iran (9)

8872293089?profile=RESIZE_400xChina, Russia, North Korea, and Iran continue to pose significant cybersecurity threats to the US, because each is capable of launching disruptive attacks, according to a report published 13 April 2021 by the Office of the Director of National Intelligence.

Threats include disinformation campaigns that target elections and try to undermine democratic institutions as well as aggressive hacking campaigns, such as the SolarWinds supply chain attack, according to the report. In many cases, criminal

8837471697?profile=RESIZE_400xThe new cooperation agreement between Russia and Iran on cybersecurity and information technology is likely to create new hurdles for the United States and its allies in the Middle East. In January 2021, Russian Foreign Minister Sergey Lavrov and his Iranian counterpart Javad Zarif signed a cooperation agreement on cybersecurity and information and communications technology (ICT).

The agreement includes cybersecurity cooperation, technology transfer, combined training, and coordination at multil

8011615880?profile=RESIZE_400xOur friends from the US Department of Homeland Security have provided an open source Threat Assessment for October 2020 - which is Cyber Security Awareness Month.  The following is the Cyber Threat Assessment Section. 

Cyber threats to the Homeland from both nation-states and non-state actors will remain acute. U.S. critical infrastructure faces advanced threats of disruptive or destructive cyber-attacks. Federal, state, local, tribal and territorial governments, as well as the private sector, w

3804164883?profile=RESIZE_710xSummary

Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani.  Evidence indicates that these are low level attacks looking to target convenient and insecure targets.  The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely

3385921593?profile=RESIZE_710x

 

 

 

 

 

DNATools Inc. application dnaLIMS is a “state-of-the art web-based laboratory information management system used to track and manage (scientific DNA research)”.  It is commonly used by researchers in labs and universities around the world.  In 2017, multiple vulnerabilities were discovered in this software.  After the vendor was notified, their response indicates these vulnerabilities will not be fixed.  It has been confirmed that these vulnerabilities still exist in the software and attack

Wapack Labs is monitoring the developments in the ongoing Iran protests. Wapack analysts continue to observe an increase in Internet restriction and disabling of communication applications; Facebook, Twitter, Telegram, Google, WhatsApp, and Signal. To date, ProtonMail’s free VPN service for Android phones, and Psiphon, an app that circumnavigates network firewalls, are the only means of providing anonymity for Iranian citizens.
Wapack Labs analysts have been monitoring the recent demonstrations in Iran involving discontent toward the Islamic Republic seated in the aftermath of the 1979 Revolution. Iranian dissidents and activists took to the streets by the thousands, chanting slogans like “We don’t want an Islamic Republic” and “Death to the dictator”, as they tore down pictures of Supreme Leader Khamenei and set fire to the Governor’s office.
Wapack Labs has been monitoring Iranian cyber activity for several years, specifically the evolving OilRig and Greenbug campaigns. Their adoption of a cyber operational paradigm involving both cyber hacktivism and cyber espionage tactics resembles cyber activity patterns employed by Chinese APT groups, whereby different groups perform different campaigns, with multiple teams conducting separate phases of a cyber campaign. With President Trump’s refusal to re-certify Iran’s compliance with the 20