What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-22 11:04:00 | Microsoft met en garde contre le nouveau \\ 'falsefont \\' Backdoor ciblant le secteur de la défense Microsoft Warns of New \\'FalseFont\\' Backdoor Targeting the Defense Sector (lien direct) |
Les organisations du secteur de la base industrielle de la défense (DIB) sont dans la réticule d'un acteur de menace iranien dans le cadre d'une campagne conçue pour livrer une porte dérobée inédite appelée Falsefont.
Les résultats proviennent de Microsoft, qui suit l'activité sous son surnom et NBSP sur le thème des conditions météorologiques; Peach Sandstorm & NBSP; (anciennement Holmium), qui est également connu sous le nom d'APT33, ElfiN et Kitten raffiné.
"
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, and Refined Kitten. " |
Threat Industrial | APT33 APT 33 | ★★★ |
 |
2023-12-21 15:28:06 | Microsoft: les pirates ciblent les entreprises de défense avec de nouveaux logiciels malveillants Falsefont Microsoft: Hackers target defense firms with new FalseFont malware (lien direct) |
Microsoft affirme que le groupe de cyber-espionnage iranien de l'APT33 utilise des logiciels malveillants de porte dérobée de Falsefont récemment découverts pour attaquer les entrepreneurs de défense dans le monde entier.[...]
Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. [...] |
Malware | APT33 APT 33 | ★★★ |
 |
2023-09-15 09:00:00 | Le groupe de menaces iranien atteint des milliers avec une campagne de pulvérisation de mot de passe Iranian Threat Group Hits Thousands With Password Spray Campaign (lien direct) |
L'activité APT33 a entraîné un vol de données d'un petit nombre de victimes
APT33 activity resulted in data theft from small number of victims |
Threat | APT33 APT33 APT 33 APT 33 | ★★ |
 |
2023-06-28 17:29:20 | Red Access Caractéristiques Une plate-forme de navigation sécurisée sans agent Red Access Features an Agentless Secure Browsing Platform (lien direct) |
Red Access Caractéristiques Une plate-forme de navigation sécurisée sans agent;Transforme n'importe quel navigateur Web en un navigateur d'entreprise sécurisé
La plate-forme sans agent va au-delà du navigateur pour protéger les applications Web de bureau contre les risques de navigation qui proviennent des navigateurs Web
-
revues de produits
Red Access Features an Agentless Secure Browsing Platform; Turns Any Web Browser Into a Secure Enterprise Browser Agentless platform goes beyond the browser to protect desktop web applications from browsing risks that originate outside of web browsers - Product Reviews |
APT33 | ★★★ | |
 |
2022-08-15 00:00:00 | Oil and Gas Cybersecurity: Recommendations Part 3 (lien direct) | In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. | APT33 APT33 APT 33 | ||
 |
2019-11-20 12:00:00 | Iran\'s APT33 Hackers Are Targeting Industrial Control Systems (lien direct) | The recent focus on ICS raises the possibility that Iran's APT33 is exploring physically disruptive cyberattacks. | APT33 APT 33 | ||
 |
2019-11-14 11:49:25 | Tracking Iran-linked APT33 group via its own VPN networks (lien direct) | APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers for extremely targeted attacks. APT33, the Iran-linked APT group, has been using multiple layers of obfuscation to run a dozen live C2 servers involved in extremely targeted malware attacks. The targeted malware campaigns aimed at organizations […] | Malware | APT33 APT 33 | |
|
2019-11-14 07:01:25 | More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting (lien direct) |  The threat group APT33 is known to target the oil and aviation industries aggressively. Our recent findings show that the group uses about a dozen live Command and Control (C&C) servers for extremely narrow targeted malware campaigns against organizations in the Middle East, the U.S., and Asia.
