Hacktivist attacks surge on U.S. targets after Iran bombings, with groups claiming DDoS hits on military, defense, and financial sectors amid rising tensions.
The U.S. has become a target in the hacktivist attacks that have embroiled several Middle Eastern countries since the start of the Israel-Iran conflict.
Several hacktivist groups have claimed DDoS attacks against U.S. targets in the wake of U.S. airstrikes on Iranian nuclear sites on June 21.
The attacks—most notably from hacktivist groups Mr Hamza, Team 313, Cyber Jihad, and Keymous+—targeted U.S. Air Force domains, major U.S. Aerospace and defense companies, and several banks and financial services companies.
The cyberattacks follow a broader campaign against Israeli targets that began after Israel launched attacks on Iranian nuclear and military targets on June 13. Israel and Iran have exchanged missile and drone strikes since the conflict began, and Iran also launched missiles at a U.S. military base in Qatar on June 23.
The accompanying cyber warfare has included DDoS attacks, data and credential leaks, website defacements, unauthorized access, and significant breaches of Iranian banking and cryptocurrency targets by Israel-linked Predatory Sparrow. Electronic interference with commercial ship navigation systems has also been reported in the Strait of Hormuz and the Persian Gulf.
Pro-Russian and pro-Palestinian hacktivist groups share a common adversary in France, leading to coordinated cyberattacks against the country.
Russian hacktivist groups Z-Pentest and People’s Cyber Army escalate attacks on U.S. energy and water systems. Learn about their tactics and how to mitigate risks
A critical PHP vulnerability (CVE-2022-31631) could expose websites and applications to SQL injection attacks, leading to data breaches and system compromise.
WordPress plugins are under active attack, a new banking trojan is spreading, and phishing and brute-force attacks continue unabated.
A cloud extortion campaign exploited misconfigured AWS .env files to target 110,000 domains, stealing credentials and ransoming cloud storage data.
Cyble observes how Dark Web forums reveal ServiceNow users falling victim to a Remote Code Execution vulnerability, which exposes sensitive data & escalates risks across sectors.
CRIL investigates DragonForce Ransomware and its links to a leaked LOCKBIT Builder.
Cyble analyzes the increasing incidences of vulnerabilities in Fortinet, highlighting the impact they have on Critical Infrastructure.
Cyble Research & Intelligence Labs examines the Linux variant of Akira Ransomware and assesses its impact on various sectors.
Cyble analyses Darkrace Ransomware, a new ransomware group shares similarities with infamous LockBit Ransomware.
CRIL analyzes AMOS, a stealthy new information stealer targeting macOS and disseminating stolen information via Telegram.
CRIL analyses the anatomy of a new ransomware group named Money Message, which can encrypt network shares and target both Windows and Linux.
CRIL analyzes Cylance, a new Ransomware variant that uses command-line options to target both Windows and Linux users.
Cyble Research & Intelligence Labs analyzes Cl0p ransomware which is rapidly gaining attention for its success in extorting businesses.
Open-Source Stealer Widely Abused by Threat Actors
The threat of InfoStealers is widespread and has been frequently employed by various Threat Actors (TA)s to launch attacks and make financial gains. Until now, the primary use of stealers by TAs has been to sell logs or to gain initial entry into a corporate network.
Cyble reflects on the identification of a forum administrator and two cybercriminals and how it impacts the wider cybercrime ecosystem.
Cyble analyzes how Threat Actors are using the recent buzz around ChatGPT to launch Phishing attacks using various methods.
Cyble Research & Intelligence Labs analyzes new strategies deployed by Qakbot to infect users via Microsoft OneNote.
Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,
