Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor In addition to its long-standing password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm—or APT 33—has developed custom malware dubbed “Tickler.”

This come as no surprise. #APT33 #Tickler www.wired.com/story/iran-peach-sandwor...

New Tickler malware used to backdoor US govt, defense orgs The APT33 Iranian hacking group has used new Tickler malware to backdoor the networks of organizations in the government, defense, satellite, oil and gas sectors in the United States and the United Ar...

New Tickler malware used to backdoor US govt, defense orgs
www.bleepingcomputer.com/news/securit...

#Infosec #Security #Cybersecurity #CeptBiro #Tickler #Malware #Backdoor #USgovt #DefenseOrgs #APT33

Le groupe APT33 est de retour...

#Microsoft vient de révéler que le groupe de cyber-espionnage iranien #APT33, également connu sous les noms de Peach Sandstorm et Refined Kitten, utilise un nouveau malware nommé #FalseFont pour cibler des entreprises du secteur de la #défense dans le monde entier.

Current view of the #PurpleTeam workshop. Emulating #APT33 #Ryuk #Orangeworm and #WastedLocker in a hands-on, isolated environment for each student! Thanks for hosting us @HITBSecConf #HITBCyberWeek

Next one is December 5: https://scythe.io/workshops

Will be teaching #RedTeam Exercises and #AdversaryEmulation 2 day SANS course at #PenTest #HackFest 2020! Learn how to build a Red Team Program and bring value to the business! Class long lab emulating #APT33 @SANSPenTest...

I am back on the teaching circuit! Will be hosting #RedTeam Exercises and #AdversaryEmulation 2 day SANS course at #PenTest #HackFest 2020! Learn how to build a Red Team Program and bring value to the business! Class long lab emulating #APT33...

Will be teaching #RedTeam Exercises and #AdversaryEmulation 2 day SANS course at #PenTest #HackFest 2020! Learn how to build a Red Team Program and bring value to the business! Class long lab emulating #APT33 @SANSPenTest...

I am back on the teaching circuit! Will be hosting #RedTeam Exercises and #AdversaryEmulation 2 day @SANSPenTest course at #HackFest 2020! Learn how to build a Red Team Program and bring value to the business! Class long lab emulating #APT33...

I am back on the teaching circuit! Will be hosting #RedTeam Exercises and #AdversaryEmulation 2 day SANS course at #PenTest #HackFest 2020! Learn how to build a Red Team Program and bring value to the business! Class long lab emulating #APT33...

Next Monday and Tuesday I will be teaching #SEC564 LiveOnline! We cover how to build a #RedTeam Program and perform end-to-end #adversaryemulation. 50% hands on with a class long lab emulating #APT33 against an enterprise environment. Still time to...

From Empire3 agent to SCYTHE is as easy as 1, 2, 3.

Below screenshot is with rundll32.exe but just as simple with an executable.

#SEC564 sneak peak at some hosts you compromise just because I am working on #APT33 for #ThreatThursday

@scythe_io @Adam_Mashinchi @brysonbort

SANSFIRE2020 is hosting #SEC564 2 days of how to build a Red Team program, consume Cyber Threat Intel, plan an adversary emulation, emulate an adversary, and show business value. We emulate #APT33 in class long lab. Spots available on Live Online format!...

2 day Red Team Exercises and Adversary Emulation class being taught Live Online May 26-27 by yours truly.

50% lecture on how to build a #redteam program, planning, #CTI, performing #adversaryemulation, and showing value! 50% hands on emulating #APT33...

Still time to register for next week's 2 day Red Team Exercises and Adversary Emulation SANS course #SEC564

We cover building a #redteam #CTI planning #adversaryemulation #APT33 against a target organization and showing value with VECTR. 50% hands on...

Great quick demo on Starkiller by the folks at @BCSecurity1 today. Fast paced and to the point. Thanks for the shout out as well! #SEC564 uses Empire for the 2 day long #adversaryemulation of #APT33 Looking into adding...

#SEC564 #RedTeam Exercises and #AdversaryEmulation is available OnDemand and Self Study! Class long lab emulating #APT33 mapping to @MITREattack against a typical environment with DMZ and Intranet. DC, Exchange, Windows hosts. @SANSInstitute @SANSPenTest

https://sans.org/SEC564

Lookie lookie what @NonVictus hooked me up with! Beta of SANS Slingshot with Empire 3.0 shhhh tell only your best friends @BCSecurity1 Testing underway. Will perform a full #adversaryemulation of #APT33 like we do in #SEC564 and report back