|
Malware Threat | APT33 APT 33 | |
 |
2019-11-14 07:00:08 | Iranian hacking group built its own VPN network (lien direct) | Security researchers identify APT33's private network of 21 VPN nodes. | APT33 APT 33 | ||
|
2019-07-09 08:42:00 | (Déjà vu) Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016 (lien direct) | The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. Now experts at Kaspersky confirmed that the malware was […] | Malware | APT33 APT 33 | |
|
2019-07-04 12:48:03 | (Déjà vu) Mise en garde contre la vulnérabilité d\'Outlook par FireEye (lien direct) | “FireEye a observé et communiqué publiquement la preuve de l'exploitation par de multiples 'hackers' iraniens de la vulnérabilité Outlook CVE-2017-11774 depuis l'année dernière. FireEye attribue la nouvelle alerte malware diffusée par le US Cyber Command (U.S. CYBERCOM) concernant l'exploitation de CVE-2017-11774 au groupe de menaces iranien APT33. Les techniques utilisées sont en ligne avec le comportement d'APT33 décrit dans notre blog post “OVERRULED” en Décembre 2018 – ainsi qu'avec la campagne (...) - Vulnérabilités | Malware | APT33 APT 33 | |
|
2019-07-03 15:31:02 | Outlook Flaw Exploited by Iranian APT33, US CyberCom Issues Alert (lien direct) | US Cyber Command issued a malware alert on Twitter regarding the active exploitation of the CVE-2017-11774 Outlook vulnerability to attack US government agencies, allowing the attackers to execute arbitrary commands on compromised systems. [...] | Malware Vulnerability | APT33 APT 33 | |
|
2019-07-01 06:49:03 | Iran-linked APT33 updates infrastructure following its public disclosure (lien direct) | The Iran-linked cyberespionage group APT33 has updated its infrastructure after the publication of a report detailing its activities. In March, Symantec published a report detailing the activities of Iran-linked cyberespionage group APT33 that was targeting organizations in Saudi Arabia and the United States. The APT33 group has been around since at least 2013, since mid-2016, the […] | APT33 APT 33 | ||
 |
2019-06-27 14:56:04 | Iranian Cyberspies Update Infrastructure Following Recent Report (lien direct) | The Iran-linked cyberespionage group APT33 has updated its infrastructure following a March 2019 report detailing its activities, according to researchers from Recorded Future. | APT33 APT 33 | ||
 |
2019-06-25 11:03:01 | FireEye a identifié des activités de " spearphishing " (harponnage) conduites par le groupe de menaces iranien APT33 (lien direct) |  FireEye a identifié des activités de 'spearphishing' (harponnage) conduites par le groupe de menaces iranien APT33. |
APT33 APT 33 | ||
 |
2019-03-28 09:11:00 | APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability (lien direct) | Elfin (aka APT33), a hacker group affiliated with the Iranian government, is described by Symantec as “one of the most active groups currently operating in the Middle East.” They have been linked with a string of attacks on U.S. and Saudi Arabian companies, particularly in the aerospace and energy sectors. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach Vulnerability | APT33 APT 33 | |
|
2019-03-28 01:18:01 | Elfin Hacking Group Targets Multiple U.S. and Saudi Arabian Firms (lien direct) | An Iran-linked cyber-espionage group that has been found targeting critical infrastructure, energy and military sectors in Saudi Arabia and the United States two years ago continues targeting organizations in the two nations, Symantec reported on Wednesday.
Widely known as APT33, which Symantec calls Elfin, the cyber-espionage group has been active since as early as late 2015 and targeted a wide |
APT33 APT 33 | ||
|
2019-03-27 14:00:02 | Iran-Linked Cyberspy Group APT33 Continues Attacks on Saudi Arabia, U.S. (lien direct) | An Iran-linked cyberespionage group tracked as Elfin and APT33 continues targeting organizations in Saudi Arabia and the United States, Symantec reported on Wednesday. | APT33 APT 33 | ||
 |
2019-01-29 11:00:00 | APT39: Un groupe de cyber-espionnage iranien s'est concentré sur les informations personnelles APT39: An Iranian Cyber Espionage Group Focused on Personal Information (lien direct) |
Mise à jour (30 janvier): La figure 1 a été mise à jour pour refléter plus précisément le ciblage APT39.Plus précisément, l'Australie, la Norvège et la Corée du Sud ont été supprimées.
