Iranian APT Actors Breached a US Government Network
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.
Coverage of cybersecurity incidents, policy, privacy, public services, advisories, and regional effects connected to Iran.
Search across headline titles and summaries.
Background for this topic.
Iran covers cybersecurity and information-security developments connected to Iran, including incidents, policy, privacy, advisories, research, and news affecting organizations, public services, and digital systems in the area.
For practitioners, the tag provides geographic context for developments involving Iran's organizations, services, partners, and users. Individual articles provide the specific technologies, threats, sectors, and operational implications relevant to each development.
CISA says Federal Civilian Executive Branch systems were compromised through a Log4Shell vulnerability in an unpatched VMware Horizon server.
Threat actors installed crypto-miner and achieved persistence
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server
It's the gift to cybercriminals that keeps on giving Iranian state-sponsored cyber criminals used an unpatched Log4j flaw to break into a US government network, illegally mine for cryptocurrency, steal credentials and change passwords, and then snoop around undetected for several months, according to CISA.…
The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware. [...]
The report outlines recent APT group activity from Russia, China, Iran and North Korea