LEARN MORE

blog post

Iranian Cyber Group Targets Saudi Entities with Advanced Malware

A recent report unveiled a cyber espionage campaign orchestrated by Iranian hackers, deploying an innovative malware named “Menorah” against their targets.

The cyber group, known as APT34 and by other names like OilRig, Cobalt Gypsy, IRN2, and Helix Kitten, operates out of Iran. Their cyber activities, targeting various Middle Eastern nations, have been traced back to 2014. Their primary targets seem to be government agencies and corporations operating in finance, energy, chemicals, and telecom industries.

According to research from Trend Micro, the group’s latest endeavor, starting in August, involved dispatching phishing emails to recipients in Saudi Arabia. These emails contained the Menorah malware, a sophisticated tool tailored for cyber espionage. This malware allows the hacker to upload specific files, initiate shell commands, and download files onto the affected system.

Notably, similarities were found between Menorah and the previously employed SideTwist backdoor by APT34. However, the former demonstrates enhanced capabilities and presents a heightened challenge for detection.

Researchers noted, “APT34 constantly refines its tactics, experimenting with various strategies and techniques.”

Limited data was retrieved about APT34’s recent targets during Trend Micro’s assessment. However, the phishing strategy involved a counterfeit file registration form linked to the Seychelles Licensing Authority, which had pricing details in Saudi Arabian currency. The primary targets were potentially situated in Saudi Arabia.

Historically, APT34 has been linked to multiple notable cyber assaults on different Middle Eastern targets. In the past, they’ve targeted an official from Jordan’s foreign ministry and carried out attacks on multiple Middle Eastern banks.

Considering their intricate operations and seemingly extensive resources, Trend Micro researchers warn, “APT34 represents a formidable cybersecurity threat not just in the region, but potentially on a broader scale.”

And, it’s on its way here as well.                                   

Author

Steve King

Managing Director, CyberEd

King, an experienced cybersecurity professional, has served in senior leadership roles in technology development for the past 20 years. He has founded nine startups, including Endymion Systems and seeCommerce. He has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex and was the co-founder of the Cambridge Systems Group.

 
Facebook X-twitter Linkedin
Contact Us

CyberEd.io is reinventing traditional security awareness training with continuous Human Risk Management. In addition, our course catalog is rich with relevant content for C-suite execs, CISOs, senior practitioners to entry level and employees typically not involved with cybersecurity in their daily job duties.  

We empower you to stay ahead of threats and stay secure in our digital world!

+1-609-356-1499 | info@cybered.io | Sign Up for Our Newsletter

©2024 Information Security Media Group | About ISMG | Privacy & GDPR Statement

LEARN MORE

Schedule a Demo with Us!

Fill in the form and we’ll get back to you as soon as possible.

Closing The Education Gap In The Cybersecurity Industry

Our latest resources and blog posts help you stay in touch with what’s happening in the industry. Want even more updates? Sign up for our newsletter!

Learn more about our Course Catalog

Learn more about Masterclasses

Start Your 7-Day FREE Trial!

No Credit Card Needed!

"The Perfect Storm" A Cyber Readiness Tabletop Exercise

"The Perfect Storm" is an immersive thought exercise designed to test and enhance your financial institution's cybersecurity resilience. This exclusive CyberEd.io course simulates a complex and multi-layered cybersecurity attack, challenging participants to respond, communicate, and recover under extreme conditions. Through a series of escalating scenarios, from phishing attacks to DDoS assaults, ransomware infections, and public data leaks, participants will develop critical skills and strategies necessary to safeguard their organization against relentless cyber threats.
LEARN MORE

Ransomware Defense

This ransomware course is designed for technical defenders. Explore the methods used by bad actors to install ransomware, analyze the latest ransomware variants, identify key ransomware groups, detect early indicators of possible attacks, apply containment, eradication, and recovery best practices, then get other practical tips to establish and maintain comprehensive disaster recovery plans. This course emphasizes practical, actionable steps to defend against ransomware.
LEARN MORE

Malware Escape!