En décembre 2018, Fireeye a identifié l'APT39 comme un groupe de cyber-espionnage iranien responsable du vol généralisé d'informations personnelles.Nous avons suivi l'activité liée à ce groupe depuis novembre 2014 afin de protéger les organisations de l'activité APT39 à ce jour.APT39 \\ est l'accent mis sur le vol répandu d'informations personnelles le distingue des autres groupes iraniens Fireeye, qui ont été liés à opérations d'influence , perturbateurs
UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since November 2014 in order to protect organizations from APT39 activity to date. APT39\'s focus on the widespread theft of personal information sets it apart from other Iranian groups FireEye tracks, which have been linked to influence operations, disruptive |
APT33 APT 39 APT 39 APT 33 | ★★★★ | |
|
2018-12-21 19:00:00 | Rejeté: contenant un adversaire potentiellement destructeur OVERRULED: Containing a Potentially Destructive Adversary (lien direct) |
mise à jour (3 juillet 2019): Le 16 mai 2019, l'équipe Advanced Practices de Fireeye \\ a attribué la "activité APT33 présumée" (appelée GroupB dans cet article de blog) à APT33, opérantà la demande du gouvernement iranien.Les logiciels malveillants et les métiers de cet article de blog sont conformes aux Juin 2019 Campagne d'intrusion Les secteurs financiers, de vente au détail, des médias et de l'éducation & # 8211;ainsi que U.S.Cyber Command \'s Juillet 2019 CVE-2017-11774 Indicateurs , que Fireeye attribue également à APT33.Le processus rigoureux de FireEye \\ pour le regroupement et l'attribution de ce
UPDATE (Jul. 3, 2019): On May 16, 2019 FireEye\'s Advanced Practices team attributed the remaining "suspected APT33 activity" (referred to as GroupB in this blog post) to APT33, operating at the behest of the Iranian government. The malware and tradecraft in this blog post are consistent with the June 2019 intrusion campaign targeting U.S. federal government agencies and financial, retail, media, and education sectors – as well as U.S. Cyber Command\'s July 2019 CVE-2017-11774 indicators, which FireEye also attributes to APT33. FireEye\'s rigorous process for clustering and attributing this |
Malware | APT33 APT 33 APT 33 | ★★★★ |
|
2018-12-20 05:16:00 | Shamoon data-wiping malware believed to be the work of Iranian hackers (lien direct) | Researchers say the Iranian hacker group APT33 is responsible for recent attacks in the Middle East and Europe. | Malware | APT33 APT 33 | |
|
2018-04-12 18:19:00 | APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools (lien direct) | The Iran-linked APT33 group continues to be very active, security researchers at Cyberbit have discovered an Early Bird code injection technique used by the group. The Early Bird method was used to inject the TurnedUp malware into the infected systems evading security solutions. The technique allows injecting a malicious code into a legitimate process, it allows execution […] | APT33 APT 33 | ||
 |
2018-04-12 14:50:02 | New \'Early Bird\' Code Injection Technique Helps APT33 Evade Detection (lien direct) | Researchers have identified what they are calling an Early Bird code injection technique used by the Iranian group APT33 to burrow the TurnedUp malware inside infected systems while evading anti-malware tools. | APT33 APT 33 | ||
|
2018-04-04 14:00:03 | Breaches Increasingly Discovered Internally: Mandiant (lien direct) | >Organizations are getting increasingly better at discovering data breaches on their own, with more than 60% of intrusions in 2017 detected internally, according to FireEye-owned Mandiant.
The company's M-Trends report for 2018 shows that the global median time for internal detection dropped to 57.5 days in 2017, compared to 80 days in the previous year. Of the total number of breaches investigated by Mandiant last year, 62% were discovered internally, up from 53% in 2016.
On the other hand, it still took roughly the same amount of time for organizations to learn that their systems had been compromised. The global median dwell time in 2017 – the median time from the first evidence of a hack to detection – was 101 days, compared to 99 days in 2016.
Companies in the Americas had the shortest median dwell time (75.5 days), while organizations in the APAC region had the longest dwell time (nearly 500 days).
Data collected by Mandiant in 2013 showed that more than one-third of organizations had been attacked again after the initial incident had been remediated. More recent data, specifically from the past 19 months, showed that 56% of Mandiant customers were targeted again by either the same group or one with similar motivation.
In cases where investigators discovered at least one type of significant activity (e.g. compromised accounts, data theft, lateral movement), the targeted organization was successfully attacked again within one year. Organizations that experienced more than one type of significant activity were attacked by more than one threat actor.
Again, the highest percentage of companies attacked multiple times and by multiple threat groups was in the APAC region – more than double compared to the Americas and the EMEA region.
When it comes to the most targeted industries, companies in the financial and high-tech sectors recorded the highest number of significant attacks, while the high-tech, telecommunications and education sectors were hit by the highest number of different hacker groups.
Last year, FireEye assigned names to four state-sponsored threat groups, including the Vietnam-linked APT32 (OceanLotus), and the Iran-linked APT33, APT34 (OilRig), and APT35 (NewsBeef, Newscaster and Charming Kitten).
|
Conference | APT33 APT 35 APT 33 APT 32 APT 34 | |
 |
2018-01-23 14:00:00 | OTX Trends Part 2: Malware (lien direct) |
By Javvad Malik and Christopher Doman
This is the second of a three part series on trends identified by AlienVault.
