New PowerExchange malware backdoors Microsoft Exchange servers
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. [...]
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional effects connected to Iran.
Search across headline titles and summaries.
Background for this topic.
Iran covers cybersecurity and information-security developments connected to Iran, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Iran's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. [...]
A suspected Iranian state-supported threat actor known as 'Agrius' is now deploying a new ransomware strain named 'Moneybird' against Israeli organizations. [...]