Last week cyber news
- A hacker claims to have breached the Ministry of Health and leaked a database containing personal information of doctors, including names, birth dates, workplaces, and contact details. He claims to have gained full root access to the server hosting the database
- Over the weekend, attackers assosiated with Iran took over the Telegram channel of Yaron Avraham and Yinir Kozen (Channel 12 News). Posts on the channel stated that Yaron Avraham’s Telegram account was hacked, from which the attackers are distributing various content.
- Thousands of Iraqi accounts were hacked via a malicious link, with accusations directed at Israel’s Unit 8200. The messages were sent from a compromised cyber group.
Cyber Alert for Academics and Research Institutions
A targeted phishing campaign against researchers and former security personnel: The National Cyber Directorate recently identified a focused phishing campaign targeting researchers and former security officials specializing in Iran and the Middle East. The phishing messages included fake links to Zoom and other fraudulent documents designed to collect sensitive information.
This campaign is attributed to the Iranian hacking group APT42, linked to the Islamic Revolutionary Guard Corps (IRGC), which specializes in cyber espionage. The group targets policy researchers, diplomats, and government officials to gather sensitive intelligence.
An additional phishing email alert: The National Cyber Directorate warns of another email impersonating an official message from the directorate, claiming vulnerabilities in the Chrome browser. This message includes a link to download a “security update,” which actually leads to a file infected with malware. Users should be cautious of the poorly worded content of the message in both Hebrew and English, which can serve as a warning sign of the spoofing.
Instructions and Recommendations
- Caution with Email Messages: Verify the sender’s identity through an alternative communication channel.
- Check Attachments and Links: Do not click on links or attachments from unknown sources. Verify them using tools like ScanMySMS.
- Update Security Systems: Monitor threat identifiers across all organizational security systems and install antivirus software.
- Two-Factor Authentication: Enable additional authentication for critical accounts.
- Stay Vigilant: Report any suspicious messages to your organization’s information security officer.