Part 1 focused on the exploits tracked by OTX. This blog will talk about the malware, and Part 3 will discuss trends we’re seeing in threat actors.
Which malware should I be most concerned about?
Most security incidents that a security team will respond to involve malware. We took a look at three sources of malware telemetry to help prioritise popular malware families:
Malware families AlienVault customers detect the most;
Which malware domains are observed the most frequently by Cisco’s Umbrella DNS; and
Malware families with the highest number of individual samples
Which malware families do our customers detect the most?
The following table describes the malware that we detected most frequently on our customers networks:
This table represents malware detected by AlienVault as it communicates across a network, in 2017. This data is biased towards families that we have named network detections for. That means this table is a good representation of malware that is actively running on networks, though it’s important to also review other statistics on malware that has been blocked from running.
The #1 ranked malware, njRat, is particularly popular in the Middle East. It’s a fairly simple .NET backdoor and Youtube is full of videos of how amateur users can deploy it. We often see it packed with a seemingly endless supply of custom packers to evade anti-virus. Whilst the vast bulk of njRat users are low-level criminals, it is also frequently used in targeted political attacks in the Middle East.
A Youtube guide for using njRat
The #2 ranked malware, NetWire, is primarily used by low-end criminals to steal banking details. Again, it is a freely available tool and has also been abused by targeted attackers too.
The top malware we saw for Linux was China ELF DDoS.
We saw little malware for Mac, though the adware MacKeeper was popular.
Which malware domains are observed the most frequently?
We matched known malicious domains from AlienVault OTX against Umbrella DNS’s record of the most visited domains by their customers.
From that we produced this table of the “most popular malicious domains”:
The column |
APT33 Wannacry APT 33 | ||
|
2017-10-20 13:00:00 | Things I Hearted this Week 20th October 2017 (lien direct) |
Another week has passed, and more things continue to catch our attention. So lets just jump right in
Child safety smartwatches
When you’re marketing a ‘smart’ device as a safety device, you better be sure you can secure it.
But it appears that manufacturers of child safety smartwatches didn’t get the memo. The fact that attackers can track, eavesdrop, or communicate with the wearers should be of concern to all parents. The data is also transmitted and stored without encryption – similar to how other toys have stored data in the past, only to be breached.
It’s irresponsible and puts children’s safety directly at risk.
Child safety smartwatches ‘easy’ to hack, watchdog says | BBC
_in_China_(girl).jpg)
Third of business directors have never heard of GDPR
With GDPR around the corner, and the feeling that you cannot escape the acronym wherever you go; it is quite concerning to learn that a third of business directors haven’t heard of it.
While one can understand if the general public is not aware of the upcoming regulation; it is incumbent upon company directors to be aware of increased responsibilities due to GDPR.
GDPR is not just another technical or security requirement, but is based in fundamental privacy rights of citizens and with potentially harsh fines. Despite many months to prepare, it would appear as if GDPR may still catch many companies by surprise.
Third of IoD Members Have Never Heard of GDPR | Infosecurity Magazine
Ghosts of vulnerabilities past
It looks like Microsoft’s bug tracking database was infiltrated back in 2013. The company kept the news quiet and moved on.
It’s pretty worrying what someone with all that information could have / would have done. How many exploits were made possible because some bad guy somewhere found some vulnerabilities they could exploit?
A good reminder that companies should take a hard look at their assets and their value. Not just value in terms of direct business, but the potential impact on customers.
