Education

Iran-based APT Group Builds Own VPN Network

12 - 18 November 2019

Iran-based threat group APT33 has been conducting cyber espionage activities from its own private network of VPN nodes.
Cyber_News_Educations

Iran-based threat group APT33 (aka Elfin and Refined Kitten) has been conducting cyber espionage activities from its own private network of VPN nodes. In recent campaigns, the group has targeted a private US company that offers services related to national security, victims connected to a university and a college in the US, a victim most likely related to the US military, and several victims in the Middle East and Asia. Besides using the private VPN network to hide its real IPs and location, the infrastructure also contained backend servers for controlling bots that delivered malware. APT33 has been using the VPN network for reconnaissance of networks that are relevant to the research and supply chain of the oil industry.

References:

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence