CISA Alert AA22-055A – Iranian government-sponsored actors conduct cyber operations against global government and commercial networks.

The FBI, CISA, US Cyber Command Cyber National Mission Force, and the United Kingdom’s National Cyber Security Centre have observed a group of Iranian government-sponsored APT actors, known as MuddyWater, conducting cyber espionage and other malicious cyber operations targeting a range of government and private-sector organizations across sectors—including telecommunications, defense, local government, and oil and natural gas—in Asia, Africa, Europe, and North America.  AA22-055A Alert, Technical Details, and Mitigations Malware Analysis Report AA22-052A STIX and Malware Analysis STIX Iran Cyber Threat Overview and Advisories NCSC-UK MAR – Small Sieve CNMF's press release – Iranian intel cyber suite of malware uses open source tools All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at [email protected] or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or [email protected]. Learn more about your ad choices. Visit megaphone.fm/adchoices