Microsoft responded quietly after detecting secret database hack in 2013 | Reuters
Microsoft never disclosed 2013 hack of secret vulnerability database | ars technica
Microsoft’s bug tracker was hacked in 2013 but it didn’t tell anyone about it | Silicon Angle
Unmasking the ransomware kingpins
This is a great read by Elie Bursztein on exposing the cybercriminal groups that dominate the ransomware underworld. It’s the third party in a trilogy of blogs – I probably can’t do it justice so it’s best you go check it out: Unmasking the ransomware kingpins
A Stick Figure Guide to the Advanced Encryption Standard (AES)
This is an old post – like really old from 2009. But I only came across it recently and found it to be real |
APT33 APT 33 | ||
|
2017-10-17 13:00:00 | Newly Discovered Iranian APT Group Brings State-sponsored Cyber Espionage into Focus (lien direct) | State-sponsored cyber espionage has been rising steadily in recent years. Whether it’s high-profile attacks such as North Korea’s hack of Sony in 2014, China’s alleged hack of the US’s Office of Personnel Management in 2015, or Russia’s alleged hack of the Democratic National Committee in 2016, the stories are mounting. Iran has also been in the cyber espionage news, with major suspected attacks ranging from the Las Vegas Sands attack in 2014 to the DDOS attack on numerous US banks in 2016. Beyond these high-profile attacks, there are also countless examples of low-profile attacks. While these attacks don’t make the major headlines, they may actually be more relevant to your organization. In this blog, we zero in on this lesser-publicized activity, focusing on a recently discovered Iranian hacker group, dubbed APT33, the tools they have developed, and how AlienVault can help you detect this activity in your environment. What is state-sponsored cyber espionage and what are the typical goals? First, a quick primer on state-sponsored cyber espionage. State-sponsored cyber espionage is the act of obtaining secrets and information from individuals, competitors, rivals, groups, governments, and enemies, without the permission and knowledge of the holder of the information, usually for economic, political, or military advantage. The goals of these state-sponsored groups or individuals range from basic theft or sabotage to collecting military and diplomatic information to enabling domestic organizations to compete on a global economic level. Why should you care? Should you be concerned about state-sponsored cyber hacks? In a word, yes. And, it’s really the low-profile attacks from state-sponsored hackers that should be most concerning. This is because the tools and methods that these hackers develop and utilize can be leveraged by other nefarious hackers against your organization. You need to be alerted to and protected against these tools. Who is APT33? This leads us to Iranian group Advanced Persistent Threat 33 (APT33), a group recently chronicled by security firm FireEye. FireEye assessed that APT33 works at the behest of the Iranian government, and they attribute to APT33 many breaches of Saudi Arabian, South Korean, and US organizations ranging from the aviation sector to the energy sector. The primary goals of APT33 appear to be to enhance Iran’s domestic aviation capabilities or to support Iran’s military decision making against Saudi Arabia. Notably, FireEye has found signs of APT33 activity in some of its own clients' networks, but suspects the APT33 intrusions have been on a wider scale. APT33 has unveiled new tools, including a new backdoor. APT33 has developed numerous tools, including a new backdoor called TURNEDUP. TURNEDUP is capable of uploading and downloading files, creating a reverse shell, taking screenshots, and gathering system information. FireEye found that APT33 has also leveraged Dropshot, a drop | Guideline | APT33 APT 33 | |
 |
2017-09-24 17:34:21 | Révélation sur le Groupe de Hackers Iranien APT33 (lien direct) | Le groupe APT33 a ciblé les secteurs de l'énergie et de l'aéronautique. Découverte de leurs activités et leurs techniques. La société FireEye vient de publier une étude sur les pirates informatiques d’APT33. Des pirates qui planeraient du côté de l’Iran. Des " black hackers " qui mènent ... | APT33 APT 33 | ||
|
2017-09-22 13:00:00 | Things I hearted this week - September 22 (lien direct) | It’s been another hectic week in the world of Infosec / IT security / Cyber Security (choose as appropriate). So let’s jump straight into it. APT 33 Iran is building up its cyber capabilities and the emergence of a group of hackers, dubbed APT33, has given rise to concerns the nation's cyberwarfare units are looking to launch destructive attacks on critical infrastructure, energy and military bodies. Meet APT33: A Gnarly Iranian Hacker Crew Threatening Destruction |Forbes Threat data, IOCs and information on APT33, aka greenbug | OTX Data breaches and Class action lawsuits Should individuals whose data has been breached have the right to sue companies? It’s a tricky question, and one that the courts are seemingly having trouble on deciding on. Recently, a judge dismissed two consolidated class actions by more than 21m federal employees who had information breached by the Office of Personnel Management (OPM). The Judge concluded that the federal employees could not establish their threshold right to sue in federal court because