This report provides an overview of ongoing Iran-linked cyber operations, highlighting activity attributed to state-aligned proxies and hacktivist groups. The vulnerabilities listed are suspected to be exploited by actors associated with Iran in real-world campaigns, consistent with observed tactics, techniques, and procedures (TTPs). Iran-linked operations continue to rely on distributed, lower-complexity techniques, including phishing, DDoS, data exfiltration, and destructive attacks. Initial access is primarily achieved through exploitation of known, unpatched vulnerabilities and exposed edge infrastructure, reflecting a persistent and opportunistic threat posture targeting government, critical infrastructure, and enterprise environments. – Read more
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
