Iran-Linked APT35 Targets Israeli Media With Upgraded Spear-Phishing Tools
The APT35 group (aka Charming Kitten), have added backdoor capabilities to their spear-phishing payloads — and targeted an Israeli reporter with it.
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional effects connected to Iran.
Search across headline titles and summaries.
Background for this topic.
Iran covers cybersecurity and information-security developments connected to Iran, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Iran's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
The APT35 group (aka Charming Kitten), have added backdoor capabilities to their spear-phishing payloads — and targeted an Israeli reporter with it.
The APT35 group (aka Charming Kitten), have added backdoor capabilities to their spear-phishing payloads — and targeted an Israeli reporter with it.
Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing campaign that delivers an updated version of a fully-featured PowerShell backdoor called POWERSTAR
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that's been put to use by the actor since 2021