muddywater – Computer Security Articles

Security Sophos

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

November 20, 2024 admin 0 Comments atera, legitimate service abuse, muddywater, phishing, RMM, security operations, stac 1171, ta450, threat research

Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]

MalwareBytes Security

Iranian hacking group uses compromised email accounts to distribute MSP remote access tool

December 12, 2022 admin Iran, MSP, muddywater, news, remote access tool, static kitten

Categories: News

Tags: MuddyWater

Tags: Static Kitten

Tags: remote access tool

Tags: MSP

Tags: Iran

A new campaign by hacking group MuddyWater has been uncovered in which a legitimate remote access tool is sent to targets from a compromised email account.

(Read more…)

The post Iranian hacking group uses compromised email accounts to distribute MSP remote access tool appeared first on Malwarebytes Labs.

MalwareBytes Security

Cardiologist moonlighted as successful ransomware developer

May 19, 2022 admin aesculapius, billy the puppet, breon peace, hakbit, Jigsaw, jigsaw ransomware, moises luis zagala gonzales, muddywater, nebuchadnezzar, nosophoros, ransomware, thanos, thanos ransomware, zagala

Credit to Author: Jovi Umawing| Date: Thu, 19 May 2022 13:07:27 +0000

Moises Luis Zagala, cardiologist by day, ransomware developer by night, has been charged by the US government for computer crimes.

The post Cardiologist moonlighted as successful ransomware developer appeared first on Malwarebytes Labs.

MalwareBytes Security

A week in security (February 21 – February 27)

February 28, 2022 admin a week in security, cyclops blink, Facebook, hive, muddywater, ransomware, Russia, Ukraine, xenomorph, yik yak

Credit to Author: Malwarebytes Labs| Date: Mon, 28 Feb 2022 11:37:42 +0000

The most important and interesting security stories from the last seven days.

The post A week in security (February 21 – February 27) appeared first on Malwarebytes Labs.

MalwareBytes Security

CISA warns of cyberespionage by Iranian APT “MuddyWater”

February 25, 2022 admin APT, awareness, cisa, csa, cybersecurity advisory, earth vetala, FBI, iranian apt, mercury, mfa, muddywater, ncsc, NSA, phishing, seedworm, static kitten, temp.zargos

Credit to Author: Malwarebytes Labs| Date: Fri, 25 Feb 2022 18:54:27 +0000

Cybersecurity agencies in the US and UK have issued a joint cybersecurity advisory (CSA) on MuddyWater, an Iranian APT.

The post CISA warns of cyberespionage by Iranian APT “MuddyWater” appeared first on Malwarebytes Labs.