Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-09-08 11:08:00 |
Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group (lien direct) |
Microsoft's threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a "form of moonlighting" for personal gain.
The tech giant, which is monitoring the activity cluster under the moniker DEV-0270 (aka Nemesis Kitten), said it's operated by a company that functions under the public aliases Secnerd and |
Ransomware
Threat
Conference
|
APT 35
|
|
|
2022-05-12 06:56:45 |
Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks (lien direct) |
A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia.
Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion (aka APT35, |
Ransomware
Malware
Threat
Conference
|
APT 35
APT 15
|
★★★★
|
|
2022-02-17 23:40:44 |
Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware (lien direct) |
A "potentially destructive actor" aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware.
Cybersecurity firm SentinelOne dubbed the group "TunnelVision" owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus |
Ransomware
Conference
|
APT 35
|
|