This thrilling malware attack simulation escape room, encourages tech-teams to work together to thwart common malware attacks, like the one two punch of a botnets releasing ransomware, for example. We don't want to spoil the plot. It's up to your tech team to figure it out!
LEARN MORE

FFIEC Cybersecurity Assessment Tool Quick Start

This technical guidance course explores the Federal Financial Institutions Examination Council's Cybersecurity Assessment Tool, also known as the FFIEC CAT (pronounced “cat”). This tool is designed to help financial institutions identify their cybersecurity risks and determine their preparedness. In this course, we’ll provide a high-level overview of the CAT, its components, and how it can benefit your institution. Kick off your FFIEC CAT journey today!
LEARN MORE

Combatting Social Engineering and Insider Threats

Combatting Social Engineering and Insider Threats provides a technical understanding of how social engineering and insider threats effect organizations. The course emphasizes various social engineering tactics, how to recognize and mitigate social engineering threats, the correlation between social engineering and insider threats, and then also practical, actionable steps to enhance the overall security posture of your organization.
LEARN MORE

Building Secure Architectures for ICS and OT Environments

This course is designed for industrial and critical infrastructure technical leaders and technical professionals responsible for designing secure architectures for ICS and OT environments. Explore communication protocols, securing the process control network, and the Purdue Network Model. Then learn how to implement firewalls, IDS, IPS, other Appliances and access management techniques. Build more secure cybersecurity architectures today!
LEARN MORE

AI, Machine Learning,
and Cybersecurity

Explore the intersection of AI and cybersecurity in this comprehensive course designed for learners at all levels. Dive into the fundamentals of artificial intelligence and machine learning to understand their applications in combating cyber threats. Learn about ethical considerations and future trends, equipping yourself with the knowledge to navigate and contribute to the evolving landscape of digital security. This course is your pathway to mastering AI-enhanced cybersecurity strategies.
LEARN MORE

Learn more about
CPE Credits

The Open Web Application Security Project (OWASP)

This fundamental course explores the Open Web Application Security Project (OWASP) and a publication released by the OWASP foundation, called The OWASP Top 10, which highlights the top ten cybersecurity risks. Dive into each risk category, risk mitigations strategies and pro tips! Start your Open Web Application Security journey today! 
LEARN MORE

Learn more about SmartHRM™ Software

Learn more about SmartHRM™ Solution

Learn more about
Custom Content

Blockchain and Cybersecurity

This course is designed specifically for leaders and technicians who need to expand their knowledge in blockchain technology. We explore blockchain's impact, specifically highlighting cybersecurity concerns. We cover foundational concepts such as decentralization, transparency, and immutability, as well as practical applications in regulatory compliance, auditing, and security. Explore types of blockchains—public, private, and consortium—and learn how they are used. Blockchain is here! Prepare today!
LEARN MORE

The NIST Cybersecurity Framework

This fundamental course delves into the National Institute of Standards and Technology Cybersecurity Framework, or the NIST Cybersecurity Framework, also known as CSF for short. The CSF is a set of best practices and recommendations for organizations to help manage cybersecurity risk. Learn all about the CSF structure, purpose, application across various sectors and how utilizing the CSF Framework can enhance an organization’s security posture.
LEARN MORE

Payment Card Industry
Data Security Standards (PCI DSS) Compliance

In today's world, data is the lifeblood of organizations, so protecting that data, through various forms of cybersecurity compliance, has become paramount. Payment Card Industry Data Security Standards (PCI DSS) Compliance provides IT professionals with a granular understanding of the requirements and best practices needed to ensure payment card data security compliance as well as links to even more detailed related resources. Learn about payment card industry data security standard compliance today!
LEARN MORE

Federal Deposit Insurance Corporation (FDIC) Laws and Regulations

This course provides a deep dive into the key cybersecurity laws and regulations that FDIC-supervised institutions must adhere to. With a blend of technical insights and practical guidance, participants will learn to navigate the complex regulatory landscape, implement robust cybersecurity measures, and ensure compliance with FDIC requirements. Make sure your institution stays compliant. Brush up on FDIC Laws and Regulations today!
LEARN MORE

Certified Information Systems Security Professional (CISSP) Prep Path

The CISSP certification is recognized as the gold standard for IT security professionals. This prep path, spanning 39.75 hours, equips security professionals with in-depth knowledge of advanced security management. Achieving CISSP certification validates expertise in designing, implementing, and managing a best-in-class cybersecurity program​​.
LEARN MORE

