Latest news with #Radware
Euronews
2 days ago
- Business
- Euronews
How the Israel-Iran conflict is developing in cyberspace
As the conflict between Israel and Iran approaches the first-week mark, both countries are leaning into cyberspace to launch attacks. A possible Israeli-linked hacking group has claimed responsibility for disrupting operations at an Iranian bank and flooding the crypto market with approximately $90 million (€77 million) in stolen funds. Meanwhile, Israeli officials reported fake messages sent to the public alerting them of terrorist attacks against bomb shelters to sow panic. Both countries are also known for having a long history of cyberattacks against each other, according to US-based cybersecurity firm Radware. 'In the days since the fighting began, government-backed hackers, patriotic hacktivists, online propagandists, and opportunistic cybercriminals have all been active,' the company said in its threat alert dated June 18. The anti-Iranian hacking group with possible ties to Israel,Gonjeshke Darande, or 'Predatory Sparrow,' claimed an attack on one of Iran's most prominent banks, Bank Sepah, this week, according to a statement they published on X. Iranian media reported at the time that people had difficulties accessing their accounts, withdrawing cash or using their bank cards. The US Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned Bank Sepah in 2018 for supporting Iran's military. The hacking group then went after Nobitex, one of Iran's main cryptocurrency exchanges. The group claimed they burned $90 million from accounts that belong to the Israeli regime and, by Thursday morning, had posted the source code for the platform. In a statement on X posted on Wednesday, Nobitex claimed that the assets were transferred to a wallet 'composed of arbitrary characters,' an approach they say 'deviates significantly from conventional crypto exchange hacks'. 'It is clear the intention behind this attack was to harm the peace of mind and assets of our fellow citizens under false pretences,' Nobitex wrote. Nobitex estimates the amount stolen is closer to $100 million (€87 million) The Iranian government has asked people to delete the social messaging app WhatsApp and has begun internet blackouts that have taken the country offline for 'over 12 hours' due to 'Israel's alleged 'misuse' of the network for military purposes,' according to internet monitoring companies Netblocks and Censys. Iran's Tasnim News Agency, a news service associated with the Iranian military, claimed the Internet blackouts are 'temporary' due to the 'special conditions of the country,' and that it will come back when the 'situation returns to normal'. Gonjeshke Darande has been linked to other cyber attacks in Iran, like the 2010 Stuxnet attack. Stuxnet was a computer virus that damaged or destroyed the centrifuges, a key component used to enrich uranium, at Iran's uranium enrichment facilities in Natanz, one of the facilities targeted in the recent missile fire from Israel. US media reports believe Stuxnet was carried out by Israel with support from the United States, who built the program. It's also believed that Israel's Defence Forces Unit 8200 was involved in the attack, according to Reuters. Gonjeshke Darande has also taken credit for other cyber attacks against Iran, such as the 2022 attack on Iran's steel plants and the 2023 attack on gas stations. At the time of the steel plant cyber attacks, Gonjeshke Darande released on social media what they called 'top secret documents and tens of thousands of emails' from Iran's three leading companies to show how the firms were working with the Islamic Revolutionary Guard Corps, a primary branch of Iran's military. Israeli media reported people receiving fraudulent text messages claiming to come from the Israeli Defence Forces (IDF) Home Front Command that warned of attacks onbomb shelters. The messages from OREFAlert were identified as fake by the Israeli authorities, who claim pro-Iranian groups are behind it as a way to sow panic during the operation against the Iranian military, called Operation Rising Lion. Another fake message circulated that said fuel supplies would be suspended for 24 hours, according to the Jerusalem Post. Ron Meyran, the VP of Cyber Threat Intelligence at US-based cybersecurity firm Radware, told the newspaper that there was a 700 per cent increase in cyberattacks against Israel in the first two days of the conflict with Iran, which comes from cyber retaliation from Iranian state actors. Those actions include infiltration attempts targeting critical infrastructure, data theft and malware distribution, Meyran added. Euronews Next reached out to Radware to independently confirm these numbers but did not hear back at the time of publication. A report from Radware says it expects Iran to make use of 'its well-developed network of fake social media personas to shape perceptions of the conflict.' 