CyberSecurityBoard
Sponsor Register Login

Iran-linked Threat Group Handala Actively Targets Israel

Iran has recently stepped up its cyberattacks and influence campaigns heading into the U.S. presidential election, including a high-profile breach and data exfiltration of the Trump campaign, data that has so far gone unpublished by U.S. news media – in contrast to the widespread publication of Democratic National Committee emails stolen by Russian hackers in 2016. Despite the significant cyber threats, U.S. cyber and national security officials say election infrastructure is secure, and the bigger threat is disinformation – a view confirmed by Cyble threat intelligence researchers in an exhaustive look at the U.S. election and related dark web activity. Handala’s most dramatic claim – that they’ve discovered a backdoor in widely used Vidisco security scanners that allowed explosives used in pager attacks in Lebanon last month to go undetected – remains unconfirmed, but Beaumont said he has confirmed that a breach of Vidisco did occur. Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including award-winning articles on endpoint security and virtual data centers, and a report exposing critical security flaws in a major SIEM system. The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats. Iran-linked Threat Group Handala Actively Targets Israel Handala’s most explosive allegations remain unproven, but the Iranian threat group’s activities have resulted in frequent account and website takedowns. While Handala’s claims have gone largely unnoticed and uncorroborated, the threat group’s websites, social media and Telegram accounts have been repeatedly taken down quickly, suggesting significant interest in limiting the group’s reach. Iranian threat actors have also targeted critical infrastructure in the U.S. and elsewhere, and Iran has also become a target of attacks, including an attack on the country’s banking system in mid-August.

This Cyber News was published on thecyberexpress.com. Publication date: Wed, 02 Oct 2024 05:43:05 +0000


