At a glance.
- Charming Kitten collects against Iranian expatriate dissidents.
- Cyber Safety Review Board reports on Lapsus$.
- Call for comment on open-source, memory-safe standards.
- How NSA is coping with the cyber labor market.
- Yandex is restructuring.
- How Viasat was hacked.
Charming Kitten collects against Iranian expatriate dissidents.
Germany's BfV security service, the Bundesamt für Verfassungsschutz, warns that Iran's Charming Kitten threat group (also known as APT35, Phosphorus, Newscaster, and the Ajax Security Team) is collecting against Iranian dissidents residing in Germany and elsewhere. Both individuals and organizations are targets. Charming Kitten has been paying particular attention to lawyers, journalists and human rights activists since late 2022 at least.
The campaign is a social engineering effort. Deutsche Welle characterizes Charming Kitten's approach as spearphishing. The Iranian service first builds a target dossier containing an inventory of the subject's interests and connections, then cultivates a relationship of trust with the subject, and, finally, invites the target to a video chat in the course of which credentials are harvested. The BfV recommends the customary cautions with respect to new and unknown online contacts.