The Cybersecurity Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory on an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks. This Advisory analyzes the threat actor’s indicators of compromise (IOCs); and tactics, techniques, and procedures (TTPs); and exploited Common Vulnerabilities and Exposures (CVEs).
CISA encourages users and administrators to review the following resources for more information.
- Joint Cybersecurity Advisory: Iran-Based Threat Actor Exploits VPN Vulnerabilities
- MAR-10297887-1.v1: Iranian Web Shells
This product is provided subject to this Notification and this Privacy & Use policy.