VulnHub

Real-time Cybersecurity News

Iran’s MuddyWater Hackers Target US Firms with New Dindoor Backdoor

Hackread – Cybersecurity News, Data Breaches, AI and More
Actively Exploited
MalwareCritical

Overview

Iran's MuddyWater hacking group has launched a cyber campaign targeting U.S. companies and a department of an Israeli software firm, employing a new malware known as Dindoor. Researchers have linked this activity to the ongoing geopolitical tensions in the region. The campaign raises concerns about the potential for sensitive data breaches and disruptions to business operations, particularly for firms involved in critical infrastructure or technology sectors. As these hackers continue to adapt their tactics, it highlights the need for organizations to bolster their cybersecurity measures and remain vigilant against such threats.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: U.S. companies, Israeli software firm department
  • Action Required: Companies should enhance their cybersecurity protocols, including regular software updates, employee training on phishing attacks, and implementing strong access controls.
  • Timeline: Newly disclosed

Original Article Summary

Researchers say Iran's MuddyWater hackers targeted US companies and an Israeli software firm’s department in a cyber campaign using the Dindoor malware - All this amid the ongoing conflict.

Impact

U.S. companies, Israeli software firm department

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Companies should enhance their cybersecurity protocols, including regular software updates, employee training on phishing attacks, and implementing strong access controls.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Malware, Critical.

Read Original Article

Related Coverage

CISA: Recently patched Ivanti EPM flaw now actively exploited

BleepingComputer

The Cybersecurity and Infrastructure Security Agency (CISA) has identified a serious vulnerability in Ivanti Endpoint Manager (EPM) that is currently being exploited in the wild. This flaw has been marked with high severity and affects U.S. federal agencies, which are now mandated to patch their systems within three weeks. The urgency stems from the risk that attackers could leverage this vulnerability to gain unauthorized access to sensitive information. Organizations using Ivanti EPM should prioritize applying the necessary patches to safeguard their systems and data from potential breaches.

Mar 10, 2026

This spy tool has been quietly stealing data for years

Help Net Security

ESET researchers have identified a resurgence of the Sednit group, a hacking collective linked to the Russian military intelligence agency, GRU. This group has been using a new toolkit that includes two implants, BeardShell and Covenant, which operate through separate cloud providers to maintain their surveillance capabilities. Since April 2024, these tools have been actively monitoring Ukrainian military personnel, indicating a sustained and targeted effort to steal sensitive data. The situation raises significant concerns about the security of military communications and the potential for further espionage activities. Understanding these tactics is crucial for developing defenses against similar attacks in the future.

Mar 10, 2026

Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials

Infosecurity Magazine

Dutch intelligence has reported that Russian state-sponsored hackers are attempting to take control of the Signal and WhatsApp accounts belonging to military and government officials around the world. This campaign targets key figures, which raises significant concerns about national security and the protection of sensitive communications. The hackers are likely aiming to gather intelligence or disrupt operations by accessing private conversations and data. The implications of such attacks are serious, as they could compromise not just individual accounts but also broader governmental and military communications. As these messaging platforms are widely used for secure communication, this incident underscores the need for enhanced security measures for users in sensitive positions.

Mar 10, 2026

New HHS toolkit helps healthcare sector gauge cyber preparedness

SCM feed for Latest

The Department of Health and Human Services (HHS) has rolled out an updated toolkit designed to assist healthcare organizations in evaluating their cybersecurity measures. This Risk Identification and Site Criticality toolkit aims to help these organizations spot potential vulnerabilities and assess their readiness against cyber threats. With the healthcare sector frequently targeted by cyberattacks, this initiative is crucial for ensuring patient data security and maintaining operational integrity. By providing a structured approach to risk assessment, the HHS hopes to bolster the overall cybersecurity posture of healthcare facilities nationwide. This toolkit is a significant step in addressing the growing concerns over cybersecurity in the healthcare industry.

Mar 10, 2026

Bipartisan energy cybersecurity bills gain House panel nod

SCM feed for Latest

The House Energy and Commerce Committee has taken a significant step by approving a bipartisan package of cybersecurity bills aimed at strengthening the protection of the energy sector. Leading this initiative is the Rural and Municipal Utility Cybersecurity Act, which focuses on enhancing cybersecurity measures for smaller utilities that may lack the resources of larger companies. This legislation is crucial as it addresses the vulnerabilities in the energy infrastructure that could be targeted by cyberattacks. By promoting cybersecurity readiness among rural and municipal utilities, the bill aims to safeguard essential services against potential disruptions. The approval of this package reflects a growing recognition of the need for robust cybersecurity frameworks in the energy sector, especially as threats continue to evolve.

Mar 10, 2026

Dutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attacks

Hackread – Cybersecurity News, Data Breaches, AI and More

Dutch intelligence agencies have issued a warning about Russian hackers who are targeting Signal and WhatsApp accounts. These attackers are using fake support bots and scams that trick users into providing verification codes. The primary targets of these scams are officials and journalists, raising concerns about the potential for unauthorized access to sensitive communications. This incident highlights the ongoing risks posed by cybercriminals and the need for users to be vigilant when managing their online accounts. As these platforms are commonly used for secure communication, any compromise could have serious implications for privacy and security.

Mar 9, 2026