|
Elfin Team
Advanced Persistent Threat 33 (APT33) is a hacker group identified by FireEye as being supported by the government of Iran. The group has also been called Refined Kitten (by Crowdstrike), Magnallium (by Dragos), and Holmium (by Microsoft). History FireEye believes that the group was formed no later than 2013. Targets APT33 has reportedly targeted aerospace, defense and petrochemical industry targets in the United States, South Korea, and Saudi Arabia. Modus operandi APT33 reportedly uses a dropper program designated DropShot, which can deploy a wiper called ShapeShift, or install a backdoor called TurnedUp. The group is reported to use the ALFASHELL tool to send spear-phishing emails loaded with malicious HTML Application files to its targets. APT33 registered domains impersonating many commercial entities, including Boeing, Alsalam Aircraft Company, Northrop Grumman and Vinnell. Identification FireEye and Kaspersky Lab noted similarities between the ShapeShift and Shamoon, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FireEye
Trellix (formerly FireEye and McAfee Enterprise) is a privately held cybersecurity company founded in 2022. It has been involved in the detection and prevention of major cyber attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks. In March 2021, Symphony Technology Group (STG) announced its acquisition of McAfee Enterprise in an all-cash transaction for $4.0 billion. STG completed the acquisition of McAfee’s Enterprise business in July 2021 with plans for re-branding. In June 2021, FireEye sold its name and products business to STG for $1.2 billion. STG combined FireEye with its acquisition of McAfee's enterprise business to launch Trellix, an extended detection and response (XDR) company. Meanwhile, McAfee Enterprise's security service edge (SSE) business would operate as a separate company to be known as Skyhigh Security. History FireEye was founded in 2004 by Ashar ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Boeing
The Boeing Company () is an American multinational corporation that designs, manufactures, and sells airplanes, rotorcraft, rockets, satellites, telecommunications equipment, and missiles worldwide. The company also provides leasing and product support services. Boeing is among the largest global aerospace manufacturers; it is the third-largest defense contractor in the world based on 2020 revenue, and is the largest exporter in the United States by dollar value. Boeing stock is included in the Dow Jones Industrial Average. Boeing is incorporated in Delaware. Boeing was founded by William Boeing in Seattle, Washington, on July 15, 1916. The present corporation is the result of the merger of Boeing with McDonnell Douglas on August 1, 1997. Then chairman and CEO of Boeing, Philip M. Condit, assumed those roles in the combined company, while Harry Stonecipher, former CEO of McDonnell Douglas, became president and COO. The Boeing Company's corporate headquarters is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Cyberwarfare
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare. There is significant debate among experts regarding the definition of cyberwarfare, and even if such a thing exists. One view is that the term is a misnomer, since no cyber attacks to date could be described as war. An alternative view is that it is a suitable label for cyber attacks which cause physical damage to people and objects in the real world. Many countries including the United States, United Kingdom, Russia, China, Israel, Iran, and North Korea have active cyber capabilities for offensive and defensive operations. As states explore the use of cyber operations and combine capabilities, the likelihood of physical confrontation and violence playing out as a result of, or part of, a cyber operation is increased. However, meet ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Charming Kitten
Charming Kitten (other aliases include APT35 (by Mandiant), Phosphorus (by Microsoft), Ajax Security (by FireEye), NewsBeef (by Kaspersky,)) is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat. On December 15, 2017, the group was designated by FireEye as a nation state-based advanced persistent threat, regardless of the lack of its sophistication. Research conducted by FireEye in 2018 suggested that APT35 may be expanding their malware capabilities and intrusion campaigns. The group has since been known to use phishing to impersonate company websites, as well as fake accounts and fake DNS domains to phish users' passwords. History Witt Defection (Early 2013) In 2013, former United States Air Force technical sergeant and military intelligence defense contractor Monica Witt defected to Iran knowing she might incur criminal charges by the United Stages for doing so. Her giving of intelligence to th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
The Daily Beast
''The Daily Beast'' is an American news website focused on politics, media, and pop culture. It was founded in 2008. It has been characterized as a "high-end tabloid" by Noah Shachtman, the site's editor-in-chief from 2018 to 2021. In a 2015 interview, former editor-in-chief John Avlon described the ''Beast''s editorial approach: "We seek out scoops, scandals, and stories about secret worlds; we love confronting bullies, bigots, and hypocrites." In 2018, Avlon described the ''Beast''s "strike zone" as "politics, pop culture, and power". History ''The Daily Beast'' began publishing on October 6, 2008. Its founding editor was Tina Brown, a former editor of ''Vanity Fair'' and ''The New Yorker'' as well as the short-lived ''Talk'' magazine. The name of the site was taken from a fictional newspaper in Evelyn Waugh's novel ''Scoop''. In 2010, ''The Daily Beast'' merged with the magazine ''Newsweek'' creating a combined company, The Newsweek Daily Beast Company. The merge ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Reuters
Reuters ( ) is a news agency owned by Thomson Reuters Corporation. It employs around 2,500 journalists and 600 photojournalists in about 200 locations worldwide. Reuters is one of the largest news agencies in the world. The agency was established in London in 1851 by the German-born Paul Reuter. It was acquired by the Thomson Corporation of Canada in 2008 and now makes up the media division of Thomson Reuters. History 19th century Paul Reuter worked at a book-publishing firm in Berlin and was involved in distributing radical pamphlets at the beginning of the Revolutions in 1848. These publications brought much attention to Reuter, who in 1850 developed a prototype news service in Aachen using homing pigeons and electric telegraphy from 1851 on, in order to transmit messages between Brussels and Aachen, in what today is Aachen's Reuters House. Reuter moved to London in 1851 and established a news wire agency at the London Royal Exchange. Headquartered in London, R ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Iranian Cyber Army
