Iranian cyber operations have sharply escalated in 2025, targeting critical infrastructure, defense sectors, and global businesses—especially those linked to Israel and the U.S. From destructive malware and coordinated DDoS attacks to sophisticated hack-and-leak campaigns leveraging generative AI, Iranian threat actors are rapidly evolving. Join us to explore their latest tactics, notable incidents, and essential strategies to defend your organization. Hosts Sherri Davidoff and Matt Durrin break down wiper malware trends, AI-powered phishing, the use of deepfakes for psychological operations, and the critical role of patching and MFA in protecting against collateral damage.
Key Takeaways for Cybersecurity Leaders
- Patch Internet-Facing Systems Promptly: Iranian attackers frequently exploit unpatched systems—especially VPNs, SharePoint, and other perimeter-facing tools. Microsoft’s July Patch Tuesday alone included 137 vulnerabilities, including actively exploited zero-days. Stay current to avoid being an easy target.
- Implement Phishing-Resistant Multifactor Authentication (MFA): Groups like Charming Kitten are leveraging generative AI to craft convincing spear phishing emails. Use MFA methods such as FIDO2 security keys, biometrics, or passkeys. Avoid push fatigue, SMS codes, or email-based MFA which are easily phished or bypassed.
- Segment and Secure Critical IT & OT Systems: Assume attackers will get in. Segment IT from OT networks (especially SCADA/ICS environments) and limit lateral movement. Iranian campaigns have crossed into OT, targeting backups and sabotaging ICS operations.
- Maintain Robust, Tested Backup and Recovery Systems: Wiper malware and ransomware deployed by Iranian groups have destroyed both live data and backups. Use immutable or offline backups, and test full restores. Automate reimaging processes to ensure rapid recovery at scale.
- Raise Awareness Against Sophisticated Social Engineering: Train staff to recognize AI-generated phishing and deepfake audio/video attacks. Iran has used deepfakes to spread disinformation and influence public perception. Show your team what deepfakes look and sound like so they can spot them in the wild.
Resources & References
CISA/FBI/NSA Joint Advisory: https://www.cisa.gov/sites/default/files/2025-06/joint-fact-sheet-Iranian-cyber-actors-may-target-vulnerable-US-networks-and-entities-of-interest-508c-1.pdf
Unit 42 Report: https://unit42.paloaltonetworks.com/iranian-cyberattacks-2025/
Deepwatch Threat Intel: https://www.deepwatch.com/labs/customer-advisory-elevated-iranian-cyber-activity-post-u-s-strikes/
LMG Security – Defending Against Generative AI Attacks: https://lmgsecurity.com/defend-against-generative-ai-attacks/
#cybersecurity #cybercrime #cyberattack #cyberaware #cyberthreats #ciso #itsecurity #infosec #infosecurity #riskmanagement
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Cardiac Cowboys
The heart was always off-limits to surgeons. Cutting into it spelled instant death for the patient. That is, until a ragtag group of doctors scattered across the Midwest and Texas decided to throw out the rule book. Working in makeshift laboratories and home garages, using medical devices made from scavenged machine parts and beer tubes, these men and women invented the field of open heart surgery. Odds are, someone you know is alive because of them. So why has history left them behind? Presented by Chris Pine, CARDIAC COWBOYS tells the gripping true story behind the birth of heart surgery, and the young, Greatest Generation doctors who made it happen. For years, they competed and feuded, racing to be the first, the best, and the most prolific. Some appeared on the cover of Time Magazine, operated on kings and advised presidents. Others ended up disgraced, penniless, and convicted of felonies. Together, they ignited a revolution in medicine, and changed the world.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.