Collaborate Disseminate
Iranian state-sponsored hacking group Charming Kitten has been named as the group responsible for a new wave of attacks targeting critical infrastructure in the United States and elsewhere.
Read more in my article on the Tripwire State of Security b… Continue reading Charming Kitten targets critical infrastructure in US and elsewhere with BellaCiao malware
A persona dubbed Sara Shokouhi recycled photos of a Russian psychologist and tarot card reader to pose as a Middle East-focused researcher
The post Iran-linked hackers used fake Atlantic Council-affiliated persona to target human rights researchers appeared first on CyberScoop.
The group known as TA453 has added “outlier” attacks to its portfolio over the past two years, seemingly in concert with Iranian hardliners.
The post Iranian hacking group expands focus to US politicians, critical infrastructure, researchers find appeared first on CyberScoop.
Security researchers linked the program to the so-called Charming Kitty Iranian hacker group known to carry out intelligence operations.
The post Google researchers expose Iranian hackers’ tool to steal emails from Gmail, Yahoo and Outlook appeared first on CyberScoop.
The previously unreported campaigns represent one of several ongoing nation-state attempts to hack journalists, the researchers said.
The post Chinese hackers targeted U.S. political reporters just ahead of Jan. 6 attack, researchers say appeared first on CyberScoop.
The government-linked hacking activity is both an intel-gathering effort as well as a money maker, researchers say.
The post Analysis of well-known Iranian hacking group points to more purely financial attacks appeared first on CyberScoop.
U.S., U.K. and Australian cyber agencies on Wednesday accused Iranian government-sponsored hacking groups of exploiting Microsoft and Fortinet vulnerabilities this year in a bid to deploy ransomware against critical infrastructure. The hackers are interested in taking advantage of known software flaws where they can, the agencies said. The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency in March, May and June saw Iranian “advanced persistent threat” groups capitalizing on Fortinet vulnerabilities, in one case for a server associated with a U.S. municipal government and in another involving networks associated with a U.S.-based hospital focused on children’s care. In October the hackers relied on a Microsoft Exchange ProxyShell vulnerability “to gain initial access to systems in advance of follow-on operations,” the subject of another recent CISA alert. “The Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including […]
The post Iranian government-backed hackers target critical infrastructure with ransomware, US says appeared first on CyberScoop.
Suspected Iranian hackers have impersonated a well-known Israeli physicist as part of a broader campaign to break into the email accounts of some two-dozen medical researchers in Israel and the U.S., email security firm Proofpoint said Wednesday. The intrusion attempts — carefully crafted efforts to spy on senior medical professionals in the genetic, neurology and oncology fields — are the handiwork of the Charming Kitten hacking group, Proofpoint said. A 2019 U.S Justice Department indictment linked the group to the Iranian military. The phishing campaign shows how, more than a decade after the Stuxnet worm’s infiltration of an Iranian nuclear facility, hacking is still central to the high-stakes spying game between Iran, Israel and the U.S. And it is but one of several recent examples, including the targeting of the 2020 U.S. election, of how Iranian hackers are capable of threatening U.S. interests. In this case, the suspected Iranian […]
The post How alleged Iranian hackers are posing as an Israeli scientist to spy on US medical professionals appeared first on CyberScoop.
A cyber-espionage group linked to the Iranian government timed a mobile phishing campaign with the Christmas holidays, using email and text messages to target individuals at think tanks, universities and elsewhere, according to new research. Known as Charming Kitten, APT35 or Phosphorous, the group sent fake text messages from “Google Account Recovery” and fake emails with Christmas content, reports the cybersecurity organization CERFTA, which specializes in Iran-related research. The goal was to use malicious web pages to capture login credentials and “steal sensitive data from their victims,” CERTFA said. “The group started the new round of attacks at a time when most companies, offices, organizations, etc. were either closed or half-closed during Christmas holidays and, as a result, their technical support and IT departments were not able to immediately review, identify, and neutralize these cyber incidents,” CERTFA says. “Charming Kitten has taken full advantage of this timing to execute its […]
The post Iran-linked spies used Christmas as cover for spearphishing, researchers say appeared first on CyberScoop.
Continue reading Iran-linked spies used Christmas as cover for spearphishing, researchers say
The Phosphorous APT has launched successful attacks against world leaders who are attending the Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia, Microsoft warns. Continue reading Iran-linked APT Targets T20 Summit, Munich Security Conference Attendees