The Iranian Cyberthreat

Discussion in 'other security issues & news' started by itman, Mar 5, 2018.

  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,592
    Location:
    U.S.A.
    https://www.scmagazine.com/the-iranian-cyberthreat/article/748524/
     
  2. ravenise

    ravenise Registered Member

    Joined:
    Jul 18, 2009
    Posts:
    92
    When it comes to hacking most people use multi-hop VPN's and or hijack the operations of another PC remotely to obfuscate the origin of contact; Its too easy and totally untraceable. Any claims of "this country" or "that country" are bogus claims.
     
  3. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    Well said, it makes great news that Russia or NK has hacked someone, but in reality it is impossible to find out, unless it is done by script kiddies, who would be unable to hack anyone. Unfortunately majority of people do not understand, how it works and they are left to trust "experts", who just provide "facts" given by the government, like once they said, that they traced the hack to the Russian IP, rofl. In the meantime, the real cyberwarfare is waged in silence.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    APT33 devised a code injection technique dubbed Early Bird to evade detection by anti-malware tools
    https://securityaffairs.co/wordpress/71309/apt/apt33-early-bird.html
     
  5. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Bill Gates should be proud of the mass mess turned loose on an already wild world. :eek:
     
  6. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Holy crap, so this is yet another never seen before variation of the infamous "process hollowing" attack. I wonder which security tools could block this, I'm guessing not a whole lot.

    I know what you mean, how can you make an OS with so many attack vectors, and with no easy way to mitigate them all? And most of these "features" are not even used by legitimate software.
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
  8. guest

    guest Guest

    ‘Domestic Kitten’ Mobile Spyware Campaign Aims at Iranian Targets
    Spreading via fake Android apps, the malware lifts a range of sensitive information from victims’ devices.
    September 7, 2018

    https://threatpost.com/domestic-kitten-mobile-spyware-campaign-aims-at-iranian-targets/137304/
     
  9. guest

    guest Guest

    Report: Iranian APT Actors Regroup After Main Security Forum Shuts Down
    January 16, 2019
    https://securityledger.com/2019/01/...regroup-after-main-security-forum-shuts-down/
    Recorded Future Blog: The History of Ashiyane: Iran's First Security Forum
     
  10. guest

    guest Guest

    Iran-Linked Hackers Use Array of Tools to Steal Data: FireEye
    January 29, 2019
    https://www.securityweek.com/iran-linked-hackers-use-array-tools-steal-data-fireeye
    FireEye blog entry: APT39: An Iranian Cyber Espionage Group Focused on Personal Information
     
  11. guest

    guest Guest

    Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
    January 30, 2019
    https://securelist.com/chafer-used-remexi-malware/89538/
     
  12. guest

    guest Guest

    Tracking Iran’s cyberterrorism
    March 1, 2019
    http://www.arabnews.com/node/1459721/middle-east
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Given what we know about the NSA, Iran's efforts are at most a rounding error ;)
     
  14. guest

    guest Guest

    Cyber War and Iranian Cyber Army
    March 10, 2019
    https://cybershafarat.com/2019/03/1...the-name-of-ashrar-an-article-by-ashrar-team/
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Makes sense to me :)
     
  16. guest

    guest Guest

    Iran continues to be a major cyber threat to the Middle East
    Iranian hackers are linked to cyber attacks that targeted thousands of people at more than 200 companies globally
    April 1, 2019

    https://www.thenational.ae/business...ajor-cyber-threat-to-the-middle-east-1.843851
    CrowdStrike:
    Key Trends From the CrowdStrike 2019 Global Threat Report
    2019 CrowdStrike® Global Threat Report - Adversary Tradecraft and The Importance of Speed
     
  17. guest

    guest Guest

    Leak Reveals Activity of Iranian Hacking Group
    May 13, 2019
    https://www.securityweek.com/leak-reveals-activity-iranian-hacking-group
    ClearSky: "Iranian Nation-State APT Groups 'Black Box' Leak - Overview and Analysis of Exposed Documents"
    (PDF - 1.54 MB): https://www.clearskysec.com/wp-content/uploads/2019/05/Iranian-Nation-State-APT-Leak-Analysis-and-Overview.pdf
     
  18. ZMsiXone

    ZMsiXone Registered Member

    Joined:
    Mar 30, 2017
    Posts:
    326
    Location:
    EUROPE/poland/germany
    DHS CISA warns of Iranian hackers' habit of deploying data-wiping malware

    https://www.zdnet.com/article/dhs-c...ckers-habit-of-deploying-data-wiping-malware/
     
  19. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,063
    Location:
    Canada
    A few snippets taken from the article linked in the thread's original post:

    It's really nothing to get excited or up in arms about. Security threat Articles like that one are well written to scare people, just like a good horror movie.
     
  20. guest

    guest Guest

    The Kittens Are Back in Town Charming Kitten – Campaign Against Academic Researchers
    September 15, 2019
    https://www.clearskysec.com/the-kittens-are-back-in-town/
    Report: "The Kittens Are Back in Town - Charming Kitten Campaign Against Academic Researchers"
    (PDF - 1.13 MB): https://www.clearskysec.com/wp-content/uploads/2019/09/The-Kittens-Are-Back-in-Town-Charming-Kitten-2019.pdf
     
  21. guest

    guest Guest

    Group said to be behind campaign hack also going after cybersecurity researchers
    October 8, 2019
    https://www.cyberscoop.com/iran-hacking-clearsky-microsoft-charming-kitten/
     
  22. guest

    guest Guest

    ClearSky Report:
    The Kittens Are Back in Town 2 - Charming Kitten Campaign Keeps Going on, Using New Impersonation Methods - October 2019
    (PDF - 1.43 MB): https://www.clearskysec.com/wp-content/uploads/2019/10/The-Kittens-Are-Back-in-Town-2.pdf
     
  23. guest

    guest Guest

    Iranian hacking group built its own VPN network
    November 14, 2019
    https://www.zdnet.com/article/iranian-hacking-group-built-its-own-vpn-network/
    Trend Micro: More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
     
  24. guest

    guest Guest

    Charming Kitten Hackers Impersonate Journalist in Phishing Attacks
    February 5, 2020
    https://www.bleepingcomputer.com/ne...s-impersonate-journalist-in-phishing-attacks/
     
    Last edited by a moderator: Feb 5, 2020
  25. guest

    guest Guest

    Iranian hackers have been hacking VPN servers to plant backdoors in companies around the world
    February 16, 2020
    https://www.zdnet.com/article/irani...lant-backdoors-in-companies-around-the-world/
    ClearSky: Fox Kitten – Widespread Iranian Espionage-Offensive Campaign
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.