Internet access in Iran returns
After three months of a complete internet shutdown – known as the “Iran Digital Blackout” and considered the longest internet outage in contemporary history – internet access is returning. NetBlocks, the global internet monitoring organization, announced on 27th May on…
Nimbus Manticore group starts new campaign
Based on a newly released article from the cybersecurity firm Unit 42, the advanced persistent-threat group Nimbus Manticore – which is linked to the Islamic Revolutionary Guard Corps – is carrying out a widespread new campaign against organizations in the…
Hacker Group “MuddyWater” uses Microsoft Teams to Steal Credentials
Days ago, the security company Rapid 7 announced on their website that the group MuddyWater has carried out a new ransomware attack. The MOIS aligned threat actor group, MuddyWater, which has been active since around 2018, has carried out a…
Continuation of Iran’s war on the cyber battlefield
Whilst the conflict between the US/Israel coalition and Iran continues, Iran’s regime has intensified its effors in the cyber war. The hacking group Handala which emerged shortly after the Hamas attacks on Israel on 7 October and who previously claimed…
Significant cyber attack on Stryker Inc.
The Handala hacking group, affiliated with the Ministry of Intelligence and Security, have announced that they have carried out a “unique cyber operation” against the US medical equipment company Stryker. In a statement the group called the attack a retaliation…
Cyber campaign “Red Kitten” targets human rights activists and NGOs
“Red Kitten” is an advanced persistent threat group affiliated with the Islamic Revolutionary Guard Corps (IRGC), which started its activities in January 2026, during the country-wide protests. It appears that the group has conducted a campaign targeting NGOs and human…
What you should do during an internet outage
For years, the government has had a history of using the limiting of internet access as a tool for censorship and oppression against the Iranian people. Therefore, the aim of this report is to provide guidance on how to counter…
Iranian hacking group carries out cyber operations against 2 Swedish companies
Swedish news outlet ‘Dagens Nyheter’ have published an article stating that hacker networks connected to the Islamic Republic of Iran Intelligence Services, in Spring this year, exploited 2 Swedish software companies and their trade infrastructure to carry out covert cyber…
Counter Galois Onion: Improved encryption for Tor circuit traffic
The Tor project have recently announced that it is implementing a new Counter Galois Onion (CGO) relay encryption algorithm. Cryptographers Jean Paul Degabriele, Alessandro Melloni, Jean Pierre Munch and Martijn Stam has been designed CGO for years. According to the…
Handala hacking group exposes confidential access to Suvarnabhumi Airport
On November 15, 2025, the cyber group known as “Banished Kitten” or “Handala” affiliated with the Ministry of Intelligence and Security of Iran (MOIS), inadvertently disclosed confidential access to the Suvarnabhumi Airport in Bangkok, Thailand, whilst attempting to breach the…