The cybercriminals managed to access substantial amounts of confidential information from both companies and government agencies.

#Cybersecurity #IranianGroup #Israel #iran #DataBreach #CyberToufan

https://cybersec84.wordpress.com/2023/12/27/cyber-threat-group-exposes-sensitive-data-of-49-major-israeli-enterprises/

FalseFont, the bespoke backdoor deployed in the campaign disclosed by Microsoft, grants its operators remote access to compromised systems, enabling file execution and transfer to command-and-control (C2) servers.

#Cybersecurity #DIB #Iran #IranianGroup #Malware #Microsoft

https://cybersec84.wordpress.com/2023/12/22/iranian-hackers-employ-falsefont-malware-to-breach-defense-firms/

In the most recent intrusions in November 2023, the group utilized SimpleHelp and Venom Proxy, in addition to a custom keylogger and other publicly available tools.

#Cybersecurity #Africa #IranianGroup #Malware #Iran #MuddyWater #MuddyC2Go

https://cybersec84.wordpress.com/2023/12/20/iranian-hackers-leverage-muddyc2go-to-conduct-widespread-telecom-spying-in-africa/

The motives behind these attacks have been chillingly clear. Agonizing Serpens sought to obtain sensitive information, including personally identifiable data (PII) and valuable intellectual property.

#Iran #Cybersecurity #Israel #Malware #Cyberattack #IranianGroup #APT

https://cybersec84.wordpress.com/2023/11/06/iranian-cyberattacks-target-israeli-tech-and-education-sectors-causing-millions-in-losses/

MuddyWater is a state-sponsored group engaged in cyber espionage, operating as a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS).

#Iran #Cybersecurity #Israel #Phishing #IranianGroup #Cyberattack #MuddyWater

https://cybersec84.wordpress.com/2023/11/02/iranian-muddywater-spear-phishing-campaign-targets-israel-new-attack-details/

The malware uses IOCTLs (Input/Output Control) to interact directly with the underlying HTTP.sys driver, making it stealthier and harder to detect by security solutions.

#Cybersecurity #Iran #Cyberattack #IranianGroup #MOIS #Government

https://cybersec84.wordpress.com/2023/11/01/iranian-cyber-espionage-financial-and-government-sectors-in-middle-east-at-risk/

This cyber offensive, codenamed “Crambus” by the cybersecurity firm, saw the adversary employ the PowerExchange implant to closely monitor incoming emails sent from an Exchange Server.

#Cybersecurity #Crambus #IranianGroup #Trojan #HackerGroup

https://cybersec84.wordpress.com/2023/10/19/iran-linked-oilrigs-8-month-cyber-campaign-targets-middle-east-governments/

The incident in Yavne was a reminder of how important it is to pay attention to cybersecurity in today’s world, especially in light of the threat of cyberwars.

#Cybersecurity #HackerGroup #Cyberattack #IranianGroup #Israel #AV3NGERS

https://cybersec84.wordpress.com/2023/10/08/av3ngers-hacker-group-claims-responsibility-for-power-outages-in-yavne/

During the initial phase of the campaign, Peach Sandstorm conducted password spray campaigns against thousands of organizations across various sectors and geographical locations.

#Cybersecurity #Industries #IranianGroup #Cyberthreat

https://cybersec84.wordpress.com/2023/09/15/iranian-nation-state-hackers-use-password-spraying-to-target-multiple-industries/