Tag Archive for: Iran

Protesters confront security forces as Iran marks anniversary of crackdown | Protests News

/in


Clashes came as a reported riot took place at a prison in southwest Iran.

Clashes erupted in Iran’s restive southeast on Friday to mark the first anniversary of a crackdown by security forces on protesters known as “Bloody Friday”, according to rights groups and social media videos.

Videos posted on social media by the Iran Human Rights (IHR) group showed marchers confronting security forces in Zahedan, capital of the southeastern Sistan-Baluchestan province, as apparent sounds of shooting are heard.

IHR and the Baluch rights group Hal Vash said at least 23 people had been injured.

The clashes came on the heels of an incident at a facility in southwest Iran in which prisoners started a fire to protest against a death sentence issued against a fellow inmate, and shots were heard, an Iranian news agency reported.

“Following the announcement of the death sentence of a prisoner in Ramhormoz prison, several prisoners have started a riot by starting a fire,” the semi-official news agency Mehr reported on Friday. “Gunfire could be heard from outside the prison.”

Mehr later reported that “calm” had been restored.

Back in Zahedan, protests continued into the night, with several videos posted online purporting to show protesters setting fire to tyres to block streets.

Zahedan’s prosecutor had earlier said the city was calm and videos showing the injured were old, the state news agency IRNA reported. The semi-official news agency Tasnim said police had used tear gas to disperse “a few people who had gathered and were throwing rocks at security forces”.

 

Internet monitor Netblocks reported a “significant disruption” to the internet in Zahedan on Friday, saying authorities had “systematically shut down telecoms to suppress weekly anti-government protests”.

On September 30, 2022, security forces killed at least 66 people in a crackdown, according to Amnesty International. Authorities accused protesters, angered by the alleged rape of a girl from the Baluch minority by a police commander, of provoking the clashes.

Molavi Abdolhamid, Iran’s most prominent Sunni leader and a longtime critic of Tehran’s Shia leaders, demanded justice for the victims of the…

Source…

US cyberwarriors thwarted 2020 Iran election hacking attempt

/in


Iranian hackers broke into to a system used by a U.S. municipal government to publish election results in 2020 but were discovered by cyber soldiers operating abroad and kicked out before an attack could be launched, according to U.S. military and cybersecurity officials.

The system involved in the previously undisclosed breach was not for casting or counting ballots, but rather was used to report unofficial election results on a public website. The breach was revealed during a presentation this week at the RSA Conference in San Francisco, which is focused on cybersecurity. Officials did not identify the local government that was targeted.

“This was not a system used in the conduct of the election, but we are of course also concerned with systems that could weigh on the perception of a potential compromise,” said Eric Goldstein, who leads the cybersecurity division at the U.S. Cybersecurity and Infrastructure Security Agency.

If not expelled from the site, the hackers could have altered or otherwise disrupted the public-facing results page — though without affecting ballot-counting.

“Our concern is always that some type of website defacement, some type of (denial of service) attack, something that took the website down or defaced the website say on the night of the election, could make it look like the vote had been tampered with when that’s absolutely not true,” Major Gen. William J. Hartman, commander of U.S. Cyber Command’s Cyber National Mission Force, told conference attendees Monday.

Hartman said his team identified the intrusion as part of what he termed a “hunt-forward” mission, which gathers intelligence on and surveils adversaries and criminals. The team quickly alerted officials at the U.S. cybersecurity agency, who then worked with the municipality to respond to the intrusion.

Hartman said his team then acted “to ensure the malicious cyber actor no longer had access to the network and was unable to come back into the network in direct support of the elections.”

No details were released on how or from what country the Iranian intrusion was detected.

Source…

Iran and Russia were too distracted to meddle in midterm elections, US general says

/in




CNN
 — 

Domestic unrest in Iran and Russia’s war in Ukraine may have distracted Tehran and Moscow from making more of an effort to influence or interfere in the 2022 US midterm election, a top US military cyberofficial said Monday.

“We collectively saw much less focus from foreign adversaries, particularly the Russians” in targeting the 2022 election compared to previous elections, Maj. Gen. William J. Hartman, who leads the Cyber National Mission Force of US Cyber Command, the military’s offensive and defensive hacking unit, said at a press briefing at Fort Meade, home to Cyber Command and the National Security Agency.

Hartman said he was “surprised” by the relative lack of activity from the Russians and Iranians during the midterm election. The US military’s cyber forces have taken a more active role in defending US elections from foreign interference since 2018 by targeting computer networks used by Russia and others to try to sow discord.

Gen. Paul Nakasone, the head of Cyber Command, confirmed to reporters this month that the command conducted offensive and defensive cyber operations in an effort to protect the midterms from foreign interference and influence.

Nakasone declined to go into details on the operations, but said the command focused on taking down the computer infrastructure used by foreign operatives “at key times.”

“There was a campaign plan that we followed and it wasn’t just November 8. it covered before, during and until the elections were certified,” said Nakasone, who also leads the National Security Agency.

Foreign governments tend to use established agencies to meddle in elections rather than create new organizations to do that on the fly, Hartman said. And the security services in Russia and Iran were preoccupied in the weeks and months before Americans went to the polls in November.

Iranian security forces carried out a bloody crackdown on protesters this fall after a woman died in the custody of the so-called morality police. Russia’s military, meanwhile, pummeled…

Source…

Iran: State-Backed Hacking of Activists, Journalists, Politicians

/in


(Beirut) – Hackers backed by the Iranian government have targeted two Human Rights Watch staff members and at least 18 other high-profile activists, journalists, researchers, academics, diplomats, and politicians working on Middle East issues in an ongoing social engineering and credential phishing campaign, Human Rights Watch said today.

An investigation by Human Rights Watch attributed the phishing attack to an entity affiliated with the Iranian government known as APT42 and sometimes referred to as Charming Kitten. The technical analysis conducted jointly by Human Rights Watch and Amnesty International’s Security Lab identified 18 additional victims who have been targeted as part of the same campaign. The email and other sensitive data of at least three of them had been compromised: a correspondent for a major US newspaper, a women’s rights defender based in the Gulf region, and Nicholas Noe, an advocacy consultant for Refugees International based in Lebanon.

“Iran’s state-backed hackers are aggressively using sophisticated social engineering and credential harvesting tactics to access sensitive information and contacts held by Middle East-focused researchers and civil society groups,” said Abir Ghattas, information security director at Human Rights Watch. “This significantly increases the risks that journalists and human rights defenders face in Iran and elsewhere in the region.”

For the three people whose accounts were known to be compromised, the attackers gained access to their emails, cloud storage drives, calendars, and contacts and also performed a Google Takeout, using a service that exports data from the core and additional services of a Google account.

Various security companies have reported on phishing campaigns by APT42 targeting Middle East-focused researchers, civil society groups, and dissidents. Most of them identify APT42 based on targeting patterns and technical evidence. Organizations such as Google and the cybersecurity companies Recorded Future, Proofpoint, and Mandiant have linked APT 42 to Iranian authorities. Identifying and naming a threat actor helps researchers to identify, track, and link hostile cyber…

Source…