What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-10-20 12:29:53 | Les pirates iraniens se sont cachées pendant 8 mois dans le réseau gouvernemental Iranian Hackers Lurked for 8 Months in Government Network (lien direct) |
> Le groupe de piratage lié à l'Iran, Crambus, a passé huit mois dans un réseau compromis d'un gouvernement du Moyen-Orient, les rapports de l'unité de cybersécurité de Broadcom \\ de Broadcom.
>Iran-linked hacking group Crambus spent eight months inside a compromised network of a Middle Eastern government, Broadcom\'s Symantec cybersecurity unit reports. |
APT 34 | ★★ | |
|
2022-05-13 15:51:38 | Iran-Linked OilRig APT Caught Using New Backdoor (lien direct) | The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan's foreign ministry, according to new research published this week. | APT 34 | ||
|
2019-07-19 17:46:01 | Iranian Hackers Use New Malware in Recent Attacks (lien direct) | The Iran-linked cyber-espionage group OilRig has started using three new malware families in campaigns observed over the past month, FireEye reports. | Malware | APT 34 | ★★★ |
|
2019-06-20 18:11:01 | Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group (lien direct) | Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group | Threat | APT 34 | |
|
2018-11-19 14:26:03 | Iran-Linked Hackers Use Just-in-Time Creation of Weaponized Attack Docs (lien direct) | Researchers Analyzed How the Iran-linked "OilRig" Hacking Group Tests Malicious Documents Before Use in Attacks | APT 34 | ||
|
2018-09-05 14:16:03 | Iranian Hackers Improve Recently Used Cyber Weapon (lien direct) | The Iran-linked cyberespionage group OilRig was recently observed using a variant of the OopsIE Trojan that was updated with new evasion capabilities, Palo Alto Networks reports. | APT 34 | ||
|
2018-04-04 14:00:03 | Breaches Increasingly Discovered Internally: Mandiant (lien direct) | >Organizations are getting increasingly better at discovering data breaches on their own, with more than 60% of intrusions in 2017 detected internally, according to FireEye-owned Mandiant.
The company's M-Trends report for 2018 shows that the global median time for internal detection dropped to 57.5 days in 2017, compared to 80 days in the previous year. Of the total number of breaches investigated by Mandiant last year, 62% were discovered internally, up from 53% in 2016.
On the other hand, it still took roughly the same amount of time for organizations to learn that their systems had been compromised. The global median dwell time in 2017 – the median time from the first evidence of a hack to detection – was 101 days, compared to 99 days in 2016.
Companies in the Americas had the shortest median dwell time (75.5 days), while organizations in the APAC region had the longest dwell time (nearly 500 days).
Data collected by Mandiant in 2013 showed that more than one-third of organizations had been attacked again after the initial incident had been remediated. More recent data, specifically from the past 19 months, showed that 56% of Mandiant customers were targeted again by either the same group or one with similar motivation.
In cases where investigators discovered at least one type of significant activity (e.g. compromised accounts, data theft, lateral movement), the targeted organization was successfully attacked again within one year. Organizations that experienced more than one type of significant activity were attacked by more than one threat actor.
Again, the highest percentage of companies attacked multiple times and by multiple threat groups was in the APAC region – more than double compared to the Americas and the EMEA region.
When it comes to the most targeted industries, companies in the financial and high-tech sectors recorded the highest number of significant attacks, while the high-tech, telecommunications and education sectors were hit by the highest number of different hacker groups.
Last year, FireEye assigned names to four state-sponsored threat groups, including the Vietnam-linked APT32 (OceanLotus), and the Iran-linked APT33, APT34 (OilRig), and APT35 (NewsBeef, Newscaster and Charming Kitten).
|
Conference | APT33 APT 35 APT 33 APT 32 APT 34 | |
|
2018-03-22 15:30:01 | (Déjà vu) Iran-linked Hackers Adopt New Data Exfiltration Methods (lien direct) | An Iran-linked cyber-espionage group has been using new malware and data exfiltration techniques in recent attacks, security firm Nyotron has discovered. The threat actor, known as OilRig, has been active since 2015, mainly targeting United States and Middle Eastern organizations in the financial and government industries. The group has been already observed using multiple tools and adopting new exploits fast, as well as switching to new Trojans in | Guideline | APT 34 | |
|
2018-02-23 18:38:01 | Iranian Hackers Use New Trojan in Recent Attacks (lien direct) | The cyberespionage group known as OilRig and previously linked to Iran has been observed using a new Trojan in recent attacks, Palo Alto Networks reports. | APT 34 | ||
|
2018-01-26 12:35:16 | Iranian Hackers Target IIS Web Servers With New Backdoor (lien direct) | 
|
APT 34 | ||
|
2017-07-27 14:57:39 | Iranian Cyberspy Groups Share Malware Code (lien direct) | Two cyberspy groups believed to be operating out of Iran, tracked by security firms as OilRig and Greenbug, have apparently shared malware code, according to researchers at Palo Alto Networks. | APT 34 | ||
|
2017-01-06 14:49:11 | Iranian Group Delivers Malware via Fake Oxford University Sites (lien direct) | An Iran-linked advanced persistent threat (APT) group dubbed OilRig has used a fake Juniper Networks VPN portal and fake University of Oxford websites to deliver malware to victims. | APT 34 |
1
We have: 12 articles.
We have: 12 articles.
To see everything:
Our RSS (filtrered)
