What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-19 10:09:00 | Les pirates iraniens ciblent les experts de la politique du Moyen-Orient avec une nouvelle porte dérobée de base Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor (lien direct) |
L'acteur de menace d'origine iranienne connue sous le nom de Charming Kitten a été lié à un nouvel ensemble d'attaques destinées aux experts en politique du Moyen-Orient avec une nouvelle porte dérobée appelée & nbsp; Basicstar & nbsp; en créant un faux portail de webinaire.
Le chaton charmant, également appelé Apt35, CharmingCypress, Mint Sandstorm, TA453 et Yellow Garuda, a une histoire d'orchestrer un large éventail de campagnes d'ingénierie sociale qui lancent un
The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Mint Sandstorm, TA453, and Yellow Garuda, has a history of orchestrating a wide range of social engineering campaigns that cast a |
Threat | APT 35 | ★★ |
|
2023-08-14 16:30:00 | Chichette charmante cible les dissidents iraniens avec des cyberattaques avancées Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks (lien direct) |
Le Bureau fédéral de l'Allemagne pour la protection de la Constitution (BFV) a mis en garde contre les cyberattaques ciblant les personnes et les organisations iraniennes du pays depuis la fin de 2022.
"Les cyberattaques étaient principalement dirigées contre les organisations dissidentes et les individus & # 8211; tels que les avocats, les journalistes ou les militants des droits de l'homme & # 8211; à l'intérieur et à l'extérieur de l'Iran", a indiqué l'agence dans un avis.
Le
Germany\'s Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations in the country since the end of 2022. "The cyber attacks were mainly directed against dissident organizations and individuals – such as lawyers, journalists, or human rights activists – inside and outside Iran," the agency said in an advisory. The |
APT 35 APT 35 | ★★★ | |
|
2023-06-30 19:24:00 | Hackers iraniens charmant chaton utilisent la porte dérobée Powerstar dans les attaques d'espionnage ciblées Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks (lien direct) |
Charming Kitten, l'acteur de l'État-nation affilié au Corps de la Garde de la révolution islamique d'Iran \\ (IRGC), a été attribué à une campagne de lance de lance sur mesure qui fournit une version mise à jour d'une porte arrière PowerShell entièrement traduite appelée PowerStar.
"Il y a eu une amélioration des mesures de sécurité opérationnelle placées dans les logiciels malveillants pour rendre plus difficile l'analyse et la collecte de l'intelligence", "
Charming Kitten, the nation-state actor affiliated with Iran\'s Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR. "There have been improved operational security measures placed in the malware to make it more difficult to analyze and collect intelligence," |
Malware | APT 35 | ★★ |
|
2023-05-09 14:23:00 | Microsoft met en garde contre les attaques parrainées par l'État exploitant la vulnérabilité critique de papier Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability (lien direct) |
Les groupes iraniens de l'État-nation ont maintenant rejoint les acteurs motivés financièrement dans l'exploitation active d'un défaut critique dans le logiciel de gestion de Papercut Print, a déclaré Microsoft.
L'équipe de renseignement sur les menaces du géant de la technologie a déclaré qu'elle avait observé à la fois Mango Sandstorm (Mercury) et Mint Sandstorm (phosphore) armorant le CVE-2023-27350 dans leurs opérations pour obtenir un accès initial.
"Cette activité montre la menthe
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software, Microsoft said. The tech giant\'s threat intelligence team said it observed both Mango Sandstorm (Mercury) and Mint Sandstorm (Phosphorus) weaponizing CVE-2023-27350 in their operations to achieve initial access. "This activity shows Mint |
Vulnerability Threat | APT 35 | ★★ |
|
2023-04-26 18:46:00 | Charmant Kitten \\'s New Bellaciao Malware découvert dans les attaques multi-pays Charming Kitten\\'s New BellaCiao Malware Discovered in Multi-Country Attacks (lien direct) |
Le prolifique groupe iranien de l'État-nation connu sous le nom de Charming Kitten a ciblé plusieurs victimes aux États-Unis, en Europe, au Moyen-Orient et en Inde avec un nouveau logiciel malveillant surnommé Bellaciao, ajoutant à sa liste en constante expansion d'outils personnalisés.
