Category Archives: apt34

Hacking group turns Microsoft Office flaw into an exploit in less than a week

Posted on by

Less than one week after Microsoft publicly acknowledged a remote code execution vulnerability in Microsoft Office, Iranian hackers targeted the weakness via phishing emails sent to various Middle Eastern government agencies last month, according to research produced Thursday by U.S. cybersecurity firm FireEye. According to FireEye, the targets indicate that the group is likely linked to the Iranian government. There were multiple attempts to breach financial, energy and government enterprises located in geographic rivals of Iran, such as Saudi Arabia and Israel. This particular cyber espionage group, titled APT34 by FireEye, is also known as “NewsBeef” to other security researchers. APT34 has been especially active since mid-2016, based on publicly available research from FireEye and Kaspersky Lab. “We believe APT34 is involved in a long-term cyber-espionage operation largely focused on reconnaissance efforts to benefit Iranian nation-state interests and has been operational since at least 2014,” a FireEye blog post reads. “We […]

The post Hacking group turns Microsoft Office flaw into an exploit in less than a week appeared first on Cyberscoop.

Continue reading Hacking group turns Microsoft Office flaw into an exploit in less than a week

This country’s hacking efforts have become too big to ignore

Posted on by

While hackers linked to China, North Korea and Russia have dominated headlines over the past year, similar groups in Iran have caused significant damage while drawing far less attention. Multiple cyber-espionage groups attributed to Iran became increasingly active over the last 12 months, as at least four entities with ties to the regime have broken into a wide array of organizations, according to private sector cybersecurity experts and three former U.S. intelligence officials with knowledge of regional activity. “For the first time in my career, I’m not convinced we’re responding more to Russia or China,” FireEye CEO Kevin Mandia said in a report published by the company on Thursday. “It feels to me that the majority of the actors we’re responding to right now are hosted in Iran, and they are state-sponsored.” This surge in digital espionage — which has predominantly come in the form of spearphishing emails, strategic web compromises and breached social […]

The post This country’s hacking efforts have become too big to ignore appeared first on Cyberscoop.

Continue reading This country’s hacking efforts have become too big to ignore