Pro-Iranian Nasir Security is targeting energy companies in the Gulf

(Pierluigi Paganini – Security Affairs) Resecurity (USA) is tracking a relatively new cybercriminal group called Nasir Security, presumably associated with Iran, that is targeting energy organizations in the Middle East. The energy sector is one of the most impacted areas because of the Iranian malicious activity in the region, including the lockdown of the Strait of Hormuz and drone/missile attacks against the energy infrastructure of neighboring countries in the GCC, allies of the US. Based on the artifacts collected by the threat intelligence team at Resecurity, the group is attacking supply chain vendors involved in engineering, safety, and construction. The data stolen as a result of such incidents is authentic but originates from a third party (of the target company), which may lead to incorrect assumptions about the origin of the breach. Notably, the focus of the attacks is centered on the energy sector, which has experienced significant financial and technological damage since the start of the war in Iran. Cyberspace is used to amplify it, following recent attacks against LNG and logistics providers. – Pro-Iranian Nasir Security is targeting energy companies in the Gulf