The Threat Codex4d ago
Insights: Increased Risk of Wiper Attacks
#HandalaHackTeam #VoidManticore
https://unit42.paloaltonetworks.com/handala-hack-wiper-attacks/
Insights: Increased Risk of Wiper Attacks

We are observing an increase of wiper attacks by the Iran-linked Handala Hack group (aka Void Manticore) through phishing and misuse of Microsoft Intune.

Unit 42
The Threat Codex4d ago
Rapid7 Detection Coverage for Iran-Linked Cyber Activity
#MuddyWater #VoidManticore #HandalaHackTeam #CyberAv3ngers #Keymous+ #DieNet #NoName057(16) #CVE_2026_1281 #CVE_2024_4577 #CVE_2025_32433 #CVE_2025_52691 #CVE_2025_9316 #CVE_2026_21514
https://www.rapid7.com/blog/post/tr-detection-coverage-iran-linked-cyber-activity/
Rapid7 Detection Coverage for Iran-Linked Cyber Activity

Explore the detection & enrichment coverage available to Rapid7 customers in a new blog, broadly assessing the macro cyber threat landscape and demonstrating the specific actions undertaken within the Rapid7 portfolio.

Rapid7
KrebsOnSecurity RSS5d ago

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/

#MinistryofIntelligenceandSecurity #Ne'er-Do-WellNews #PaloAltoNetworks #ALittleSunshine #MicrosoftIntune #LatestWarnings #TheComingStorm #IrishExaminer #VoidManticore #HandalaHack #wiperattack #Handala #Stryker

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker – Krebs on Security

Benjamin Carr, Ph.D. πŸ‘¨πŸ»β€πŸ’»πŸ§¬Jun 3, 2024
#Iran's State Hackers Partner Up for Large-Scale Attacks, Report
Check Point researchers have detailed a new Iranian state-sponsored hacker group called #VoidManticore, partnering with #ScarredManticore, another threat group based in Iran’s Ministry of Intelligence and Security. Their most recent attacks involved the BiBi Wiper (named after Israeli Prime Minister Benjamin Netanyahu), which can corrupt files and disrupt system functionality. https://www.hackread.com/iranian-state-hackers-partner-up-for-attacks/ #APT
Iranian State Hackers Partner Up for Large-Scale Attacks, Report

Follow us on Twitter (X) @Hackread - Facebook @ /Hackread

Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Just Another Blue TeamerMay 22, 2024

Happy Wednesday everyone!

The Check Point Software researchers highlight a recent attack by an adversary they call #VoidManticore and the tools, TTPs, and behaviors they observed. A notable technique was the deployment of different variants of wipers that, if you analyze some of the behaviors they exhibited, could be confused with ransomware. There was the destruction of shadow copies using vssadmin and abuse bcdedit to modify the boot configuration to prevent recovery. But the added activity of removing partition information is what revealed the wiper's true identity. It is a very good read and I highly recommend it! Enjoy and Happy Hunting!

BAD KARMA, NO JUSTICE: VOID MANTICORE DESTRUCTIVE ACTIVITIES IN ISRAEL
https://research.checkpoint.com/2024/bad-karma-no-justice-void-manticore-destructive-activities-in-israel/

#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday

Bad Karma, No Justice: Void Manticore Destructive Activities in Israel - Check Point Research

Introduction Since October 2023, Check Point Research (CPR) has actively monitored and hunted state-sponsored threats targeting Israeli organizations with destructive attacks using wipers and ransomware. Among these threats, Void Manticore (aka Storm-842) stands out as an Iranian threat actor known for conducting destructive attacks and leaking information through the online persona ’Karma’ (sometime written as KarMa). […]

Check Point Research