Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Resources
Iran Launches Brutal Cyber Attacks on Critical Infrastructure

Published:

Written by: Staff Editor
spot_img

Iranian Threat Actor Campaign Targets Critical Infrastructure Acces

Security agencies from the United States, along with international partners, have issued a warning about an ongoing Iranian cyber campaign that targets critical infrastructure through brute-force attacks. This campaign, which has been active for over a year, aims to compromise various sectors including healthcare, government, IT, engineering, and energy.

The FBI, CISA, NSA, and cybersecurity agencies from Canada and Australia have highlighted the need for organizations to enhance their security measures by ensuring strong passwords and implementing a second form of authentication on all accounts. The threat actors behind this campaign are selling access to compromised infrastructure to cybercriminals.

The advisory follows recent reports of Iranian threat actors targeting political organizations to undermine confidence in U.S. democratic institutions. Additionally, there have been instances of these threat actors selling critical infrastructure access to ransomware groups.

The Iranian threat actors have been employing brute-force techniques like password spraying and MFA ‘push bombing’ to gain access to user accounts within organizations. They then proceed to obtain sensitive information and credentials to facilitate further access.

Among the targeted systems are Microsoft 365, Azure, and Citrix, where the threat actors exploit vulnerabilities to register their devices with MFA and gain persistent access. They also utilize VPN services, Remote Desktop Protocol, and various tools to extract credentials and information from compromised networks.

The advisory includes indicators of compromise to help organizations detect and prevent brute-force attacks, as well as specific file hashes associated with the Iranian campaign. Notably, one of the identified file hashes had gone undetected by the majority of security tools before the advisory was issued.

Security teams are urged to remain vigilant against such cyber threats and monitor their systems for any signs of malicious activity.Enhanced security measures are crucial in mitigating the risks posed by these Iranian threat actors targeting critical infrastructure.

spot_img

Related articles

Recent articles

Eid Al Adha Weather Forecast for UAE: Expect Rain and High Humidity

Regional
Weather Forecast for Eid Al Adha Holidays in the UAE The United Arab Emirates is bracing for potentially rainy weather during the upcoming Eid Al...
Read more

Google Uncovers Vishing Group UNC6040 Using Fake Data Loader to Target Salesforce

Global
Rise of Vishing Campaigns: Understanding the Threat from UNC6040 Overview of the Threat In recent cybersecurity news, Google has identified a new threat cluster, known as...
Read more

57 Million Cookies from Irish Users Exposed on Dark Web, Says NordVPN

Dark Watch
The Rising Threat of Stolen Cookies: What You Need to Know In recent findings from NordVPN, a leading provider of virtual private networks, an alarming...
Read more

DFSA Approves RLUSD as Official Crypto Token for DIFC Use

Knowledge Hub
Ripple's RLUSD Stablecoin: A Game-Changer in Dubai's Financial Landscape A New Era of Stablecoins In a significant move for both Ripple and the digital asset sector,...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com