At a glance.
- Predatory Sparrow's assault on Iran's steel industry.
- Callback phishing campaign impersonates security companies.
- High-end and low-end cyber extortion.
- Hacking Hondas (and others)?
- Russian cyberattacks spread internationally.
- Adversary-in-the-middle sites support business email compromise.
- Silent validation carding bot discovered.
- Attempted social engineering at the European Central Bank.
- Germany puts its shields up.
- Lilith enters the ransomware game.
- ChromeLoader makes a fresh appearance.
- A North Korean ransomware operation.
- Media organizations targeted by state actors.
Predatory Sparrow's assault on Iran's steel industry.
The BBC reports that Predatory Sparrow, a nominally hacktivist group opposed to Iran's regime, which claimed to have disrupted operations at Iran's Mobarakeh Steel Company on June 27th, has posted video of fires at the facility it claims were caused by its cyberattack. Mobarakeh Steel has minimized the effects of the attack, saying that its operations were not disrupted. CyberScoop reports that Predatory Sparrow has also dumped a set of documents it calls "top secret" and which it claims were taken from the Iranian facilities during the cyberattack. Those claims, as well as the authenticity of the documents themselves, remain unverified.
Given the long-running tension between Iran and Israel, there's been widespread speculation in the Israeli press that Predatory Sparrow, which presents itself as an Iranian dissident group, is operating in the interest of Israeli intelligence services. The Israeli government has begun an investigation into the source of the stories, which may or may not have derived from leaks.