A joint cybersecurity advisory warns of Iranian hackers using brute-force attacks to compromise critical infrastructure to obtain initial access for sale to other threat actors.
Based on a report by Microsoft, the Trump campaign is claiming that foreign state-backed hackers are behind the attack that involved a leak of a vice presidential vetting dossier and other materials to US media outlets.
A group calling itself "Cyber Av3ngers," believed to be supported by Iran's government, has declared war against Western organizations making use of Israeli technology. One of the opening salvos in this campaign appears to be against US water utilities, with at least one confirmed strike by the Iranian hackers in Pennsylvania.
Iranian hackers Cyber Av3ngers breached a water utility in Aliquippa, Pennsylvania, by targeting an Israeli-made SCADA system they consider a legitimate target.
Iranian Hackers Use Password Spray Attacks to Compromise Defense Organizations, Pharmaceutical Firms
A recent campaign by Iranian hackers has been very successful in using password spray attacks to breach high-value targets, with a particular focus on defense organizations and satellites as well as pharmaceutical company research.
Iranian hackers installed crypto miner on federal agency’s network after exploiting unpatched Log4Shell vulnerability on the VMWare Horizon server to gain access. The threat actors moved laterally to the domain controller, compromised credentials and implanted reverse proxies on several hosts to maintain persistence.
The United States Department of Justice (DOJ) has indicted three Iranian hackers for a campaign of attacks dating back to 2020, including critical infrastructure companies and government agencies.
Two Iranian hackers have been indicted for election interference, charged with stealing information from state voter rolls to personally target thousands of individual voters as well as members of Congress and campaign staffers.
Google has been issuing direct personal warnings to users that appear to have been targeted by a state-sponsored hacking group. The company has taken the unusual step of issuing a general public warning about an Iran-backed threat.
A set of documents obtained by Sky News, allegedly obtained from the Iranian cyber command, details plans by Iran to do advanced real-world damage with cyber attacks. Targets include retail fuel pumps and container ships.