Cyber News related to Iran-linked Threat Group Handala Actively Targets Israel

Iran-linked Threat Group Handala Actively Targets Israel - Iran has recently stepped up its cyberattacks and influence campaigns heading into the U.S. presidential election, including a high-profile breach and data exfiltration of the Trump campaign, data that has so far gone unpublished by U.S. news media ...
10 months ago Thecyberexpress.com
Iran-Israel Cyber War Goes Global - Iran's cyber conflict with Israel has reached global proportions, with cyberattacks against businesses and government agencies on other continents causing arguably as much ruckus as those in Israel itself. While US military bases and international ...
1 year ago Darkreading.com
Ransomware Attacks Strike South Africa, Decline in UAE - Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa, yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. ...
1 year ago Darkreading.com Molerats LockBit
Iranian 'Seedworm' Cyber Spies Target African Telcos & ISPs - An Iran-backed cyberespionage group is actively targeting telcos in North and East Africa. According to security researchers at Symantec, the latest cyberattacks by the advanced persistent threat it calls Seedworm are targeting ...
1 year ago Darkreading.com
Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft - In the context of the Israel-Hamas conflict, Iran's offensive operations against Israel were initially reactive and chaotic, but quickly ramped up and expanded in scope, Microsoft says. Immediately after October 7, Iranian threat actors were seen ...
1 year ago Securityweek.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
1 month ago Cybersecuritynews.com
Israel Battles Spike in Wartime Hacktivist, OT Cyberattacks - For Israel, 2023 will be remembered as the beginning of the war in Gaza after the devastating Hamas terror attacks on Oct. 7. The conflict spread to the cyber realm, with hacktivists on both sides declaring their intentions to conduct cyberattacks. ...
1 year ago Darkreading.com POLONIUM
'Cyber Toufan' Hacktivists Leaked 100-Plus Israeli Orgs in One Month - Since mid-November, one Iran-linked hacktivist group has managed to breach more than 100 organizations in and around Israel, wiping servers, leaking sensitive data, and spreading follow-on attacks down the supply chain. Since October 7, anti-Israel ...
1 year ago Darkreading.com
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
1 year ago Infosecurity-magazine.com
Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
1 year ago Securityaffairs.com CVE-2024-23222 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109
Iran-linked hackers claim to leak troves of documents from Israeli hospital - A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers. In a cyberattack on Ziv Medical Center in the city of Safed, near the border with Syria and ...
1 year ago Therecord.media MuddyWater
How Israel Is Defending Against Iran's Drone Attack - On Saturday, Iran launched more than 200 drones and cruise missiles at Israel. As the drones made their way across the Middle East en route to their target, Israel has invoked a number of defense systems to impede their progress. The Iron Dome, ...
1 year ago Wired.com Rocke
Hacktivists say they shut down Iran's gasoline pumps The Register - Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack. Iran's oil minister Javad Owji confirmed on Monday the IT systems of the nation's petrol stations had been attacked as ...
1 year ago Go.theregister.com
Hacktivists say they shut down Iran's gasoline pumps The Register - Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack. Iran's oil minister Javad Owji confirmed on Monday the IT systems of the nation's petrol stations had been attacked as ...
1 year ago Packetstormsecurity.com
In Cyberattacks, Iran Shows Signs of Improved Hacking Capabilities - You have a preview view of this article while we are checking your access. When we have confirmed access, the full article content will load. A monthslong hacking campaign targeted the governments of regional rivals, including Israel, and marked a ...
1 year ago Nytimes.com
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy - Israel's critical infrastructure is under threat from an Iranian proxy hacking group operating in Lebanon. Iran's partnership with armed militant groups throughout the Middle East is well documented. According to Microsoft, in the spring of 2022 ...
1 year ago Darkreading.com Dark Caracal POLONIUM Volatile Cedar
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
1 year ago Securityweek.com
OilRig targets Israel organizations with new lightweight downloaders - ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of special interest, all located in Israel. They include an organization in the ...
1 year ago Helpnetsecurity.com APT3 OilRig
Iranian ransomware group offers bigger payouts for attacks on Israel, US | The Record from Recorded Future News - Researchers believe Pay2Key.I2P collaborates with operators of the Mimic ransomware, which uses code from the defunct Conti gang — whose tools were leaked after it publicly supported Russia’s invasion of Ukraine. An Iranian ransomware gang has ...
1 month ago Therecord.media Fox Kitten
Meta Facebook, Instagram Iran's Supreme Leader - Iran's Supreme Leader, Ayatollah Ali Khamenei, has his Facebook and Instagram accounts permanently removed by Meta. Meta Platforms has stepped into the ongoing geopolitical tensions between the United States and Iran, with a notable move against that ...
1 year ago Silicon.co.uk
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
10 months ago Securelist.com
Fake F5 BIG-IP zero-day warning emails push data wipers - The Israel National Cyber Directorate warns of phishing emails pretending to be F5 BIG-IP zero-day security updates that deploy Windows and Linux data wipers. Israel's National Cyber Directorate acts as the CERT responsible for protecting the country ...
1 year ago Bleepingcomputer.com
Iran-Linked 'OilRig' Cyberattackers Target Israel's Critical Infrastructure, Over & Over - Prolific Iranian advanced persistent threat group OilRig has repeatedly targeted several Israeli organizations throughout 2022 in cyberattacks that were notable for leveraging a series of custom downloaders that use legitimate Microsoft cloud ...
1 year ago Darkreading.com OilRig
ICS at Multiple US Water Facilities Targeted by Hackers Affiliated With Iranian Government - The hackers behind recent cyberattacks targeting industrial control systems at water facilities in the US are affiliated with the Iranian government, according to security agencies in the United States and Israel. The FBI, CISA, the NSA, the EPA and ...
1 year ago Securityweek.com
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793 - As part of this analysis, we look at threat actor TTPs employed throughout the intrusion and how they were identified and pieced together by the FortiGuard IR team. The following section of this report focuses on the activities of one of these threat ...
1 year ago Feeds.fortinet.com CVE-2023-42793 APT29

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)