'During this crisis, observers have seen pro-Iran bot accounts amplifying hashtags about alleged Israeli atrocities and portraying Iran's actions as defensive,' the report said. The bots 'frequently pose as ordinary citizens to make the messaging more persuasive,' it added. Radware also noted in its report that at least 60 of the 100 hacktivist groups that have sprung up since the start of the conflict last week are pro-Iran and are either from the Middle East or Asia. These groups have launched 30 denial of service (DDos) attacks per day against Israel that disrupt normal traffic to a website, Radware found. Some of these groups have also threatened cyber attacks against the United Kingdom and the United States if leadership there decides to 'join the war against Iran'. Iran has a 'considerable number' of state-sponsored threat groups that have targeted Israel in the past, like Muddy Water, APT35 (OilRig), APT35 (Charming Kitten) and APT39 (Remix Kitten), the Radware report continued. These groups, with the help of Iran's Islamic Revolutionary Guard Corps, have targeted Israeli infrastructure, conducted malware campaigns and cyberespionage according to local media. These cyber attacks increased following the start of the conflict between Israel and Hamas in Gaza in 2023, according to a 2024 report by Microsoft. A SpaceX rocket being tested in Texas exploded Wednesday night, sending a dramatic fireball high into the sky. The company said the Starship 'experienced a major anomaly' at about 11 pm local time while on the test stand preparing for the tenth flight test at Starbase, SpaceX's launch site at the southern tip of Texas. 'A safety clear area around the site was maintained throughout the operation and all personnel are safe and accounted for,' SpaceX said in a statement on the social platform X. Elon Musk's company SpaceX said there were no hazards to nearby communities. It asked people not to try to approach the site. The company said it is working with local officials to respond to the explosion.
Techday NZ
3 days ago
- Techday NZ
Thai organisations face surge in cyberattacks after border clash
Cyberattacks targeting Thai organisations have risen sharply in the wake of a border incident between Thailand and Cambodia resulting in the death of a Cambodian soldier. A hacktivist group calling itself AnonSecKh, also known as ANON-KH or Bl4ckCyb3r, has claimed responsibility for a series of attacks against several prominent entities in Thailand. The group, communicating via Telegram channels, began its campaign on 23 March 2025, initially targeting Thai government websites before expanding its focus. Rising activity According to research from Radware, AnonSecKh leveraged proof-of-impact reports to validate its distributed denial of service (DDoS) attack claims. These claims have been primarily documented between 28 May and 10 June 2025, during which time the group claims 73 attacks on Thai organisations. The majority of these attacks targeted government websites, which accounted for nearly 30% of the group's claims. Military institutions followed closely behind with almost 26%, with manufacturing (approximately 15%) and finance (more than 7%) also targeted. These attacks spanned a variety of sectors, with a focus on highly visible and essential institutions. AnonSecKh's campaign intensified noticeably after the border incident involving Cambodian and Thai soldiers. "An incident at the border area between Thailand and Cambodia triggered a hacktivist-led cyber campaign targeting Thai organizations and institutions," Radware noted. History of regional cyber incidents This is not the first time the region has seen such politically-motivated cyber activity. Radware's intelligence report notes, "Cyber incidents in the region are not uncommon. In the past, politically motivated Cambodian hacktivist groups, such as ANONSECKH, H3C4KEDZ, and NXBBSEC, have launched attacks in response to rising border tensions or nationalistic disputes." AnonSecKh first drew attention by attacking Thai government portals in March. By the end of that month, the group claimed responsibility for attacks on a wide range of government, academic and commercial websites. Activity slowed in April, but by late April, AnonSecKh had expanded its efforts to include financial institutions in Vietnam. Escalation after border incident A significant escalation occurred after the border incident on 28 May. Radware highlights that "Between May 1 and May 27, only 20 attack claims targeting Thailand were observed, but between May 28 and June 10, the number of claimed attacks jumped to a staggering 64." Early June saw a temporary drop in activity. According to Radware, "In early June, there was a brief slowdown with only a few isolated incidents. However, following the strong public statement from the Thai military on June 6, AnonSecKh resumed and scaled up its attacks, continuing its campaign against Thai institutions and showing no intention of slowing down at the time of writing." Motivation and implications AnonSecKh's operations appear to be politically motivated, typically focusing on countries perceived as harming Cambodia. The group's attack patterns have been closely tied to real-world events at the Thailand-Cambodia border, reflecting a form of digital retaliation. "AnonSecKh's activity highlights several key risks. First, their attacks are tightly linked to political incidents and demonstrate a reactive pattern. This suggests that even isolated or symbolic events can trigger immediate cyber responses. Second, the group has shown the ability to launch rapid and intense attack waves. The sharp jump in volume following key events reflects a high level of coordination and intent. Finally, the choice of targets such as government resources, universities and financial institutions raises concerns about potential real-world disruptions. These attacks aren't just aimed at making a statement, they are an attempt at damaging public trust and interfering with essential services." Radware's analysis indicates that the situation remains dynamic, with AnonSecKh continuing to target Thai organisations, particularly following any developments related to regional disputes or public statements from government or military officials.
