Security news aggregator

Latest coverage for APT34

APT34 is a threat group linked to Iran and associated with malware, credential theft, and cyberespionage against organizations.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

APT34 is a cyber espionage group linked to Iranian state interests, primarily targeting organizations across the Middle East. They focus on sectors such as energy, telecommunications, financial services, and government entities. Their attacks often begin with spear-phishing emails containing malicious attachments or links, leading to credential theft, network reconnaissance, and deployment of custom malware to maintain persistent access.

Security teams should watch for phishing campaigns tailored to regional or industry-specific contexts and monitor for unusual authentication patterns or lateral movement within networks. Defenses include enforcing multi-factor authentication, promptly patching vulnerabilities, and using threat intelligence to identify APT34’s known malware signatures and command-and-control infrastructure. Understanding their targeting helps organizations prioritize protections around critical infrastructure and sensitive data in high-risk regions.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region