Pierluigi Paganini
December 15, 2021
Researchers uncovered a new Seedworm campaign targeting telecommunication and IT service providers in the Middle East and Asia. Iran-linked APT group Seedworm (aka MERCURY, MuddyWater, TEMP.Zagros, or Static Kitten) is behind a new cyberespionage campaign targeting telecommunication and IT service providers in the Middle East and Asia, Symantec warns. The Seedworm has been active since at least […]
Pierluigi Paganini
November 22, 2021
Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for the attack. Iranian private airline Mahan Air has foiled a cyber attack over the weekend, Iranian state media reported. The airliner’s flight schedule was not affected by the cyberattack. “Our international and domestic flights are […]
Pierluigi Paganini
October 27, 2021
A cyberattack has disrupted gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) across Iran. A cyber attack has disrupted gas stations from the state-owned National Iranian Oil Products Distribution Company (NIOPDC) across Iran. The attack also defaced the screens at the gas pumps and gas price billboards. In multiple cities, the billboards […]
Pierluigi Paganini
October 07, 2021
Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers use stealthy ShellClient malware on aerospace, telco firms Cybereason Nocturnus and Incident Response Teams discovered a new threat actor that is targeting organizations in the aerospace and telecommunications sectors with the ShellClient malware as part […]
Pierluigi Paganini
August 16, 2021
The recent attacks that targeted Iran’s transport ministry and national train system were conducted by a threat actor dubbed Indra. In July, Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, the Fars news agency reported. The […]
Pierluigi Paganini
July 10, 2021
Iran’s railroad system was hit by a cyberattack, hackers posted fake messages about delays or cancellations of the trains on display boards at stations across the country. Iran’s railroad system was hit by a cyberattack, threat actors published fake messages about delays or cancellations of the trains on display boards at stations across the country, […]
Pierluigi Paganini
June 17, 2021
Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on targets’ devices. Researchers from Kaspersky reported that Iran-linked threat actors, tracked as Ferocious Kitten, used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT and spy on […]
Pierluigi Paganini
April 11, 2021
On Sunday, an “accident” occurred in the electricity distribution network at Iran’s Natanz nuclear facility, experts speculate it was caused by a cyberattack. A mysterious incident occurred on Sunday at the Natanz nuclear enrichment site and the media speculate it was caused by a cyber attack. The “accident” impacted the electricity distribution network at Iran’s […]
Pierluigi Paganini
February 08, 2021
Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten, also tracked as APT-C-50, is an Iran-linked APT group that has been active at least since 2018. In 2018, researchers at security firm CheckPoint uncovered an extensive surveillance operation conducted by Domestic Kitten aimed at […]
Pierluigi Paganini
January 23, 2021
Sophos experts believe that an Iranian company is behind a recently uncovered MrbMiner crypto-jacking campaign targeting SQL servers. Sophos researchers that investigated the recently uncovered crypto-mining campaign targeting SQL servers with MrbMiner malware believe that it was conducted by an Iran-based company. In September, a group of hackers launched brute-force attacks on MSSQL servers with […]
