Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite

Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for the attack. Iranian private airline Mahan Air has foiled a cyber attack over the weekend, Iranian state media reported. The airliner’s flight schedule was not affected by the cyberattack. “Our international and domestic flights are […]

LA Metro MuddyWater Iran Iran-linked actors

Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for the attack.

Iranian private airline Mahan Air has foiled a cyber attack over the weekend, Iranian state media reported. The airliner’s flight schedule was not affected by the cyberattack.

“Our international and domestic flights are operating on schedule without any disruptions,” Amirhossein Zolanvari, head of the airliner’s public relation office told state TV.

According to Iran’s Fars News Agency, Mahan Air was hit by similar attacks “many times,” for this reason Mahan’s Cyber Security Team rapidly neutralized these attacks.

“This is considered a normal occurrence and Mahan’s Cyber Security Team has always acted intelligently and in a timely manner to neutralize these attacks,” said the company, adding that all flights were on schedule and that the company would update if any flights were disrupted.

Hooshyarane Vatan hacker group claimed responsibility for the attack and added that it was able to access internal documents, emails and reports that linked the airline to the IRGC. The group explained that the company was able to detect the security breach, but did not stop it.

The US had sanctioned Mahan Air in 2011 for providing financial, material, or technological support to Iran’s Islamic Revolutionary Guard Corps.

The tension is high between Teheran and the Western countries, the latter are blaming Iran for a series of attacks against organizations worldwide.

A joint advisory released by government agencies (the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC)) in the U.S., U.K., and Australia warns that Iran-linked threat actors are exploiting Fortinet and Microsoft Exchange vulnerabilities in attacks aimed at critical infrastructure in the US and Australian organizations.

Microsoft Threat Intelligence Center (MSTIC) recently shared the results of their analysis on the evolution of Iran-linked threat actors at the CyberWarCon 2021. Over the past 12 months, MSTIC experts observed increasingly sophisticated attacks orchestrated by Iranian APT groups.

Iran has been targeted by a series of cyber attacks in the past months, in October a cyber attack has disrupted gas stations from the state-owned National Iranian Oil Products Distribution Company (NIOPDC) across Iran. The attack also defaced the screens at the gas pumps and gas price billboards.

Digital screens at the affected stations were displaying the message “cyberattack 64411,” which was also shown on the billboards of Iranian train stations during another attack that took place in July and that hit Iran’s railroad system.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Iran’s Mahan Air)

[adrotate banner=”5″]

[adrotate banner=”13″]