they had not shown they faced imminent risk of identity theft, even though nearly two dozen of those named in the class actions claimed their confidential information has already been misused. Hopefully things will change going forward. The problem with identity theft is that it’s not time-dependant. An attacker could hoard details for a long period before committing a crime. And even when an identity is stolen, it is difficult to tie back to where the breach occurred. OPM Data Breach Lawsuit Tossed, Fed Plaintiffs will Appeal | Dark Reading OPM Says Gov't Workers' Data Breach Suit Fails | Law360 In the long run, class actions may not be the best way to redress data breaches | Reuters Somewhat related, My three years in identity theft hell | Bloomberg The Ghost of Windows XP As the lyrics go, “They stab it with their steely knives, but they just can’t kill the beast.” In this case, the beast seems to be Win XP, which, despite being woefully outdated, continues to make its presence felt. The latest announcement being that a fifth of the Manchester police department are running Win XP. Manchester police still relies on Windows XP | BBC Manchester Police are using Windows XP on one in five computers | V3 When insurance goes too far Melina Efthimiadis along with her husband wanted to add personal umbrella liability insurance to their Nationwide homeowner's policy. She says they have been low risk clients so she didn't think it would be a problem. In the application process for Nationwide, Melina says they had to write down the number of dogs they owned and their breeds, wh | Guideline | CCleaner APT33 APT 33 | |
|
2017-09-21 17:54:36 | Iranian APT33 Targets US Firms with Destructive Malware (lien direct) | APT33 targets petrochemical, aerospace and energy sector firms based in U.S., Saudi Arabia and South Korea with destructive malware linked to StoneDrill. | APT33 APT 33 | ||
 |
2017-09-21 09:31:03 | Iranian hacking group APT33 creators of destructive malware (lien direct) | Advanced Persistent Threat 33, an Iranian hacking group, has been linked to a series of breaches of companies in the aerospace, defense, and petrochemical industries in countries as wide-ranging as Saudi Arabia, South Korea, and the US. View Full Story ORIGINAL SOURCE: Wired | APT33 APT 33 | ★★★★★ | |
|
2017-09-21 06:57:39 | FireEye révèle les activités du groupe iranien APT33 (lien direct) | FireEye, le spécialiste de la sécurité des réseaux basée sur l'intelligence, annonce les détails d'un groupe de "hackers" iranien aux capacités potentiellement destructrices, qu'il a baptisé APT33. Ce groupe a déjà ciblé les secteurs de l'énergie et de l'aéronautique. |
APT33 APT 33 | ||
|
2017-09-21 06:25:15 | (Déjà vu) Iranian cyber spies APT33 target aerospace and energy organizations (lien direct) | The Iran-linked APT33 group has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. According to security firm FireEye, a cyber espionage group linked to the Iranian Government, dubbed APT33, has been targeting aerospace and energy organizations in the United States, Saudi Arabia, and South Korea. The APT33 group has […] | APT33 APT 33 | ||
|
2017-09-20 11:53:19 | APT33: Researchers Expose Iranian Hacking Group Linked to Destructive Malware (lien direct) | Security researchers have recently uncovered a cyber espionage group targeting aerospace, defence and energy organisations in the United States, Saudi Arabia and South Korea.
According to the latest research published Wednesday by US security firm FireEye, an Iranian hacking group that it calls Advanced Persistent Threat 33 (or APT33) has been targeting critical infrastructure, energy and
|
APT33 APT 33 | ||
|
2017-09-20 09:00:00 | Aperçu du cyber-espionnage iranien: APT33 cible les secteurs de l'aérospatiale et de l'énergie et a des liens avec des logiciels malveillants destructeurs Insights into Iranian Cyber Espionage: APT33 Targets Aerospace and Energy Sectors and has Ties to Destructive Malware (lien direct) |
Lorsque vous discutez des groupes de pirates suspects du Moyen-Orient avec des capacités destructrices, beaucoup pensent automatiquement à la Groupe iranien présumé qui utilisait auparavant Shamoon & # 8211;AKA distrtrack & # 8211;pour cibler les organisations dans le golfe Persique.Cependant, au cours des dernières années, nous avons suivi un groupe iranien suspect séparé et moins largement connu avec des capacités destructrices potentielles, que nous appelons APT33.Notre analyse révèle que l'APT33 est un groupe capable qui a effectué des opérations de cyber-espionnage depuis au moins 2013. Nous évaluons les œuvres APT33 à la demande du gouvernement iranien.
récent
When discussing suspected Middle Eastern hacker groups with destructive capabilities, many automatically think of the suspected Iranian group that previously used SHAMOON – aka Disttrack – to target organizations in the Persian Gulf. However, over the past few years, we have been tracking a separate, less widely known suspected Iranian group with potential destructive capabilities, whom we call APT33. Our analysis reveals that APT33 is a capable group that has carried out cyber espionage operations since at least 2013. We assess APT33 works at the behest of the Iranian government. Recent |
Malware | APT33 APT 33 APT 33 | ★★★★ |
1
We have: 35 articles.
We have: 35 articles.
To see everything:
Our RSS (filtrered)
