Iran TerrorismUS Issues Warning About Iran Breach in Microsoft Vulnerability

US Issues Warning About Iran Breach in Microsoft Vulnerability

-

Microsoft Logo

By Jubin Katiraie

US Cyber Command has issued a public warning to Microsoft Outlook users over the “active malicious use” of a vulnerability that appears to be linked to Iran, tweeting that it had discovered the “use of CVE-2017-11774 and recommends immediate patching”.

This comes only a week after the US opted to launch a cyber-attack against Iran’s missile systems in response to the downing of a US drone, as opposed to a traditional military strike that would have caused civilian casualties. Iran’s cyber capabilities are fairly limited when it comes to a strike against the US government or military, which is why they may be choosing to target the civilian sector.

The vulnerability being exploited was discovered and patched in 2017, but many systems or even just individual computers have not updated their Outlook systems since and are still vulnerable to attacks that can infiltrate the underlying operating system. The vulnerability was weaponized in 2018 by an Iranian state-sponsored hacking group, named by cyber security experts as APT33 or Charming Kitten.

APT33, which is responsible for the Shamoon disk-wiping malware that targeted Saudi Arabia’s national oil company in 2012, could be behind a series of intrusions and attempted intrusions via Outlook Web Access or Office 365, according to cyber security firm FireEye.

The US Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) warned last month about a “recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies”.

They said that Iran uses spear phishing, password spraying, and credential stuffing to access accounts and that targets may use their data and their whole network.

The National Security Agency told the Associated Press last month that there have previously been “serious issues with malicious Iranian cyber actions”.

They said: “In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defences are in place.”

While this is an unprecedented move by Cyber Command to issue a public warning on an Iranian cyber attack, this is likely a sign of things to come. Iran has now identified the cyber sphere as a realm where it can take big hits against its enemies – most of whom have a much larger military – without suffering much damage. And it’s not just the US being targeted. Late last year, the UK acknowledged a cyber attack on its high-profile government and commercial systems by Iran.

Latest news

The United States and Arab Allies Sanction Five Entities and 16 Hezbollah Officials

The United States and the member states of the Terrorist Financing Targeting Center (TFTC) have imposed a new round...

Drug Crisis: Chemotherapy Costs in Iran Have Increased Tenfold

A new wave of drug price increases in Iran has catastrophically raised the cost of medical treatment. In one...

Iran’s Negative Economic Growth: From Statistical Manipulation to the Collapse of Investment

When the gap between official figures and reality becomes too wide, the economic crisis is no longer confined to...

Iraq Sets September 30 as Deadline for Disarmament of Iranian Regime-Backed Militia Groups

Iraqi government spokesperson Haider al-Aboudi announced on Monday, June 29, that the government has given Shiite armed groups backed...

Escalating Iran-US Conflict Cuts Strait of Hormuz Traffic, Lifts Oil Prices

Oil Prices Rise and Ship Traffic Through the Strait of Hormuz Declines Following Tensions Between Iran and the United...

The ‘No To Executions Tuesdays’ campaign has entered its 127th week

The campaign “No to Executions Tuesdays,” a prisoner-led protest against executions held across multiple prisons in Iran, entered its...

Must read

Iran’s Regime and ‘The Worst and Most Terrifying Issue About Its Agreement With China’

On January 13, the Iranian regime’s foreign minister Hossein...

Student activist gets one year jail time in Iran

Iran Focus: Tehran, Iran, Aug. 22 – An Iranian...

You might also likeRELATED
Recommended to you