Common Information
| Type | Value |
|---|---|
| Value |
APT34 - G0057 |
| Category | Actor |
| Type | Mitre-Intrusion-Set |
| Misp Type | Cluster |
| Description | APT34 is an Iranian cyber espionage group that has been active since at least 2014. The group has targeted a variety of industries, including financial, government, energy, chemical, and telecommunications, and has largely focused its operations within the Middle East. FireEye assesses that the group works on behalf of the Iranian government based on infrastructure details that contain references to Iran, use of Iranian infrastructure, and targeting that aligns with nation-state interests. APT34 loosely aligns with public reporting related to OilRig, but may not wholly align due to companies tracking threat groups in different ways. (Citation: FireEye APT34 Dec 2017) |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-13 | 3 | OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware | National Cyber Security Consulting | ||
| Details | Website | 2024-10-13 | 2 | Iranian hackers now exploit Windows flaw to elevate privileges | ||
| Details | Website | 2024-10-12 | 34 | 安全热点周报:OilRig 利用 Windows 内核漏洞针对阿联酋和海湾地区进行间谍活动 | ||
| Details | Website | 2024-10-11 | 44 | Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions | ||
| Details | Website | 2024-10-11 | 43 | Earth Simnavaz (aka APT34) Levies Advanced Cyberattacks Against Middle East | ||
| Details | Website | 2024-10-08 | 6 | OilRig 利用 Windows 内核漏洞开展针对阿联酋和海湾地区的间谍活动 | CTF导航 | ||
| Details | Website | 2024-09-23 | 3 | Iranian-Linked Group Facilitates APT Attacks on Middle East Networks | ||
| Details | Website | 2024-09-22 | 6 | Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East - RedPacket Security | ||
| Details | Website | 2024-09-21 | 4 | Iranian APT Group UNC1860 Facilitates Cyber Intrusions Across Middle East | ||
| Details | Website | 2024-09-20 | 6 | Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East | ||
| Details | Website | 2024-09-20 | 3 | UNC1860 provides Iran-linked APTs with access to Middle Eastern networks | ||
| Details | Website | 2024-09-20 | 63 | UNC1860 APT IOCs - II - SEC-1275-1 | ||
| Details | Website | 2024-09-19 | 4 | Iran’s Passive Backdoors Lurk in Middle Eastern Networks | ||
| Details | Website | 2024-09-19 | 47 | UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks | ||
| Details | Website | 2024-09-19 | 26 | UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks | Google Cloud Blog | ||
| Details | Website | 2024-09-17 | 25 | Hazel Sandstorm (APT34) APT IOCs - SEC-1275-1 | ||
| Details | Website | 2024-09-16 | 8 | 16th September – Threat Intelligence Report - Check Point Research | ||
| Details | Website | 2024-09-13 | 1 | Novel payloads deployed in new OilRig APT campaign against Iraq | ||
| Details | Website | 2024-09-13 | 3 | Cyber Briefing: 2024.09.13 | ||
| Details | Website | 2024-09-13 | 7 | The Good, the Bad and the Ugly in Cybersecurity - Week 37 | ||
| Details | Website | 2024-09-13 | 44 | 每周高级威胁情报解读(2024.09.13~09.19) | ||
| Details | Website | 2024-09-12 | 1 | Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack | ||
| Details | Website | 2024-09-12 | 5 | Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack | ||
| Details | Website | 2024-09-12 | 4 | Threat Actors Using New Malware Toolkit That Involves IIS Backdoor, DNS Tunneling | ||
| Details | Website | 2024-09-12 | 5 | Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack - RedPacket Security |