惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Jina AI
Jina AI
宝玉的分享
宝玉的分享
Last Week in AI
Last Week in AI
Help Net Security
Help Net Security
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
人人都是产品经理
人人都是产品经理
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
GbyAI
GbyAI
博客园_首页
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
MongoDB | Blog
MongoDB | Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LINUX DO - 最新话题
PCI Perspectives
PCI Perspectives
博客园 - 三生石上(FineUI控件)
V2EX - 技术
V2EX - 技术
Spread Privacy
Spread Privacy
T
Tor Project blog
量子位
阮一峰的网络日志
阮一峰的网络日志
S
SegmentFault 最新的问题
小众软件
小众软件
博客园 - 叶小钗
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Blog — PlanetScale
Blog — PlanetScale
H
Help Net Security
Y
Y Combinator Blog
N
News | PayPal Newsroom
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Tenable Blog
Scott Helme
Scott Helme
G
GRAHAM CLULEY
大猫的无限游戏
大猫的无限游戏
aimingoo的专栏
aimingoo的专栏
IT之家
IT之家
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
Martin Fowler
Martin Fowler
T
Threat Research - Cisco Blogs
博客园 - 司徒正美
Application and Cybersecurity Blog
Application and Cybersecurity Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Attack and Defense Labs
Attack and Defense Labs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
L
LangChain Blog
C
Check Point Blog
Google Online Security Blog
Google Online Security Blog
V
Visual Studio Blog
Latest news
Latest news