CompTIA Security+ Certification Prep Path

This learning path builds on foundational networking skills to prepare learners for the CompTIA Security+ certification exam, one of the most sought-after entry-level cybersecurity certifications. Through a comprehensive 28.75-hour program, participants will cover essential information security principles across six key exam objectives, including threats, vulnerabilities, cryptography, and risk management.
LEARN MORE

Artificial Intelligence and Public Policy

With rapid advancements in AI technology, there is an urgent need to establish guidelines and guardrails for safe use and adoption. To address this need, the United States government - in collaboration with multiple private sector organizations - passed the bipartisan Senate Bill 5838 to establish the Congressional AI Task Force. In this CyberEd Session, Bob Ferguson, State of Washington Attorney General, will outline the objectives and structure of the task force, designed to assess the implications of AI technologies and propose informed legislative recommendations.
LEARN MORE

Learn more about SmartHRM™ Training

Intro to the
Gramm-Leach-Bliley Act

Intro to Gramm-Leach-Bliley Act is tailored specifically for financial sector business professionals who must understand the importance of Gramm-Leach-Bliley Act (GLBA) compliance and its impact on financial sector organizations. Learn how the Gramm-Leach-Bliley Act requires financial institutions to explain information-sharing practices and safeguard sensitive data.
LEARN MORE

Leading Financial Supply Chain Cybersecurity Teams

Third-party vendors play an essential role in all financial sector operations and supply chains, from payment processors to IT service providers. However, these relationships also introduce potential risks that can threaten the security and integrity of our data and systems. This executive-level course for financial sector business leaders highlights high level strategies all finance leaders need to know about managing third-party vendors and cybersecurity initiatives. Expand your third party vendor and supply chain cybersecurity leadership skills and drive better business impact, for your business today!
LEARN MORE

National Credit Union Administration (NCUA) Cybersecurity Compliance

National Credit Union Administration Cybersecurity Compliance provides an in-depth exploration of the National Credit Union Administration's cybersecurity regulations and best practices. Participants will learn to identify potential cyber threats, implement robust security measures, ensure compliance with NCUA guidelines, and understand the important role leadership support plays in establishing a strong cybersecurity posture.
LEARN MORE

Combatting Social Engineering and Insider Threats

Combatting Social Engineering and Insider Threats provides a technical understanding of how social engineering and insider threats effect financial service organizations. The course emphasizes various social engineering tactics, how to recognize and mitigate social engineering threats, the correlation between social engineering and insider threats, and then also practical, actionable steps to enhance the overall security posture of your financial service organization.
LEARN MORE

Learn more about our team-based solutions!

Masterclass with Kelly Hood

Kelly Hood, a cybersecurity engineer with Optic Cyber Solutions, talks about the NIST cybersecurity framework in this Masterclass, diving into implementation tiers, and framework profiles. Learn how to integrate regulatory requirements into your cybersecurity program today!
LEARN MORE

Masterclass with Andy Jenkinson

In this Masterclass Cybersec Innovation Partners founder Andy Jenkinson delves into a history of some real-life case studies and significant events which led to our current understanding of Domain Name Systems (DNS). Explore how DNS are misunderstood, how they’re vulnerable and how they can be manipulated by bad actors.
LEARN MORE

Masterclass with Lynn Peachey

Ransomware attacks are always increasing and we have seen ransomware hit some of the largest organizations and most critical industries, including Colonial Pipeline, for example. Join Lynn Peachey, Director of Business Development at Arete Incident Response, in a cybersecurity insurance focused Masterclass.
LEARN MORE

Masterclass with Richard Bird

Unravel the complexities of API Cybersecurity in Richard Bird’s API Security Masterclass. While APIs diversify capabilities and services, they simultaneously expand the attack surface for cyber threats. Arm yourself with knowledge and strategies to defend against API threats.
LEARN MORE

Masterclass with Dr. Nikki Robinson

Explore vulnerability cognition and the future of vulnerability management in this in depth discussion of current challenges in vulnerability management, modern vulnerability management practices, building a vulnerability management program (VMP) and even the psychology of vulnerability management.
LEARN MORE

Get In Touch!

Leave your details and we will get back to you.