Forbes
4 days ago
- Politics
- Forbes
Terrorist Attack Texts And Calls Are Fake, Israel Warns
Israel shelter during missile attack An ongoing 'psychological warfare' campaign is ongoing, Israeli authorities warn, aiming to keep citizens away from bomb shelters for fear of terrorist attacks. The calls and texts claimed to originate from IDF's Home Front Command's 'OREFAlert.' 'Officials believe these threats are part of a psychological warfare campaign orchestrated by Iranian or pro-Iranian groups,' reports The Jerusalem Post, 'aiming to sow widespread panic during the ongoing military campaign against Iran.' Unlike other call and text attacks now surging around the world, these are pure disinformation — there are no dangerous phishing or malware links. The intent is to trick recipients into ignoring usual government advice as Iranian attacks continue. These malicious calls and texts come as the cyber dimension to the ongoing conflict escalates. Cybersecurity firm Radware has warned it's part of a wider campaign, with 'a dramatic 700% increase in cyberattacks targeting Israel in the two days following June 12, coinciding with the commencement of Israel's military strikes on Iran.' Fake incoming call. Per Ynet News, 'officials stress calls are fake and part of a coordinated effort to spread misinformation; they urge the public not to follow any instructions provided in the calls or click on the links mentioned.' It reports that 'messages told recipients to 'prepare for an emergency,' sometimes 'directing them to visit a website for further instructions.' Echoing more benign warnings from U.S. law enforcement and major technology companies, Israel's Home Front Command warns 'it does not contact citizens by phone with emergency instructions unless the individual initiated contact.' The Post says 'since Operation Rising Lion began last Friday, cybersecurity firm Check Point has reported over 2,000 threatening emails targeting Israeli institutions, including universities, local municipalities, and healthcare organizations. Messages included threats such as, 'Prepare for bitter death, dig your graves'."
Techday NZ
5 days ago
- Business
- Techday NZ
Global survey reveals rising AI threats & costly API security gaps
A new report has highlighted significant gaps in the application security measures of organisations worldwide, with concern mounting over issues ranging from artificial intelligence-driven attacks to poorly documented application programming interfaces (APIs) and insufficient staff training. The findings were published in Radware's 2025 Cyber Survey: Application Security at a Breaking Point. The report documents a variety of threat areas that are growing more prevalent as organisations' security defences fall behind accelerating risks, particularly those involving AI, APIs, and business logic attacks. AI threats According to the survey, the increasing use of AI by malicious actors is causing a spike in cybersecurity concerns. Many organisations are particularly worried about hackers using AI to develop and refine attack tools, generate higher volumes of cyberattack traffic, and produce new vectors for zero-day attacks. The survey found 70% of respondents are highly or extremely concerned about hackers using AI to create or improve hacking tools. Similarly, 67% expressed strong concern about the potential for AI to generate a larger volume of attacks, and 66% feared the role of AI in launching new zero-day attack vectors. Despite these concerns, there is little uptake of AI-based protection measures; only 8% of surveyed organisations reported using AI-driven security solutions. However, a significant shift in adoption is anticipated, with four out of five organisations planning to implement AI-based cybersecurity solutions within the next year. "The weaponisation of AI by malicious actors is intensifying cybersecurity threats and drawing even more attention to areas where companies are simply ill-protected," said Shira Sagiv, Radware's Vice President of Product Portfolio. "Internal alarms should be sounding. Companies openly admit to major concerns about gaps in cyber protection and lack of readiness, especially around web applications and APIs; yet their usage continues to climb creating even more risk and exposure." API vulnerabilities The survey also points to continued vulnerability in the management of APIs, which are increasingly in use by organisations but often ill-protected. Between 2023 and 2025, API usage has risen by 42%, with the frequency of daily API updates multiplying sixfold during the same period. On average, organisations are integrating 19 third-party APIs per application, a practice that introduces new risks involving data exposure and potential compromise that are not easily solved at the coding stage. Business logic attacks, a frequent variant of API attacks, were also noted as a mounting risk. While 81% of respondents said