Category: Middle East

Global Weekly Executive Summary, 13 April 2018

State of Hawaii Targeted in Iranian Data Theft The U.S. Department of Justice’s recent indictment of nine Iranians accused of conducting cyberattacks contained a list of targeted organizations that included the State of Hawaii. This announcement coincided with “unusual activity” noted in dozens of State of Hawaii email accounts. On March 23rd, the U.S. Department […]

Global Weekly Executive Summary, 19 JAN 2018

Dark Caracal Summary A newly discovered global cyberespionage threat group has ties to a government intelligence agency in Lebanon, according to a joint report from Lookout Mobile Security and the Electronic Frontier Foundation (EFF). The previously unknown threat group has been named “Dark Caracal” by Lookout, a San Francisco-based mobile security company. The joint report released […]

Global Weekly Executive Summary, 20 OCT 2017

British Intelligence Suspects Iran in Parliament Email Attacks British intelligence now suspects that Iran was the source of the June 2017 brute force attacks against 9,000 UK Parliament email accounts. Key Details: On 23 June of 2017, 9,000 UK parliamentary email accounts were targeted in a 12-hour long brute force attack that included 200,000 attempts […]

Mia Ash and the Cobalt Gypsy Iranian Threat Group

Cobalt Gypsy, the Iranian threat group believed to be behind the Shamoon and Shamoon2 destructive wiper attacks that rendered 25,000 computers at oil company Saudi Aramco unusable, may be connected to the false online persona “Mia Ash” used in spear phishing campaigns across the Middle East/ North Africa (MENA) region. “Mia Ash,” a fictional online […]

NotPetya Ransomware Disrupts Merck Vaccine Production

Merck, a global leader in drug and vaccine production, may be unable to produce hepatitis B vaccines until 2018 because of worldwide production disruptions resulting from the NotPetya ransomware attacks in June. In late June 2017, Merck, one of the “big four” of the world’s leading vaccine producers, reported that its computer systems were affected […]

Petya Group Bitcoins on the Move, New Message Posted

Petya Group Bitcoins on the Move, New Message Posted The hacking group behind Petya/NotPetya/ExPetr withdrew all bitcoins from the bitcoin wallet associated with the ransomware on Tuesday, July 4th, moving the money to a new bitcoin wallet. The already confusing story of the Petya attacks gets even stranger.  Security researcher Kevin Beaumont, aka @GossiTheDog, reported via […]

Global Weekly Executive Summary June 2, 2017

WannaCry Attribution Security researchers around the world have identified clues linking the global WannaCry cyberattacks to Lazarus Group, a prolific hacking group with suspected ties to North Korea, but is the WannaCry ransomware the work of a nation-state or does it just feel that way? Security researchers studying early versions of WannaCry, including those working […]

Hajime vs. Mirai, A Botnet Battle?

The Hajime worm spreading through unsecured IoT devices seems to be purposely making them more secure. Hajime vs Mirai Last October, the Mirai botnet launched the largest ever distributed denial of service (DDoS) attacks against DNS provider Dyn, causing websites like Amazon, Twitter, and PayPal to be inaccessible for several hours across the US and […]

Shadow Brokers Dump More Stolen NSA Tools

On Friday, the hacking group The Shadow Brokers released another batch of files that they say were taken from the NSA. After analyzing the files, security researchers found two key pieces of information that reveals more about how the NSA operates. Windows Exploits: This info dump included exploit tools that could be used to compromise […]

Pro-ISIS Site Hacked to Spread Malware

The Amaq news agency, the official news site of the Islamic State, was taken offline last Thursday after warning its readers that it had been hacked and that visitors to the site were being prompted to download a malicious FlashPlayer file. Amaq news agency and other IS-affiliated sites have been repeatedly attacked in the past. […]