21 Jan 2022

What next for Iran and Russia ties after Raisi-Putin meeting?

Ebrahim Raisi expressed hope that the first visit to Moscow by an Iranian president in almost five years would lead to a turning point in relations with Russia. During a three-hour meeting on Wednesday, Raisi and Vladimir Putin supported improving bilateral ties and discussed regional and international issues. Iran’s petroleum

Read More
19 Jan 2022

Man Charged with Smuggling Tech Exports to Iran

Kambiz Attar Kashani, a 44 year-old with dual citizenship to the US and Iran, has been charged with violating sanctions by exporting IT goods and services to the latter country. Kashani was arrested last Friday on charges of conspiring to illegal export to the Central Bank of Iran. Kashani reportedly

Read More
04 Jan 2022

Iran Sends Rocket Into Space Amid Faltering Nuclear Talks

On Thursday, Iran reportedly launched a rocket into space containing three research devices. The launch drew attention to Tehran’s missile ambitions amid faltering international negotiations regarding its nuclear program. The rocket launched by Iran last week is called the Simorgh and is designed to carry satellites. The spacecraft went up

Read More
03 Jan 2022

Log4Shell Exploit Used in Cox Media Group Ransomware Attack Attributed to Iranian Hackers

In June of last year, Cox Media Group (CMG) IT systems and live streams were the targets of a ransomware attack. The Microsoft Threat Intelligence Center (MSTIC) has attributed the attack to an Iranian threat actor, codenamed DEV-0270, a group linked to multiple intrusions of US companies. The attack is part of larger trends in Iranian hacker activity globally identified by the MSTIC. This attribution is also one of many Log4Shell vulnerability headlines of the last three weeks, as DEV-0270 (also known as Phosphorus) exploited Log4Shell in Log4j for initial access to the CMG systems. 

Read More
29 Dec 2021

Syria Accuses Israel of Striking Its Main Commercial Port

The Syrian Defense Ministry has reported that Israeli missiles struck Syria’s port of Latakia on Tuesday, resulting in major damage and large fires. This marks the second such attack on the facility in December alone. The missiles were reportedly fired from the Mediterranean and targeted the commercial port’s container yard.

Read More
27 Dec 2021

What’s In Store for Nation State Cyber Activity in 2022?

As 2021 winds down, online cybersecurity journals and cyber experts are providing their cyber threat forecasts for the new year. Ransomware, cloud security, supply chain attacks, and of course critical infrastructure are common themes in many of these prognostications. Cybercrime will continue to flourish, data privacy will remain at the forefront of many privacy advocates’ minds, and security proponents will beat the drum of the implementation of “zero trust” strategies for their enterprises. Nation-states will invariably dominate the 2022 news cycle with respect to malicious cyber activities.

Read More
17 Dec 2021

Iran Joins the Cyber Sovereignty Debate

In December 2021, Iran’s Ambassador to the United Nations issued a formal statement rejecting Iran’s use of force in cyberspace. In the statement, the Ambassador acknowledged Iran’s victimization by cyber-attacks, underscoring the 2010 Stuxnet attack that directly impacted a key infrastructure by disrupting its nuclear enrichment process. A key component in this address was Iran’s assertion of a series of principles including the rights of state sovereignty in cyberspace, rejection of states using the digital domain to interfere in the internal affairs of other states, and codifying and implementing a legally-binding measure for responsible state behavior in cyberspace.

Read More
16 Dec 2021

Suspected Iranian hackers target airline with new backdoor

On Wednesday, cybersecurity researchers at IBM’s Security X-Force confirmed that an Asian airline was the target of a cyberattack conducted by a suspected state-sponsored Iranian threat group. The attack likely began in October 2019 and lasted until 2021. The attack leveraged a never-before-seen backdoor, according to researchers. Researchers suspect the

Read More
02 Dec 2021

Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users

Attackers are impersonating the Iranian government in the latest SMS malware campaign against Iranian residents. The attackers are using socially engineered messages to compromise devices, seeking bank credentials. The campaign targets Android users by installing bank information-stealing malware that can exfiltrate credit card data and siphon money from financial accounts.

Read More
02 Dec 2021

Iran-Israel Cyber Conflict Shows Leadership Needed to Curb Critical and Civilian Infrastructure Targeting

Over the course of several months, Israel is suspected of perpetrating several attacks that have disrupted key services in Iran. Not one to play victim, Iran has been retaliating in its own way, targeting Israeli targets as well. While the two countries have engaged one another covertly in most domains (air, land, sea, and cyberspace), for the past year both have appeared to move away from traditional symbols of state power such as military sites, individuals of interest, or government facilities, to civilian infrastructure. The intent of these attacks is quite clear: to inflict pain on the civilian communities in their respective countries in a show that neither government can protect them.

Read More