• Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions
Flyy Tech
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs
  • Camera
  • Audio
No Result
View All Result
Flyy Tech
No Result
View All Result

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

flyytech by flyytech
September 11, 2022
Home Security
Share on FacebookShare on Twitter


Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran’s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies.

“Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector organizations around the world and across various critical infrastructure sectors,” the Treasury said.

The agency also accused Iranian state-sponsored actors of staging disruptive attacks aimed at Albanian government computer systems in mid-July 2022, forcing it to suspend its online services.

The development comes months nearly nine months after the U.S. Cyber Command characterized the advanced persistent threat (APT) known as MuddyWater as a subordinate element within MOIS. It also comes almost two years following the Treasury’s sanctions against another Iranian APT group dubbed APT39 (aka Chafer or Radio Serpens).

CyberSecurity

Friday’s sanctions effectively prohibit U.S. businesses and citizens from engaging in transactions with MOIS and Khatib, and non-U.S. citizens that engage in transactions with the designated entities may themselves be exposed to sanctions.

Coinciding with the economic blockade, the Albanian government said the cyberattack on the digital infrastructure was “orchestrated and sponsored by the Islamic Republic of Iran through the engagement of four groups that enacted the aggression.”

Microsoft, which investigated the attacks, said the adversaries worked in tandem to carry out distinct phases of the attacks, with each cluster responsible for a different aspect of the operation –

  • DEV-0842 deployed the ransomware and wiper malware
  • DEV-0861 gained initial access and exfiltrated data
  • DEV-0166 (aka IntrudingDivisor) exfiltrated data, and
  • DEV-0133 (aka Lyceum or Siamese Kitten) probed victim infrastructure

The tech giant’s threat intelligence teams also attributed the groups involved in gaining initial access and exfiltrating data to the Iranian MOIS-linked hacking collective codenamed Europium, which is also known as APT34, Cobalt Gypsy, Helix Kitten, or OilRig.

Cyberattack on Albania

“The attackers responsible for the intrusion and exfiltration of data used tools previously used by other known Iranian attackers,” it said in a technical deepdive. “The attackers responsible for the intrusion and exfiltration of data targeted other sectors and countries that are consistent with Iranian interests.”

“The Iranian sponsored attempt at destruction had less than a 10% total impact on the customer environment,” the company noted, adding the post-exploitation actions involved the use of web shells for persistence, unknown executables for reconnaissance, credential harvesting techniques, and defense evasion methods to turn off security products.

Microsoft’s findings dovetail with previous analysis from Google’s Mandiant, which called the politically motivated activity a “geographic expansion of Iranian disruptive cyber operations.”

CyberSecurity

Initial access to the network of an Albanian government victim is said to have occurred as early as May 2021 via successful exploitation of a SharePoint remote code execution flaw (CVE-2019-0604), followed by exfiltration of email from the compromised network between October 2021 and January 2022.

A second, parallel wave of email harvesting was observed between November 2021 and May 2022, likely through a tool called Jason. On top of that, the intrusions entailed the deployment of ransomware called ROADSWEEP, eventually leading to the distribution of a wiper malware referred to as ZeroCleare.

Microsoft characterized the destructive campaign as a “form of direct and proportional retaliation” for a string of cyberattacks on Iran, including one staged by an Iranian hacktivist group that’s affiliated to Mujahedin-e-Khalq (MEK) in the first week of July 2022.

The MEK, also known as the People’s Mujahedin Organization of Iran (PMOI), is an Iranian dissident group largely based in Albania that seeks to overthrow the government of the Islamic Republic of Iran and install its own government.

“Some of the Albanian organizations targeted in the destructive attack were the equivalent organizations and government agencies in Iran that experienced prior cyberattacks with MEK-related messaging,” the Windows maker said.

Iran’s Foreign Ministry, however, has rejected accusations that the country was behind the digital offensive on Albania, calling them “baseless” and that it’s “part of responsible international efforts to deal with the threat of cyberattacks.”





Source_link

flyytech

flyytech

Next Post
Illuminate the Night with Uniview ColorHunter and Tri-Guard Technology

Illuminate the Night with Uniview ColorHunter and Tri-Guard Technology

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended.

Recommended Hardware for 3D Laser Scanning (i9)

Recommended Hardware for 3D Laser Scanning (i9)

December 14, 2022
Today’s Wordle 482 answer and hint: Friday, October 14

Today’s Wordle 482 answer and hint: Friday, October 14

October 14, 2022

Trending.

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

Image Creator now live in select countries for Microsoft Bing and coming soon in Microsoft Edge

October 23, 2022
Review: Zoom ZPC-1

Review: Zoom ZPC-1

January 28, 2023
Allen Parr’s false teaching examined. Why you should unfollow him.

Allen Parr’s false teaching examined. Why you should unfollow him.

September 24, 2022
Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

Elden Ring best spells 1.08: Tier lists, sorceries, incantations, and locations

January 14, 2023
How to View Ring Doorbell on a Roku TV

How to View Ring Doorbell on a Roku TV

December 20, 2022

Flyy Tech

Welcome to Flyy Tech The goal of Flyy Tech is to give you the absolute best news sources for any topic! Our topics are carefully curated and constantly updated as we know the web moves fast so we try to as well.

Follow Us

Categories

  • Apple
  • Applications
  • Audio
  • Camera
  • Computers
  • Cooking
  • Entertainment
  • Fitness
  • Gaming
  • Laptop
  • lifestyle
  • Literature
  • Microsoft
  • Music
  • Podcasts
  • Review
  • Security
  • Smartphone
  • Travel
  • Uncategorized
  • Vlogs

Site Links

  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms & Conditions

Recent News

CP+ 2023: Canon interview – ‘It’s our mission to make any camera system easier operate’: Digital Photography Review

CP+ 2023: Canon interview – ‘It’s our mission to make any camera system easier operate’: Digital Photography Review

March 26, 2023
Apple’s 2022 10th generation iPad is now available for just $399

Apple’s 2022 10th generation iPad is now available for just $399

March 26, 2023

Copyright © 2022 Flyytech.com | All Rights Reserved.

No Result
View All Result
  • Home
  • Apple
  • Applications
    • Computers
    • Laptop
    • Microsoft
  • Security
  • Smartphone
  • Gaming
  • Entertainment
    • Literature
    • Cooking
    • Fitness
    • lifestyle
    • Music
    • Nature
    • Podcasts
    • Travel
    • Vlogs

Copyright © 2022 Flyytech.com | All Rights Reserved.

What Are Cookies
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT