Iran Archives - Page 4 of 25 - Security Affairs

Pierluigi Paganini February 05, 2023

Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

Microsoft attributes a recent cyber attack against the satirical French magazine Charlie Hebdo to an Iran-linked NEPTUNIUM APT group. Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical French magazine Charlie Hebdo to an Iran-linked threat actor tracked as NEPTUNIUM (aka Emennet Pasargad, Holy Souls). The attack is a retaliation for […]

Pierluigi Paganini January 26, 2023

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

The U.K. National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. The U.K. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals. The UK agency reported ongoing spear-phishing […]

Pierluigi Paganini November 17, 2022

Iran-linked threat actors compromise US Federal Network

Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised a Federal Civilian Executive Branch (FCEB) organization using an exploit for the Log4Shell flaw (CVE-2021-44228) and deployed a cryptomining malware. Log4Shell impacts […]

Pierluigi Paganini October 23, 2022

Hackers stole sensitive data from Iran’s atomic energy agency

Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system. Iran’s atomic energy agency revealed on Sunday that a nation-state actor had access to a subsidiary’s network and free access to its email system, the Associated Press reports. The Iranian government has yet to attribute the attack to a specific The […]

Pierluigi Paganini September 29, 2022

Hacker groups support protestors in Iran using Telegram, Signal and Darkweb

Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship. Check Point Research (CPR) observed multiple hacker groups using Telegram, Signal and the darkweb to support protestors in Iran in bypassing regime censorship. The hackers are sharing tools and tips to bypass censorship, including opening VPN servers, […]

Pierluigi Paganini September 13, 2022

Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks

Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered a cyberespionage campaign conducted by Iran-linked TA453 threat actors. The campaign aimed at individuals specializing in Middle Eastern affairs, nuclear security and genome research. Threat actors used at least two actor-controlled personas on a single […]

Pierluigi Paganini September 11, 2022

Albania was hit by a new cyberattack and blames Iran

Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed the government of Teheran for a new cyberattack that hit computer systems used by the state police on Saturday. “The national police’s computer systems were hit Friday by a cyberattack which, according to initial information, […]

Pierluigi Paganini September 11, 2022

Iran-linked APT42 is behind over 30 espionage attacks

Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents. Experts attribute over 30 cyber espionage attacks against activists and dissidents to the Iran-linked APT42 (formerly UNC788). The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against […]

Pierluigi Paganini September 09, 2022

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the Albania cyberattack. The U.S. Treasury Department announced sanctions against Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the cyber attack that hit Albania in July. MOIS is the primary intelligence […]

Pierluigi Paganini September 09, 2022

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Iran-linked APT group DEV-0270 (aka Nemesis Kitten) is abusing the BitLocker Windows feature to encrypt victims’ devices. Microsoft Security Threat Intelligence researchers reported that Iran-linked APT group DEV-0270 (Nemesis Kitten) has been abusing the BitLocker Windows feature to encrypt victims’ devices. The researchers tracked multiple ransomware attacks conducted by the DEV-0270 group, which is a […]

Iran

Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Iran-linked threat actors compromise US Federal Network

Hackers stole sensitive data from Iran’s atomic energy agency

Hacker groups support protestors in Iran using Telegram, Signal and Darkweb

Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks

Albania was hit by a new cyberattack and blames Iran

Iran-linked APT42 is behind over 30 espionage attacks

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Interlock ransomware group deploys new PHP-based RAT via FileFix

Global Louis Vuitton data breach impacts UK, South Korea, and Turkey

Experts uncover critical flaws in Kigen eSIM technology affecting billions

Spain awarded €12.3 million in contracts to Huawei

Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb

QUICK LINKS

Iran

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!