To obtain administrative credentials the attackers deployed Mimikatz, an open-source tool for extracting local credentials. They dumped the Windows Security Accounts Manager (SAM) and…
Iranian
-
-
HackingNewsSecurity
Iranian cyberspies target thousands of organizations with password spray attacks
For a subset of compromised accounts, the attackers used AzureHound and ROADtools, two open-source frameworks that can be used to conduct reconnaissance in Microsoft…
-
A cyberespionage group tied to the Iranian government that’s known for its sophisticated and highly targeted phishing lure was recently observed switching payload delivery…
-
A cyberespionage group believed to be associated with the Iranian government has been infecting Microsoft Exchange Servers with a new malware implant dubbed BellaCiao…
-
Iranian state-sponsored threat actor, Educated Manticore, has been observed deploying an updated version of Windows backdoor PowerLess to target Israel for phishing attacks, according to…
-
Recent destructive attacks against organizations that masquerade as a ransomware operation called DarkBit are likely performed by an advanced persistent threat (APT) group that’s…