Tag: Iran

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
News

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors

In October 2023, an Iranian-linked group targeted transportation, logistics, and technology sectors in the Middle East, including Israel, as part of a surge in Iranian cyber activity since the start of the Israel-Hamas war. CrowdStrike has linked the attacks to a threat actor known as Imperial Kitten, which is also known as Crimson Sandstorm (previously Curium), TA456, Tortoiseshell, and Yellow Liderc. The company's latest findings build on previous reports from Mandiant, ClearSky, and PwC, the latter of which also detailed instances of strategic web compromises (aka watering hole attacks) that resulted in the deployment of IMAPLoader on infected systems. CrowdStrike said in a technical report that the adversary read more Iran-Linked Imperial Kitten Cyber Group Targeting Middle E...
Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber Attacks
Business, Risk, Security

Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber Attacks

Microsoft has linked the latest hacking effort against the parody French magazine Charlie Hebdo to the Iranian threat actor known as Neptunium. The information was released last Friday by Microsoft's Digital Threat Analysis Center (DTAC), which also noted that Neptunium is probably the same group that the US Department of Justice (DoJ) has previously referred to as "Emennet Pasargad." The blog post states, "In early January, a then-unknown internet group identifying itself as 'Holy Souls,' which we can now identify as Neptunium read the complete article Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber Attacks. To read these types of recent cyber attacks news follow ReconBee.com regularly
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Risk, Security

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the government domains attempting to connect to malware infrastructure previously identified as associated with the adversary. Also known by the names APT15, KeChang, NICKEL, and Vixen Panda, the Chinese APT group has a history of cyber espionage campaigns aimed at government and diplomatic entities across North America, South America, Africa, and the Middle East at least since 2010 read the complete article Iranian Government Entities Under Attack by New Wave.