Security news aggregator

Latest coverage for APT34

APT34 is a threat group linked to Iran and associated with malware, credential theft, and cyberespionage against organizations.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

APT34 is a cyber espionage group linked to Iranian state interests, primarily targeting organizations across the Middle East. They focus on sectors such as energy, telecommunications, financial services, and government entities. Their attacks often begin with spear-phishing emails containing malicious attachments or links, leading to credential theft, network reconnaissance, and deployment of custom malware to maintain persistent access.

Security teams should watch for phishing campaigns tailored to regional or industry-specific contexts and monitor for unusual authentication patterns or lateral movement within networks. Defenses include enforcing multi-factor authentication, promptly patching vulnerabilities, and using threat intelligence to identify APT34’s known malware signatures and command-and-control infrastructure. Understanding their targeting helps organizations prioritize protections around critical infrastructure and sensitive data in high-risk regions.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 24 Filtered view

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region

Trend Micro Research, News and Perspectives 1 year, 9 months ago

Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East

Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to sectors in the Middle East.

Trend Micro Research, News and Perspectives 2 years, 9 months ago

APT34 Deploys Phishing Attack With New Malware

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Loading more headlines...