Security news aggregator

Latest coverage for APT35

APT35 is an Iranian state-linked threat group associated with cyber espionage, phishing, credential theft, and targeting of sensitive organizations.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

APT35 is a cyber espionage group linked to Iranian state interests, specializing in targeted attacks against government, academic, and media organizations mainly in the Middle East, Europe, and the U.S. They use spear-phishing emails, credential harvesting, and custom malware to gain long-term access to sensitive networks for intelligence collection and influence operations.

Security teams should focus on defending against APT35’s social engineering tactics and their use of zero-day vulnerabilities to evade detection. Key defenses include enforcing multi-factor authentication, monitoring for unusual login behavior, and promptly applying security patches. Sharing threat intelligence on APT35’s indicators of compromise helps organizations identify and mitigate their stealthy intrusions more effectively.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view

PLUS: Exercise app tells spies to stop mapping; GitLab scan reveals 17,000 secrets; Leak exposes Iran’s Charming Kitten; and more! Infosec In Brief Switzerland’s Conference of Data Protection Officers, Privatim, last week issued a resolution calling on Swiss public bodies to avoid using hyperscale clouds and SaaS services due to security concerns.…

Charming Kitten unsheathes its claws and tries to catch credentials The cyber-ops arm of Iran's Islamic Revolutionary Guard Corps has started a spear-phishing campaign intent on stealing credentials from Israeli journalists, cybersecurity experts, and computer science professors from leading Israeli universities.…

If you get email from 'Samantha Wolf', congrats: you're important enough to make a decent target An Iranian cyber espionage gang with ties to the Islamic Revolutionary Guard Corps has learned new methods and phishing techniques, and aimed them at a wider set of targets – including politicians, government officials, critical infrastructure and medical researchers – according to email security vendor Proofpoint.…