Iran's IRGC Linked to State-Sponsored Ransomware Campaign

Pulse Secure fixes zero-day, Scripps Health crippled by a ransomware attack, Apple fixes two iOS zero-days exploited in the wild, Hundreds of millions of Dell devices affected by driver flaw, more

May 4, 2021

∙ Paid

Don’t wait for each issue of Metacurity to catch up on infosec news. Follow us on Twitter as we tweet throughout the top developments throughout the day!

Researchers at Flashpoint have linked Iran's Islamic Revolutionary Guard Corps (IRGC) to a state-sponsored ransomware campaign, "Project Signal,” through an Iranian contracting company called 'Emen Net Pasargard' (ENP). The researchers based their discovery on three documents leaked by an anonymous entity named Read My Lips or Lab Dookhtegan between March 19 and April 1 via its Telegram channel.

Project Signal started between late July 2020 and early September 2020, with ENP's internal research organization, named the "Studies Center," putting together a list of unspecified target websites. (Ravie Lakshmanan / The Hacker News)

Related: CISO MAG, Flashpoint

Pulse Secure fixed a zero-day vulnerability tracked as CVE-2021-22893 in the Pulse Connect Secure (PCS) SSL VPN appliance. The zero-day is being actively exploited to compromise the …

Keep reading with a 7-day free trial

Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.