🚨 $INFY 🚨

Why is Infosys Limited trending today? 🤔

#INFY #stocks #stockmarket

It's been a bit quiet over the last 24 hours, so it'll be a short post today, but we do have a significant update on a long-standing Iranian threat actor. Let's dive in:

Iranian Infy APT Resurfaces with Advanced Tradecraft 🇮🇷

- The Iranian APT group Infy, also known as Prince of Persia, has resurfaced with new malware activity and updated tactics after nearly five years of silence, proving it remains active and dangerous.
- This elusive group, one of the oldest APTs dating back to 2004, is now using updated versions of its Foudre downloader and Tonnerre data exfiltrator, distributed via executables embedded in documents, targeting victims across multiple regions including Iran, Iraq, Turkey, India, Canada, and Europe.
- Key updates to their tradecraft include the use of a Domain Generation Algorithm (DGA) for resilient command-and-control (C2) infrastructure, RSA signature validation for C2 authenticity, and a unique mechanism within Tonnerre to communicate with a Telegram group for C2.

📰 The Hacker News | https://thehackernews.com/2025/12/iranian-infy-apt-resurfaces-with-new.html

#CyberSecurity #ThreatIntelligence #APT #NationState #Iran #Malware #Infy #PrinceOfPersia #InfoSec #CyberAttack #ThreatActor #TTPs

Iranian APT “Prince of Persia” resurfaces after years underground. Active since 2007, the group now uses Telegram to control new malware strains Foudre and Tonnerre in targeted espionage campaigns. 💻

Read: https://hackread.com/iran-apt-prince-of-persia-resurfaces/

#CyberSecurity #Iran #APT #PrinceOfPersia #Infy #Malware

🚨 $INFY 🚨

Why is Infosys / $INFY trending today? 🤔

#INFY #finance #stocks