Security

Report: Business email compromise attacks surged dangerously in April Scope Systems confirms cyber incident, says no data loss occurred Instructure breach: ShinyHunters says ‘matter has been resolved’ Rapid7 launches Cyber GRC program to connect compliance with live risk data Australian federal budget 2026: The industry perspective Op-Ed: Microsoft May Patch Tuesday reveals 137 vulnerabilities Federal Budget 2026: The state of cyber security spending for the coming year OpenAI offers EU early access to its cyber security model Exclusive: Aussie firm Earth Systems listed by INC Ransom hacking group Op-Ed: Why Middle East tensions demand immediate action on OT security Aussie schools breach: Instructure boss “reaches agreement” with ShinyHunters to not release data Institute of Public Accountants members hit by data breach Union demands answers on Qantas AI plans 1 in 3 small businesses don't think they're a cyber target, new research finds Exclusive: Aussie toy distributor listed by M3rx ransomware Exclusive: Australian Computer Society investigating possible breach after ShinyHunters hack claims The industry speaks – part 2: World Password Day 2026 Aussie schools breach: The Instructure hack “transcends an isolated IT incident” Exclusive: Aussie car part importer Strategic Imports allegedly breached by threat actors New South Wales, other states, investigating Instructure/Canvas data breach Australian Cyber Security Centre warns of ClickFix campaign leveraging Australian infrastructure Queensland Department of Education confirms students & staff impacted by ShinyHunters data breach ACMA takes action against SpinTel & Yomojo over mobile number fraud violations The Industry Speaks, Part 1: World Password Day 2026 Qualys and Converge tie cyber insurance pricing to real-time security posture Fakeout: Iranian APT caught hiding behind Chaos ransomware activity Exclusive: Australian energy management firm allegedly breached by SafePay Real estate giant Cushman & Wakefield confirms cyber incident, Qilin and ShinyHunters claim attack CrowdStrike expands Project QuiltWorks as more partners join AI security coalition Hacked: ALS discloses cyber incident, unauthorised access to IT systems Microsoft the main target of AI phishing attacks, report uncovers Attackers increasingly turning to trusted security tools to compromise Aussie victims Exclusive: Champion Homes confirms customer data compromised in “cyber event” Australia, Japan commit to partnership to meet cyber security challenges & strengthen cyber defences NSW Treasury cyber incident contained, impact no longer ‘significant’ WA rental scam surge: Tenants targeted with fake $500 discount trap Aussie Information Commissioner launches Privacy Awareness Week 2026 Unregistered branded text messages to be labelled ‘Unverified’ from 1 July Exclusive: Major Australian jewellery brand confirms cyber incident Watch this! Komari server monitor tool abused by hackers Act Now! ACSC warns of active exploitation of cPanel & WHM critical vulnerability Exclusive: Kiwi electrical contractor confirms cyber attack Exclusive: Prime Properties listed as breach victim by M3rx ransomware DigiCert launches AI Trust architecture to secure agents, models, and content Winners of the 2026 Australian Cyber Awards unveiled Op-Ed: Redefining performance in the AI-powered SOC NZ council cyber attack leads to ID and financial data being exposed Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand Vect unveiled: Inside an emerging ransomware group’s affiliate network Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce Anthropic Mythos: The model, the myth and the mundane​ Report: Aussie small businesses doing it tough as job scams double, losses rise Cyber attacks on medical devices pose ‘significant’ impact on real-life patient care Twisted Firestarter! Aussie, US, and UK cyber agencies warn of Cisco malware campaign Generation Life informs customers of “cyber incident” as owner shares incident with ASX CBA launches new scam-finding AI agent Sri Lankan government hack sees $3.7m destined for Australia stolen CrowdStrike extends cloud threat detection to Google Cloud Hey big spender! Microsoft to invest $25bn in Australian AI infrastructure Genetec marks Sydney milestone with visit by high commissioner of Canada to Australia Rental platform under fire for collecting excessive personal data Exclusive: SA genealogical research firm confirms cyber incident following SafePay ransom claims PentenAmio announces acquisition of Armour Communications Exclusive: Aussie passports compromised in alleged Favelle Favco data breach Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says Treasury staffer charged for NSW government data breach Op-Ed: AI won’t patch the holes in your SOC Game on! More than a third of FIFA World Cup 2026 partners expose Aussies to email fraud risk Dark web markets: A complete Aussie identity costs as little as $200 Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group Mortgage fraud now harder to detect thanks to AI McGraw Hill confirms ShinyHunters breach, won’t confirm if any Aussie customers impacted Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway National Defence Strategy 2026: Spending on military cyber capability to reach at least $15bn Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware Op-Ed: ASIO has broken its silence on cyber crime, and you should listen Too-hard basket: NIST to scale back CVE updates as vulnerabilities soar OpenAI launches GPT 5.4-Cyber in response to Anthropic Glasswing NZ racehorse auction stalled by cyber attack Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities ADF joins international military exercise focused on cyber resilience and multi-domain operations OpenAI CEO’s home targeted in attempted drive-by just days after Molotov attack Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims Booking.com confirms cyber incident, customer reservation data potentially compromised Report: Majority of CISOs not ready for the next big cyber attack Exclusive: Aboriginal community organisation confirms cyber incident following INC Ransom claims The industry speaks: World Identity Management Day 2026 WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands ‘pay or leak’ Exclusive: Gunra ransomware lists Eric Davis Dental as breach victim Op-Ed: Why zero trust for OT should start at the boundary, not the boiler room Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom US Treasury launches intelligence-sharing initiative with crypto companies Citigroup says AI speeds up new account openings Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware Game on! Nationwide student competition aims to tackle Australia’s cyber skills gap Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation Ransomware group claims hack of legal giant Jones Day Anthropic, partners announce Project Glasswing cyber security initiative Exclusive: Aussie tech firm Seeing Machines confirms potential cyber security incident
Cyber war: Pro-Iranian hackers vow to fight on despite a fragile ceasefire with the US
david.hollingworth@momentummedia.com.au (David Hollingworth) · 2026-04-10 · via Security

The missiles and drones may have stopped for now, but hackers in support of Iran are far from laying down arms – and critical infrastructure is in their crosshairs.

A civilisational apocalypse in Iran may have been averted for now, but despite the ceasefire now in place, hacktivists and state-linked hackers are expected to continue targeting the country’s perceived enemies.

“The current environment reflects a fragmented ceasefire. Hostilities are continuing across key theatres, particularly in Lebanon and across Gulf energy infrastructure,” Kathryn Raines, cyber threat intelligence team lead for the national security solutions team at Flashpoint, said in an overnight threat summary.

