U.S. Cost Guard issues a Safety Alert with recommended cyber security best practices. It’s seem the ICT extension of the Iranian aggressive campaign in the Hormuz Strait.
Positive Technologies cyber security experts: Government agencies targeted with a spear-phishing campaign. The messages had macro weaponized.
The cyber security experts: Targets are government and critical infrastructures, as oil and gas. But this happened before CYBERCOM strike. There are risks of back-and-forth cyber warfare.
Symantec cyber security experts: The group, aka Turla, launched 3 campaigns: one with Neptun malware, another with Meterpreter and the last one with custom RPC backdoor.
Trend Micro cyber security expert: So far observed more than 660 Android devices infected with GolfSpy malware. Much of the information being stolen appear to be military-related.
Trend Micro cyber security experts: The Iranian state-sponsored APT is using new tools and payloads, which indicates that it’s continuously developing the schemes.
Cyberscoop: It’s name will be Bureau of Cyberspace Security and Emerging Technologies (CSET). DoS sent a plan to the Congress with a proposes staff of 80.
The cyber security expert, Marco Ramilli, analyzed it to match the clues e find if Iranian state-sponsored hackers are behind the operation. Something says Yes, something diverge.
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Palo Alto cyber security experts: The APT exploited a recently patched remote code execution vulnerability to upload a variety of tools. From Mimikatz to HyperBro.