Iranian Hackers Attack Corporate IT Networks

Iranian groups are busy hacking companies around the world. Now, by exploiting newly disclosed bugs in VPNs, they’ve been inserting sophisticated, hard-to-find backdoors and security researchers have been warning since last August that attackers have been hacking unpatched VPN servers to gain remote access to corporate networks.

The experts at  ClearSky says that at least three advanced persistent threat groups, all with apparent ties to the Iranian government, have been hitting unpatched Fortinet, Pulse Secure and Palo Alto Networks VPN servers and Citrix remote gateways.

Computer experts working on behalf of the Islamic Republic have successfully hacked into hundreds of Israeli computers in a massive cyber-attack which was carried out last year. Citing an internal report commissioned by cyber security company ClearSky, Israeli daily Yedioth Ahronoth revealed recently that Iran successfully conducted a wide-scale data mining operation that collected intelligence information from numerous governments, including Israel.
 
The data breach also compromised "numerous companies and organizations from the IT, Telecommunication, Oil and Gas, Aviation, Government, and Security sectors around the world."

The CEO of Clearsky Boaz Dolev told reportes that despite the cyber-attack, it was unlikely Tehran was able to acquire any information concerning advanced nuclear technology. "They can't even get close to such information," he said

The ongoing campaign, which ClearSky researchers call "Fox Kitten," has been targeting numerous sectors, including IT, telecommunications, oil and gas, aviation and security, as well as several government agencies. Researchers say they have seen attackers hitting targets in the US, Israel, Australia, Saudi Arabia, Lebanon, Kuwait, United Arab Emirates and several European countries.

According to ClearSky, the cyber-attack was aimed at accomplishing four goals:

  • Develop and maintain access routes to the targeted organisations.
  • Steal valuable information from the targeted organisations.
  • Maintain a long-lasting foothold at the targeted organisations. 
  • Breach additional companies through supply-chain attacks.

"We estimate the campaign revealed in this report to be among Iran’s most continuous and comprehensive campaigns revealed until now," ClearSky say in the report.

ClearSky:     i24News:      Security Boulevard:      BankInfoSecurity:

You Might Also Read: 

Charming Kittens: Phishing Emails From Iran:

 

 

« Chinese Hackers Go After Gambling Websites
The Cyber Skills Gap Increases »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

Trinexia

Trinexia

Trinexia (formerly Credence Security) is a specialty Value-added Distributor of Cyber Security, Digital Forensics, Security Awareness, Data Security & Governance solutions.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

Blockchain Slovakia

Blockchain Slovakia

Blockchain Slovakia is a non-profit organization that brings together researchers, developers, entrepreneurs, regulators, investors and the public to support blockchain technology in Slovakia.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

RIT Global Cybersecurity Institute

RIT Global Cybersecurity Institute

At RIT's Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

CYBRScore

CYBRScore

CYBRScore is a premium, performance-based cyber skills training and assessment provider that quantifies a user’s ability to defend a network.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

SAIFE

SAIFE

SAIFE has adapted a Software Defined Perimeter approach and paired it with a Zero Trust model that defines access by the user, their device, and where they are located.

R3I Ventures - House of DeepTech

R3I Ventures - House of DeepTech

The House of DeepTech is an incubator for deeptech entrepreneurs that are transforming global industries. Areas of interest include cybersecurity.

Safetech Innovations

Safetech Innovations

Safetech Innovations is a team of cyber security experts, always at your service. We use human and cyber intelligence to help your business in uncertain times.

Secure Cyber Defense

Secure Cyber Defense

Secure Cyber Defense provides expert cybersecurity consulting and managed detection and response services to companies, local government, schools and universities.

Resemble AI

Resemble AI

Resemble AI is an innovator in Generative Voice AI technology and tools to combat AI fraud including audio watermarking and deepfake detection.

Spirit Technology Solutions

Spirit Technology Solutions

Spirit Technology Solutions is a modern workplace services provider committed to delivering solutions that embody our core principles of security, sustainability, and scalability.

FSP

FSP

FSP is a leading consultancy specialising in Digital, Security and AI solutions. We navigate the complexities of data sensitivity, confidentiality, governance and compliance.

Pillar Security

Pillar Security

Pillar Security are building the unified AI security platform to identify, assess, and mitigate security risks across your entire AI lifecycle.