The Iranian Cyber Army is an Iranian computer hacker group. It is thought to be connected to Iranian government, although it is not officially recognized as an entity by the government. It has pledged loyalty to Supreme Leader of Iran. According to Tehran Bureau, the Islamic Revolutionary Guard initiated plans for the formation of an Iranian Cyber Army in 2005. The organisation is believed to have been commanded by Mohammad Hussein Tajik until his assassination. The group has claimed responsibility for several attacks conducted over the Internet since 2009, most notably attacks against Baidu and Twitter. The attack against Baidu resulted in the so-called Sino-Iranian Hacker War. In 2012, a group self-identified as "Parastoo" ( fa, پرستو - ''Swallow'') hacked the International Atomic Energy Agency The International Atomic Energy Agency (IAEA) is an intergovernmental organization that seeks to promote the peaceful use of nuclear energy and to inhibit its use for any ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Pseudonym
A pseudonym (; ) or alias () is a fictitious name that a person or group assumes for a particular purpose, which differs from their original or true name (orthonym). This also differs from a new name that entirely or legally replaces an individual's own. Many pseudonym holders use pseudonyms because they wish to remain Anonymity, anonymous, but anonymity is difficult to achieve and often fraught with legal issues. Scope Pseudonyms include stage names, User (computing), user names, ring names, pen names, aliases, superhero or villain identities and code names, gamer identifications, and regnal names of emperors, popes, and other monarchs. In some cases, it may also include nicknames. Historically, they have sometimes taken the form of anagrams, Graecisms, and Latinisation (literature), Latinisations. Pseudonyms should not be confused with new names that replace old ones and become the individual's full-time name. Pseudonyms are "part-time" names, used only in certain contexts – ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Iran Standard Time
Iran Standard Time (IRST) or Iran Time (IT) is the time zone used in Iran. Iran uses a UTC offset UTC+03:30. IRST is defined by the 52.5 degrees east meridian, the same meridian which defines the Iranian calendar and is the official meridian of Iran. Between 2005 and 2008, by decree of President Mahmoud Ahmadinejad, Iran did not observe daylight saving time (DST) (called ''Iran Daylight Time'' or ''IRDT''). It was reintroduced from 21 March 2008. On 21 September 2022, Iran abolished DST and now observes standard time year-round. Daylight Saving Time transitions The dates of DST transitions in Iran were based on the Solar Hijri calendar, the official calendar of Iran, which is in turn based on the March equinox ( Nowruz) as determined by astronomical calculation at the meridian for Iran Standard Time (52.5°E or GMT+3.5h). This resulted in the unique situation wherein the dates of DST transitions didn't fall on the same weekday each year as they do in most other countries. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Farsi
Persian (), also known by its endonym Farsi (, ', ), is a Western Iranian language belonging to the Iranian branch of the Indo-Iranian subdivision of the Indo-European languages. Persian is a pluricentric language predominantly spoken and used officially within Iran, Afghanistan, and Tajikistan in three mutually intelligible standard varieties, namely Iranian Persian (officially known as ''Persian''), Dari Persian (officially known as ''Dari'' since 1964) and Tajiki Persian (officially known as ''Tajik'' since 1999).Siddikzoda, S. "Tajik Language: Farsi or not Farsi?" in ''Media Insight Central Asia #27'', August 2002. It is also spoken natively in the Tajik variety by a significant population within Uzbekistan, as well as within other regions with a Persianate history in the cultural sphere of Greater Iran. It is written officially within Iran and Afghanistan in the Persian alphabet, a derivation of the Arabic script, and within Tajikistan in the Tajik alphabet, a deriv ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Virus
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be "infected" with a computer virus, a metaphor derived from biological viruses. Computer viruses generally require a host program. The virus writes its own code into the host program. When the program runs, the written virus program is executed first, causing infection and damage. A computer worm does not need a host program, as it is an independent program or code chunk. Therefore, it is not restricted by the host program, but can run independently and actively carry out attacks. Virus writers use social engineering deceptions and exploit detailed knowledge of security vulnerabilities to initially infect systems and to spread the virus. Viruses use complex anti-detection/stealth strategies to evade antivirus software. Motives for creating viruses can inclu ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Shamoon
Shamoon ( fa, شمعون), also known as W32.DistTrack, is a modular computer virus that was discovered in 2012, targeting then-recent 32-bit NT kernel versions of Microsoft Windows. The virus was notable due to the destructive nature of the attack and the cost of recovery. Shamoon can spread from an infected machine to other computers on the network. Once a system is infected, the virus continues to compile a list of files from specific locations on the system, upload them to the attacker, and erase them. Finally the virus overwrites the master boot record of the infected computer, making it unusable. The virus was used for cyberwarfare against national oil companies including Saudi Arabia's Saudi Aramco and Qatar's RasGas. A group named "Cutting Sword of Justice" claimed responsibility for an attack on 30,000 Saudi Aramco workstations, causing the company to spend more than a week restoring their services. The group later indicated that the Shamoon virus had been used in the a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
