VulnHub

Real-time Cybersecurity News

Iran MOIS Colludes With Criminals to Boost Cyberattacks

darkreading
APT

Overview

Iranian state-sponsored hackers are reportedly collaborating with real cybercriminal groups to enhance their cyberattacks. This partnership marks a shift from the previous strategy where Iranian advanced persistent threat (APT) groups masqueraded as criminal entities. By aligning with actual criminals, these APTs aim to bolster their capabilities and expand their reach in the cyber realm. This development raises concerns about the potential for more sophisticated and damaging attacks on various targets, including businesses and government entities. The implications of this collaboration could lead to an increase in cybercrime and state-sponsored attacks, posing a significant risk to cybersecurity efforts globally.

Key Takeaways

  • Timeline: Newly disclosed

Original Article Summary

Iranian APTs have long pretended to be cybercriminal groups. Now they're working with actual cybercriminal groups.

Impact

Not specified

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to APT.

Read Original Article

Related Coverage

Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict

CyberScoop

The recent cyberattack on Stryker, a medical device manufacturer, appears to be a significant operation attributed to Iranian hackers, coinciding with ongoing tensions between the U.S. and Israel. While the exact impact of the attack remains somewhat unclear, it suggests a growing sophistication in Iranian cyber capabilities. This incident raises concerns about the security of medical devices and the potential for disruption in healthcare services. As cyber threats continue to evolve, companies in the medical sector and beyond need to reassess their cybersecurity measures. The attack serves as a reminder of the increasing risks posed by state-sponsored cyber activities, especially in politically charged environments.

Mar 12, 2026

Vulnerability Mis-Management - PSW #917

SCM feed for Latest

A recent security vulnerability has been identified in several widely-used software applications, affecting users and businesses alike. This vulnerability allows attackers to gain unauthorized access to sensitive data, putting personal and organizational information at risk. The affected products include popular content management systems and cloud services, which are used by millions of individuals and enterprises. Experts urge users to update their software immediately to protect against potential exploitation. Failure to address this issue could lead to significant data breaches and financial loss for affected parties.

Mar 12, 2026

England Hockey investigating ransomware data breach

BleepingComputer

England Hockey is currently investigating a potential data breach after the AiLock ransomware group included them in a list of victims on their data leak site. The governing body for field hockey in England has not disclosed specific details regarding the type of data that may have been compromised or how the breach occurred. This incident raises concerns about the security of sensitive information and the increasing targeting of sports organizations by cybercriminals. As investigations continue, England Hockey is likely assessing the extent of the breach and implementing measures to protect its data and ensure the safety of its community. This situation serves as a reminder for organizations of all sizes to remain vigilant against ransomware threats.

Mar 12, 2026

AI-generated Slopoly malware used in Interlock ransomware attack

BleepingComputer

A new strain of malware called Slopoly has been linked to an Interlock ransomware attack, allowing attackers to infiltrate a compromised server and remain undetected for over a week. This malware is believed to be generated using AI tools, showcasing the evolving capabilities of cybercriminals. During this time, sensitive data was stolen, raising concerns for organizations that may be targeted. The incident highlights the need for enhanced security measures to detect and respond to such sophisticated attacks. Companies must remain vigilant and update their defenses to protect against similar threats in the future.

Mar 12, 2026

Feds Takes Down SocksEscort Proxy Network Used in Global Fraud Schemes

Hackread – Cybersecurity News, Data Breaches, AI and More

Law enforcement agencies in Europe and the United States have successfully dismantled the SocksEscort proxy network, which was built using compromised routers. This network was utilized by cybercriminals for various global fraud schemes, allowing them to mask their online activities. The operation involved cooperation between multiple agencies, highlighting the importance of international collaboration in tackling cybercrime. The disruption of this network is significant as it not only affects the criminals who relied on it but also aims to protect individuals and businesses from the fallout of these fraudulent activities. This incident serves as a reminder of the ongoing threat posed by cybercriminals using compromised infrastructure to conduct illegal operations.

Mar 12, 2026

Iran-linked group claims wiper attack and takedown of medical device maker Stryker

SCM feed for Latest

An Iranian-linked group has claimed responsibility for a wiper attack that targeted the medical device manufacturer Stryker, marking a significant escalation in cyberattacks against U.S. companies since the onset of the Iran conflict on February 28. Wiper malware is designed to erase data and disrupt operations, posing serious risks to critical healthcare infrastructure. Stryker, known for its surgical and medical devices, may face operational challenges as a result of this incident. This attack underscores the increasing use of cyber warfare tactics in geopolitical conflicts, raising concerns about the security of other companies in the healthcare sector and beyond. Organizations are urged to bolster their cybersecurity measures to defend against similar threats.

Mar 12, 2026