Home - Article

Featured Article

July 04, 2019

Government Warning: Iranian APT33 Hackers Are Targeting the U.S.


For the first time, the U.S. Cyber Command has shared non-Russian malware via its Twitter account – this time from Iran. The vulnerability is CVE-2017-11774, a security bug that Microsoft patched in Outlook in the October 2017 Patch Tuesday.

The bug was privately reported by SensePost researchers in the fall of 2017, but by 2018, it had been weaponized by an Iranian state-sponsored hacking group known as APT33 (or Elfin), primarily known for developing the Shamoon disk-wiping malware.

USCYBERCOM has discovered active malicious use of CVE-2017-11774 and recommends immediate #patching. Malware is currently delivered from: 'hxxps://customermgmt.net/page/macrocosm' #cybersecurity #infosec

— USCYBERCOM Malware Alert (@CNMF_VirusAlert) July 2, 2019

Iranian attacks on the U.S. have been going on for many years. They are responsible for the first attack on physical infrastructure in the country via a 2015 Dam hack in Rye, New York, located between Fairfield County, New York and Manhattan.

Although the people behind this attack were identified and indicted, the U.S. never forced the Iranians to hand them over in exchange for the multibillion dollar payments made to the country.

The same very talented hackers are likely still hacking.

We expressed our concern at the time.

We passed on government warnings about future Iranian attacks a few weeks ago and sadly reported the country had indeed found a way to destroy IoT devices by “bricking” them via Silex Malware.

This new attack on Outlook will affect organizations that are not patching while the IoT exploit targets devices which do not change admin passwords.

In both cases, it is relatively simple to stay secure – patch systems and change default passwords.

Unfortunately the systems affected will likely be smaller businesses who do not know they need to patch and government systems who don’t keep up with IT.

We refer those who want to stay secure to two useful documents. One to help secure political campaigns from election hacking and another to protect any organization from hacking.





Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.
IT SERVICES

IT SERVICES

Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...

LEARN MORE
CYBERSECURITY Services

CYBERSECURITY

Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...

LEARN MORE
CLOUD SERVICES

CLOUD SERVICES

Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...

LEARN MORE

Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs


Contact us Now!