You’re out of free articles for this month

To continue reading the rest of this article, please log in.

“That fragmentation introduces additional uncertainty. When activity continues despite formal agreements, it becomes more difficult to anticipate escalation pathways, which increases operational risk for organisations with regional exposure.”

And cyber attacks, by their non-kinetic nature, are a particularly open pathway to continue hostilities, according to Raines.

“A military ceasefire does not translate to a cyber pause. What we’re seeing is continuity in activity, with threat actors maintaining tempo while adjusting targeting and messaging,” Raines said.

“For organisations, that means risk remains elevated. Critical infrastructure, particularly in energy and water systems, continues to be actively targeted, and the use of the ceasefire as cover creates additional uncertainty around what comes next.”

War by any other means

Ceasefires are, in effect, agreements between more or less sovereign powers. Hacktivist groups, such as Handala, do not feel bound by any such concessions. Despite one of its websites being taken down recently by the US authorities, the group has said it is prepared to fight on.

“The cyber war did not begin with the military conflict, and it will not end with any military ceasefire,” Handala said in an 8 April blog post.

“Our cyber jihad is the extension of our martyrs’ blood, and it will go on until full vengeance is achieved.”

That said, the group has agreed to postpone “overt confrontation with the United States”, but has also promised more activity is to come.

“The hack of the FBI director was just a glimpse of our power; For us, no land is too distant and no network is truly secure,” Handala added.

“Rest assured: when the time comes, the darkest of nights will have only just begun for America and all its supporters.”

As of 8 April, here’s just a sample of cyber incidents linked to the fighting in Iran:

A group calling itself the Cyber Islamic Resistance said it was expressing solidarity with Russian hacking group Team Killnet, a sign of a possible alliance between groups with extreme anti-Western beliefs.

Pro-Islam group Conquerors Electronic Army said it had launched a distributed denial-of-service attack on several Israeli entities, including a pair of volunteer associations, Beit Cham and All-Volunteer Force.

Australia, though far from the conflict, is not immune either. A group calling itself the 313 Team claimed to have launched a large-scale attack on an Australian government portal.

Meanwhile, US authorities distributed an advisory warning of Iran-linked threat actors targeting critical infrastructure entities via internet-facing hardware in the water and energy sectors.

Critical threat

In that latter case, the hackers are targeting hardware that was traditionally not internet-connected – programmable logic controllers – which presents a unique problem for defenders.

“The threat actors here are assessed to be affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). They accessed CompactLogix and Micro850 devices using Rockwell Automation’s Studio 5000 Logix Designer,” Nozomi Networks CISO Markus Mueller said.

“The traffic looks like a regular remote engineering session because that’s exactly what it was. The difference is who was sitting at the keyboard.”

According to Mueller, such malicious activity is an unavoidable byproduct of geopolitical tension.

“That correlation isn’t new – Iranian-affiliated OT activity has tracked with periods of kinetic escalation consistently over the past several years,” Mueller said.

“That doesn’t mean your threat level should spike with every news cycle, but when the regional picture gets more volatile, it’s a reasonable prompt to re-verify your exposure, refresh your indicators of compromise (IOC) hunts, and confirm your monitoring coverage is actually running the way you think it is.

“In critical infrastructure, geopolitical context is a legitimate input to threat posture.”

Addressing the scale of any future cyber threat Iran may pose, Andrew Chipman, GRC manager at cyber security and compliance firm ProCircular, was particularly blunt in his assessments.

“The threat of cyber attack from Iran is real. At this time, we expect to see that threat realised through proxies, hacktivists, and other allies to the Iranian regime,” Chipman told Cyber Daily.

“If Iran is able to build back its regime, we may see direct retaliation from Iran in the form of cyber attacks against highly visible targets. History teaches us that hospitals and medical service providers are prime targets for the regime and its supporters.”

Iran, Chipman contends, may not be in a position to wage large-scale cyber warfare against the US and its allies at this point, but the country has other options.

“Hacktivists and proxy attackers are plentiful – expect attacks to come and prepare appropriately,” he said.

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

Tags: