iran
Iran’s Internet Went to Zero on Jan 8—Will Account Takeovers Spike in the Next 2–3 Weeks?
Iran’s internet goes dark → attackers don’t stop. They speed-run creds and hit post-auth collection the moment connectivity blips back. ⏱️🔑👀
iran
weekly
SIGNALS WEEKLY: Holiday Patch Panic: Cisco AsyncOS Zero-Day + KEV Edge Rush
🎄 Zero-day season: Cisco AsyncOS exploited + KEV edge scramble. 🧯 VNC-to-HMI + cloud C2 (Drive/Telegram) keep paying rent.
ta558
SteganoAmor: TA558’s image-hidden malware targets oil, gas & maritime
TA558’s “SteganoAmor” campaign leverages steganography to deliver commodity malware across oil, gas, maritime, and industrial targets. The group’s use of image-embedded payloads and compromised infrastructure...
predatory-sparrow
Predatory Sparrow: Pro-Israel Hacktivist Group’s Destructive Cyber Operations Against Iranian Critical Infrastructure
Predatory Sparrow (Gonjeshke Darande) is a pro-Israel hacktivist group, likely state-affiliated, that has escalated destructive cyber operations against Iranian critical infrastructure since the early 2020s. Their attacks—most recently the June 2025 disruption of Bank Sepah—employ ransomware...
iran
Iranian Cyber Operations 2025: Escalation, Ransomware Collaboration, and Critical Infrastructure Targeting
Iranian cyber threat actors have evolved into highly capable, multi-motivated operators, leveraging both state sponsorship and ransomware affiliate partnerships to conduct espionage, sabotage, and financially motivated attacks. In 2025, the Iran-Israel conflict has catalyzed a surge in..
stealth-falcon
Stealth Falcon’s Zero-Day Offensive, OilRig’s Supply Chain Escalation, and the Evolving Middle Eastern APT Landscape
Stealth Falcon, OilRig, Molerats, and Dark Caracal represent the most active and sophisticated Middle Eastern APT groups, each aligned with state or political interests and employing advanced tactics for espionage, surveillance, and disruption. Stealth Falcon’s exploitation of CVE-2025-33053..
crypto
Cryptocurrency Evasion Tactics: The Houthi Network's Strategic Exploitation
The Houthi network, known for its involvement in the Yemeni conflict, has developed intricate operational methods to evade international sanctions and facilitate arms procurement through cryptocurrency...
iran
RESEARCH: Top Iranian Threat Actors in 2024 -- Who's Charming your Kitten?
Fox Kitten is identified as the most significant threat due to its extensive involvement in ransomware attacks and its ability to monetize access to compromised networks. The group has been active since 2017...