middle Eastern Gambit

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Scarred Manticore, an actor associated with Irans Ministry of Intelligence and Security MOIS, has been conducting a highly sophisticated cyber espionage campaign with a strong focus on the Middle East...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/02 9:21 a.m.37 views

Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign

The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details o...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/29 4:1 p.m.34 views

From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control C2 framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/09 1:29 p.m.43 views

Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps

A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that has been ongoing since October 2021. Slovak cybersecurity firm ESET is tracking the series of attacks against Southeast Asian gambling companies under the name Operation ChattyGoblin...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/09/10 9:43 a.m.143 views

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security MOIS and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor...

9.8CVSS0.9AI score0.99913EPSS
Exploits29
Microsoft Secure
Microsoft Secure
added 2022/08/25 4:0 p.m.252 views

MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations

In recent weeks, the Microsoft Threat Intelligence Center MSTIC and Microsoft 365 Defender Research Team detected Iran-based threat actor MERCURY leveraging exploitation of Log4j 2 vulnerabilities in SysAid applications against organizations all located in Israel. MSTIC assesses with high...

9.3CVSS0.5AI score0.99999EPSS
Exploits353
The Hacker News
The Hacker News
added 2022/06/03 9:19 a.m.219 views

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft on Thursday said it took steps to disable malicious activity stemming from abuse of OneDrive by a previously undocumented threat actor it tracks under the chemical element-themed moniker Polonium. In addition to removing the offending accounts created by the Lebanon-based activity group...

9.8CVSS1.1AI score0.99999EPSS
Exploits22
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/06/02 4:0 p.m.337 views

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center MSTIC tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attac...

5CVSS10AI score0.99999EPSS
Exploits22
Microsoft Secure
Microsoft Secure
added 2022/06/02 4:0 p.m.643 views

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center MSTIC tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attac...

5CVSS10AI score0.99999EPSS
Exploits22
Malwarebytes
Malwarebytes
added 2022/02/25 6:54 p.m.23 views

CISA warns of cyberespionage by Iranian APT “MuddyWater”

Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory CSA on MuddyWater, a government-sponsored Iranian advanced persistent threat APT actor. The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the US Cyber Command Cyber...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/02/25 2:8 p.m.40 views

Iran's MuddyWater Hacker Group Using New Malware in Worldwide Cyber Attacks

Cybersecurity agencies from the U.K. and the U.S. have laid bare a new malware used by the Iranian government-sponsored advanced persistent threat APT group in attacks targeting government and commercial networks worldwide. "MuddyWater actors are positioned both to provide stolen data and accesse...

1.4AI score
Exploits0
ThreatPost
ThreatPost
added 2022/01/13 5:35 p.m.226 views

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

U.S. Cyber Command has confirmed that MuddyWater – an advanced persistent threat APT cyberespionage actor aka Mercury, Static Kitten, TEMP.Zagros or Seedworm that’s historically targeted government victims in the Middle East – is an Iranian intelligence outfit. The link has been suspected, and no...

9CVSS8.9AI score0.99965EPSS
Exploits30References20
The Hacker News
The Hacker News
added 2020/09/18 8:45 a.m.43 views

U.S. Treasury Sanctions Hacking Group Backed by Iranian Intelligence

The U.S. government on Thursday imposed sweeping sanctions against an Iranian threat actor backed by the country's Ministry of Intelligence and Security MOIS for carrying out malware campaigns targeting Iranian dissidents, journalists, and international companies in the telecom and travel sectors...

1AI score
Exploits0
Rows per page
Query Builder