Kowatek Solar LTD
Why Your Brain Works Better When Time Has Edges
17:49
Why Your Brain Works Better When Time Has Edges
Study Finds We’re One Step Closer to Solar Hydrogen
04:48
Study Finds We’re One Step Closer to Solar Hydrogen
China Energy’s first Tower CSP joins two by PowerChina at Talatan
18:14
China Energy’s first Tower CSP joins two by PowerChina at Talatan
EV Electricity Plans: Do You Really Need One?
07:56
EV Electricity Plans: Do You Really Need One?
The UK delivers Europe’s largest vanadium flow battery system
07:32
The UK delivers Europe’s largest vanadium flow battery system
Neoenergia plans $10bn investment in Brazil by 2030
04:13
Neoenergia plans $10bn investment in Brazil by 2030
Why Premium Solar Panels Matter
20:42
Why Premium Solar Panels Matter
New Factory Adds 4 GW
08:38
New Factory Adds 4 GW
Most of the tech on display at this year’s Border Security Expo was autonomous and AI-equipped, driven by the Trump administration’s focus on US border security (Elizabeth Findell/Wall Street Journal)
14:39
Most of the tech on display at this year’s Border Security Expo was autonomous and AI-equipped, driven by the Trump administration’s focus on US border security (Elizabeth Findell/Wall Street Journal)
El cambio climático está intensificando las lluvias de los huracanes, contribuyendo a inundaciones mortales » Yale Climate Connections
11:02
El cambio climático está intensificando las lluvias de los huracanes, contribuyendo a inundaciones mortales » Yale Climate Connections

Iranian Hackers “Educated Manticore” Target Israel With New Tools

A new Iranian threat actor called Educated Manticore has been observed targeting Israeli individuals with new tactics and tools.

Security experts at Check Point Research (CPR) explained their findings in a new advisory released today. This advisory associated Educated Manticore hackers with a well-known Advanced Persistent Threat (APT) group known as Phosphorus.

Read more about Phosphorus here: Iranian spear phisher hijacks email conversations in new campaign

“This study shows a new and improved infection chain that led to the deployment of a new version of PowerLess. This implant was previously attributed to Phosphorus,” reads the technical article.

CPR was actually a .NET binary file created in mixed mode with C++ code, while the PowerLess payload deployed by Educated Manticore was similar to that of Phosphorus, but with a significantly improved loading mechanism and using .NET binary files created in mixed mode with C++ code. explained that it relies on techniques that are rarely seen.

“The newly discovered version is likely aimed at an Iraqi-centric phishing campaign that uses ISO files to start the infection chain,” the company wrote. “Other documents in the ISO file were in Hebrew and Arabic. […] It suggests that the lure was aimed at an Israeli target. “

As part of CPR’s investigation into Educated Manticore, security experts analyzed two separate lures and attributed them to the same actor with moderate confidence.

The CPR advisory has analyzed both lures in detail, but cautioned that attacks carried out as a result of these infections have not yet been observed in the wild.

“Since this is an update to the previously reported malware PowerLess, which is associated with some of Phosphorus’ ransomware operations, it may represent only the early stages of the infection, with a significant amount of post-infection activity. It’s important to note that parts of it may not yet be seen in the wild.”

CPR’s findings come days after Microsoft published an advisory describing another threat actor, reportedly linked to the Phosphorus campaign.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Address:
 091, Peace Plaza, Asaba, Delta State.
216 DBS Road, Asaba, Delta State.
Start a conversation:

Follow Us Social Media

Facebook Twitter Youtube Instagram

All Rights Reserved. Kowatek Blog by IWUCHI

Home | About Us | Disclaimer | Privacy Policy | Contact Us