CyberSecurityBoard
Sponsor Register Login

Iran Nexus Hackers Abuses Omani Mailbox to Target Middle East

The Iran Nexus hacking group has been exploiting an Omani government mailbox to conduct cyber espionage across the Middle East. This sophisticated campaign involves leveraging the compromised mailbox to launch targeted phishing attacks and distribute malware, aiming to infiltrate sensitive government and private sector networks. The attackers focus on gathering intelligence and disrupting regional stability by exploiting vulnerabilities in email security protocols. This incident highlights the growing threat posed by state-sponsored cyber actors in the Middle East and underscores the importance of robust cybersecurity measures, including email security enhancements and continuous monitoring. Organizations in the region are urged to strengthen their defenses against such advanced persistent threats by adopting multi-factor authentication, regular security audits, and employee awareness training. The Iran Nexus group's tactics, techniques, and procedures (TTPs) demonstrate a high level of operational security and adaptability, making detection and mitigation challenging. This case serves as a critical reminder of the evolving cyber threat landscape and the need for international cooperation to combat cyber espionage activities effectively.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 02 Sep 2025 18:30:19 +0000


Cyber News related to Iran Nexus Hackers Abuses Omani Mailbox to Target Middle East

Iran Nexus Hackers Abuses Omani Mailbox to Target Middle East - The Iran Nexus hacking group has been exploiting an Omani government mailbox to conduct cyber espionage across the Middle East. This sophisticated campaign involves leveraging the compromised mailbox to launch targeted phishing attacks and distribute ...
4 hours ago Cybersecuritynews.com Iran Nexus
Ransomware Attacks Strike South Africa, Decline in UAE - Cybercrime - and especially ransomware - traditionally have had an uneven impact across the Middle East and Africa, yet recent data suggests that ongoing geopolitical conflicts will likely raise the overall level of cyberattacks across the regions. ...
1 year ago Darkreading.com Molerats LockBit
In Cyberattacks, Iran Shows Signs of Improved Hacking Capabilities - You have a preview view of this article while we are checking your access. When we have confirmed access, the full article content will load. A monthslong hacking campaign targeted the governments of regional rivals, including Israel, and marked a ...
1 year ago Nytimes.com
Africa, Middle East Lead Peers in Cybersecurity, but Lag Globally - Both Africa and the Middle East lead their economic peers in cybersecurity, but the regions fall short of claiming strong scores for overall cyber resilience. According to data published by SecurityScorecard on Jan. 15 at the World Economic Forum ...
1 year ago Darkreading.com
Iranian 'Seedworm' Cyber Spies Target African Telcos & ISPs - An Iran-backed cyberespionage group is actively targeting telcos in North and East Africa. According to security researchers at Symantec, the latest cyberattacks by the advanced persistent threat it calls Seedworm are targeting ...
1 year ago Darkreading.com
CVE-2018-0306 - A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An ...
4 years ago
CVE-2017-3883 - A vulnerability in the authentication, authorization, and accounting (AAA) implementation of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to ...
2 years ago
CVE-2018-0331 - A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) ...
2 years ago
CVE-2018-0303 - A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected ...
2 years ago
Iran-Israel Cyber War Goes Global - Iran's cyber conflict with Israel has reached global proportions, with cyberattacks against businesses and government agencies on other continents causing arguably as much ruckus as those in Israel itself. While US military bases and international ...
1 year ago Darkreading.com
CVE-2017-12329 - A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation ...
5 years ago
CVE-2018-0295 - A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is ...
5 years ago
Middle East Cybersecurity Teams Want More Budget - More than half of cybersecurity leaders in the Middle East cite a lack of funding as the top challenge in doing their jobs. According to new research from Deloitte, some 51% of respondents cited the lack of funding, compared to 36% of security ...
1 year ago Darkreading.com
CVE-2017-12334 - A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to ...
7 years ago
CVE-2017-12336 - A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive TCL shell and gain unauthorized access to the underlying operating system of the device. The ...
7 years ago
CVE-2017-12339 - A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An ...
7 years ago
CVE-2017-12301 - A vulnerability in the Python scripting subsystem of Cisco NX-OS Software could allow an authenticated, local attacker to escape the Python parser and gain unauthorized access to the underlying operating system of the device. The vulnerability exists ...
5 years ago
CVE-2017-12338 - A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could ...
5 years ago
CVE-2018-0291 - A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly. The ...
5 years ago
CVE-2018-0292 - A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. The attacker could also ...
5 years ago
CVE-2018-0293 - A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. The attacker would have to possess valid user ...
5 years ago
CVE-2018-0307 - A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. The vulnerability is due to insufficient input validation of command arguments. An attacker ...
4 years ago
Iran-linked hackers claim to leak troves of documents from Israeli hospital - A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers. In a cyberattack on Ziv Medical Center in the city of Safed, near the border with Syria and ...
1 year ago Therecord.media MuddyWater
Hacktivists say they shut down Iran's gasoline pumps The Register - Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack. Iran's oil minister Javad Owji confirmed on Monday the IT systems of the nation's petrol stations had been attacked as ...
1 year ago Go.theregister.com
Hacktivists say they shut down Iran's gasoline pumps The Register - Hacktivists reportedly disrupted services at about 70 percent of Iran's gas stations in a politically motivated cyberattack. Iran's oil minister Javad Owji confirmed on Monday the IT systems of the nation's petrol stations had been attacked as ...
1 year ago Packetstormsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)