Iran | Breaking Cybersecurity News | The Hacker News

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per Iran International. "If you experience disruptions or irrelevant messages while watching various TV channels, it is due to enemy interference with satellite signals," the broadcaster was quoted as saying. The breach of state television is the latest in a string of cyber attacks inside Iran that have been attributed to Israel-linked actors. It also coincides with the hack of Bank Sepah and Nobitex, Iran's largest cryptocurrency exchange. The Nobitex breach led to the theft of more than $90 million, a brazen escalation in the cyber war that has simmered between Israel and Iran for more than a decade. "Iranian entities have experimented with virtual assets as bot...

A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI) to people who were not entitled to receive them and for attempting to cover up the malicious activity. Asif William Rahman, 34, of Vienna, has been sentenced today to 37 months on charges of stealing and divulging classified information. He was an employee of the CIA since 2016 and had Top Secret security clearance to access Sensitive Compartmented Information (SCI) until he was terminated from his job after he was arrested last November in Cambodia. Earlier this January, Rahman pleaded guilty to two counts of willful retention and transmission of classified information related to the national defense. As previously reported by The Hacker News, Rahman retained multiple Secret and Top Secret documents without authorization on October 17, 2024, took them to his place of residence...

Iran has throttled internet access in the country in a purported attempt to hamper Israel's ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on the country, escalating geopolitical tensions in the region. Fatemeh Mohajerani, the spokesperson of the Iranian Government, and the Iranian Cyber Police, FATA, said the internet slowdown was designed to maintain internet stability and that the move is "temporary, targeted, and controlled, to ward off cyber attacks." Data shared by NetBlocks shows a "significant reduction in internet traffic" around 5:30 p.m. local time. The development comes amid deepening conflict, with Israel and Iran trading missile attacks since Friday. These attacks have spilled over into cyberspace, as security experts warned of retaliatory cyber operations by Iranian state actors and hacktivist groups. The digital warfare unfolding behind the scenes goes two ways. Earlier this week, a pro...

Meta on Thursday revealed that it disrupted three covert influence operations originating from Iran, China, and Romania during the first quarter of 2025. "We detected and removed these campaigns before they were able to build authentic audiences on our apps," the social media giant said in its quarterly Adversarial Threat Report. This included a network of 658 accounts on Facebook, 14 Pages, and two accounts on Instagram that targeted Romania across several platforms, including Meta's services, TikTok, X, and YouTube. One of the pages in question had about 18,300 followers. The threat actors behind the activity leveraged fake accounts to manage Facebook Pages, direct users to off-platform websites, and share comments on posts by politicians and news entities. The accounts masqueraded as locals living in Romania and posted content related to sports, travel, or local news. While a majority of these comments did not receive any engagement from authentic audiences, Met...

Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out "fewer than five" entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October 2024. The enterprise security firm is tracking the emerging cluster under the moniker UNK_CraftyCamel . A noteworthy aspect of the attack chain is the fact that the adversary took advantage of its access to a compromised email account belonging to the Indian electronics company INDIC Electronics to send phishing messages. The entity is said to have been in a trusted business relationship with all the targets, with the lures tailored to each of them. "UNK_CraftyCamel leveraged a compromised Indian electronics company to target fewer than five organizations in the United Arab E...

A cyber attack  in Iran left petrol stations across the country crippled, disrupting fuel sales and defacing electronic billboards to display messages challenging the regime's ability to distribute gasoline. Posts and  videos   circulated  on social media showed messages that said, "Khamenei! Where is our gas?" — a reference to the country's supreme leader Ayatollah Ali Khamenei. Other signs read, "Free gas in Jamaran gas station," with gas pumps showing the words "cyberattack 64411" when attempting to purchase fuel, semi-official Iranian Students' News Agency (ISNA) news agency  reported . Abolhassan Firouzabadi, the head of Iran's Supreme Cyberspace Council,  said  the attacks were "probably" state-sponsored but added it was too early to determine which country carried out the intrusions. Although no country or group has so far claimed responsibility for the incident, the attacks mark the second time digital billboards have...