Découvert par Bitdefender Labs, Bellaciao est un "compte-gouttes personnalisé" qui est capable de fournir d'autres charges utiles de logiciels malveillants sur une machine victime en fonction des commandes reçues
The prolific Iranian nation-state group known as Charming Kitten targeted multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a "personalized dropper" that\'s capable of delivering other malware payloads onto a victim machine based on commands received |
Malware | APT 35 APT 35 | ★★★ |
|
2023-04-25 18:34:00 | Les pirates iraniens lancent des attaques sophistiquées ciblant Israël avec une porte dérobée impuissante Iranian Hackers Launch Sophisticated Attacks Targeting Israel with Powerless Backdoor (lien direct) |
Un acteur iranien de la menace nationale a été lié à une nouvelle vague d'attaques de phishing ciblant Israël qui a conçu pour déployer une version mise à jour d'une porte dérobée appelée impuissante.
La société de cybersécurité Check Point suit le cluster d'activités sous sa manche de créature mythique Manticore éduquée, qui présente des "chevauchements forts" avec une équipe de piratage connue sous le nom d'APT35, Charming Kitten, Cobalt
An Iranian nation-state threat actor has been linked to a new wave of phishing attacks targeting Israel that\'s designed to deploy an updated version of a backdoor called PowerLess. Cybersecurity firm Check Point is tracking the activity cluster under its mythical creature handle Educated Manticore, which exhibits "strong overlaps" with a hacking crew known as APT35, Charming Kitten, Cobalt |
Threat | APT 35 | ★★★ |
|
2022-09-08 11:08:00 | Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group (lien direct) | Microsoft's threat intelligence division on Wednesday assessed that a subgroup of the Iranian threat actor tracked as Phosphorus is conducting ransomware attacks as a "form of moonlighting" for personal gain. The tech giant, which is monitoring the activity cluster under the moniker DEV-0270 (aka Nemesis Kitten), said it's operated by a company that functions under the public aliases Secnerd and | Ransomware Threat Conference | APT 35 | |
|
2022-08-23 07:50:00 | Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts (lien direct) | The Iranian government-backed actor known as Charming Kitten has added a new tool to its malware arsenal that allows it to retrieve user data from Gmail, Yahoo!, and Microsoft Outlook accounts. Dubbed HYPERSCRAPE by Google Threat Analysis Group (TAG), the actively in-development malicious software is said to have been used against less than two dozen accounts in Iran, with the oldest known | Malware Tool Threat Conference | Yahoo APT 35 | |
|
2022-05-12 06:56:45 | Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks (lien direct) | A ransomware group with an Iranian operational connection has been linked to a string of file-encrypting malware attacks targeting organizations in Israel, the U.S., Europe, and Australia. Cybersecurity firm Secureworks attributed the intrusions to a threat actor it tracks under the moniker Cobalt Mirage, which it said is linked to an Iranian hacking crew dubbed Cobalt Illusion (aka APT35, | Ransomware Malware Threat Conference | APT 35 APT 15 | ★★★★ |
|
2022-02-17 23:40:44 | Iranian Hackers Targeting VMware Horizon Log4j Flaws to Deploy Ransomware (lien direct) | A "potentially destructive actor" aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group "TunnelVision" owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker Phosphorus | Ransomware Conference | APT 35 | |
|
2022-02-01 02:28:30 | Iranian Hackers Using New PowerShell Backdoor in Cyber Espionage Attacks (lien direct) | An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess Backdoor, according to new research published by Cybereason. The Boston-headquartered cybersecurity company attributed the malware to a hacking group known as Charming Kitten (aka Phosphorous, APT35, or TA453), while also calling out the backdoor's | Malware Threat Conference | APT 35 APT 35 | |
|
2020-08-28 03:36:28 | Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware (lien direct) | An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware.
Detailing the new tactics of the "Charming Kitten" APT group, Israeli firm Clearsky said, "starting July 2020, we have identified a new TTP of the group, |
Malware Conference | APT 35 | |
|
2020-07-17 03:23:46 | Iranian Hackers Accidentally Exposed Their Training Videos (40 GB) Online (lien direct) | An OPSEC error by an Iranian threat actor has laid bare the inner workings of the hacking group by providing a rare insight into the "behind-the-scenes look into their methods."
IBM's X-Force Incident Response Intelligence Services (IRIS) got hold of nearly five hours worth of video recordings of the state-sponsored group it calls ITG18 (also called Charming Kitten, Phosphorous, or APT35) that |
Threat Conference | APT 35 | ★★★★★ |
1
We have: 13 articles.
We have: 13 articles.
To see everything:
Our RSS (filtrered)
