Collaborate Disseminate
Tehran’s latest hacking activity involves easy-to-detect techniques to gain access and then pivoting to stealthier methods.
The post Microsoft: Iranian espionage campaign targeted satellite and defense sectors appeared first on CyberScoop.
Continue reading Microsoft: Iranian espionage campaign targeted satellite and defense sectors
Ever since a 2012 hack that disabled tens of thousands of computers at oil giant Saudi Aramco, suspected Iranian operatives have been known to regularly use data-wiping hacks against organizations throughout the Middle East. Now, one such possible group has been posing as ransomware operators in an effort to conceal the origin of a series of data-wiping hacks against Israeli organizations, according to private-sector investigators. The hackers are demanding extortion fees even when the code they deploy deletes data rather than unlocks it. The findings, published Tuesday by security firm SentinelOne, suggest a growing willingness by certain Iran-linked hacking groups to use tactics associated with financially motivated criminals in order to advance their interests. “Deploying ransomware is a disruptive act that provides deniability, allowing the attackers to conduct destructive activity without taking the full responsibility of those acts,” said Amitai Ben Shushan Ehrlich, a threat intelligence researcher at SentinelOne. SentinelOne […]
The post Suspected Iranian hackers pose as ransomware operators to target Israeli organizations appeared first on CyberScoop.
By Deeba Ahmed
According to SentinelOne, Iranian hackers have developed a combo of disk wiper and ransomware and their target is Israel.
This is a post from HackRead.com Read the original post: Iranian hackers hit Israel with disk wiper in disguise of … Continue reading Iranian hackers hit Israel with disk wiper in disguise of ransomware
Likely the work of APT34, ZeroCleare is bent on destruction and disruption, rather than information-stealing. Continue reading Iran Targets Mideast Oil with ZeroCleare Wiper Malware
IBM’s security experts said Wednesday they have uncovered previously unknown malware developed by Iranian hackers that was used in a data-wiping attack against unnamed energy and industrial organizations the Middle East. The newfound malware, dubbed ZeroCleare, “spread to numerous devices on the affected network, sowing the seeds of a destructive attack that could affect thousands of devices and cause disruption that could take months to fully recover from,” Limor Kessem, an Israel-based analyst with IBM’s X-Force incident response team, wrote in a blog post. The discovery adds to years of evidence that hackers linked to the Iranian government have developed and deployed data-destroying code against multiple targets in the Middle East. Security analysts have warned that Iran could step up its use of cyberattacks amid heightened tensions with Saudi Arabia and the United States. IBM analysts believe APT34 — a hacking group linked with the Iranian government — and at least one […]
The post IBM sounds alarm about more data-wiping malware from Iran appeared first on CyberScoop.
Continue reading IBM sounds alarm about more data-wiping malware from Iran
Researchers have detected a new malware family called “ZeroCleare” that’s targeting the energy and industrial sectors in the Middle East. IBM X-Force Incident Response and Intelligence Services (IRIS) launched an investigation into Ze… Continue reading ZeroCleare Malware Targeting Energy, Industrial Sectors in Middle East
Lenovo, Acer and five additional server manufacturers are hit with supply-chain bugs buried in motherboard firmware. Continue reading Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted
When U.S. Cyber Command warned last week that a hacking group was using a Microsoft Outlook vulnerability previously leveraged by an Iran-linked malware campaign, it appeared to be signaling just how much the military knows about those operations. But the alert was significant in other ways: behind-the-scenes details uncovered by CyberScoop show that it is an example of how the U.S. government has built up its use of the information-sharing platform VirusTotal so the private sector gets more information sooner. Along with Cyber Command’s warning, which also was shared in a tweet, the Department of Homeland Security (DHS) released its own private warning to industry, CyberScoop has learned. The department’s traffic light protocol (TLP) alert covered the same threat that Cyber Command would eventually post to VirusTotal. In going public with the malicious files, Cyber Command appears to have revealed new information about how Iran-linked actors leveraged another malware family, known as Shamoon, as recently as 2017, according to Chronicle, which owns VirusTotal. Not only is it […]
The post Why Cyber Command’s latest warning is a win for the government’s information sharing efforts appeared first on CyberScoop.
US Cyber Command has issued an alert about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook, as concerns are raised of a rise in an Iranian-backed hacking group’s activi… Continue reading US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!
The Department of Homeland Security is warning that U.S. agencies are being targeted by Iranian-backed cyberattacks with destructive wiper malware. Continue reading Iran Targeting U.S. With Destructive Wipers, Warns DHS