having real-time protection measures for business logic attacks is very or extremely important, only 50% had actually deployed runtime business logic protections. Furthermore, only 29% of security staff are fully trained to detect and manage these types of attacks. Documentation and audit processes are also lagging. Only 6% of respondents have full documentation for all of their APIs, which poses an additional challenge for maintaining visibility and control. Additionally, half of those surveyed reported not knowing what third-party code is being used by their web applications, where sensitive data may be leaked to external services, or at what points malicious scripts and services are introduced into their systems. Operational and compliance pressures Other findings indicate growing concerns over resilience and regulatory compliance. Only 16% of respondents are confident in their protection against data breach attempts involving third-party code running on web applications. The commercial impact of attacks remains high, with downtime due to distributed denial of service (DDoS) attacks costing organisations an average of USD $6,100 per minute—equivalent to USD $366,000 per hour. Compliance with numerous international regulations continues to place heavy demands on organisations. An average of 54% surveyed said they have high or extreme concern about compliance obligations spanning NIS2, HIPAA, SEC regulations, PCI DSS 4, GDPR, DORA, and SOX. Survey methodology The survey, conducted in partnership with Osterman Research, collected responses from a range of professionals including compliance, risk and data privacy officers, vice presidents of research and development, network security administrators, and API architects. Participants were drawn from nine countries located in North America, EMEA, APAC, and LATAM regions.
Yahoo
5 days ago
- Business
- Yahoo
Radware Ltd. (RDWR) Hits Fresh High: Is There Still Room to Run?
Have you been paying attention to shares of Radware (RDWR)? Shares have been on the move with the stock up 11.8% over the past month. The stock hit a new 52-week high of $27.11 in the previous session. Radware has gained 18.1% since the start of the year compared to the 1.1% move for the Zacks Computer and Technology sector and the 11.2% return for the Zacks Internet - Software industry. The stock has an impressive record of positive earnings surprises, as it hasn't missed our earnings consensus estimate in any of the last four quarters. In its last earnings report on May 7, 2025, Radware reported EPS of $0.27 versus consensus estimate of $0.23. For the current fiscal year, Radware is expected to post earnings of $1.05 per share on $295.2 million in revenues. This represents a 20.69% change in EPS on a 7.39% change in revenues. For the next fiscal year, the company is expected to earn $1.13 per share on $314 million in revenues. This represents a year-over-year change of 7.62% and 6.37%, respectively. Radware may be at a 52-week high right now, but what might the future hold for the stock? A key aspect of this question is taking a look at valuation metrics in order to determine if the company is due for a pullback from this level. On this front, we can look at the Zacks Style Scores, as these give investors a variety of ways to comb through stocks (beyond looking at the Zacks Rank of a security). These styles are represented by grades running from A to F in the categories of Value, Growth, and Momentum, while there is a combined VGM Score as well. Investors should consider the style scores a valuable tool that can help you to pick the most appropriate Zacks Rank stocks based on their individual investment style. Radware has a Value Score of D. The stock's Growth and Momentum Scores are A and B, respectively, giving the company a VGM Score of B. In terms of its value breakdown, the stock currently trades at 25.3X current fiscal year EPS estimates, which is not in-line with the peer industry average of 27.4X. On a trailing cash flow basis, the stock currently trades at 47.5X versus its peer group's average of 25.5X. This isn't enough to put the company in the top echelon of all stocks we cover from a value perspective. We also need to look at the Zacks Rank for the stock, as this supersedes any trend on the style score front. Fortunately, Radware currently has a Zacks Rank of #2 (Buy) thanks to rising earnings estimates. Since we recommend that investors select stocks carrying Zacks Rank of 1 (Strong Buy) or 2 (Buy) and Style Scores of A or B, it looks as if Radware fits the bill. Thus, it seems as though Radware shares could have potential in the weeks and months to come. Shares of RDWR have been soaring, and the company still appears to be a decent choice, but what about the rest of the industry? One industry peer that looks good is Creative Realities, Inc. (CREX). CREX has a Zacks Rank of # 1 (Strong Buy) and a Value Score of B, a Growth Score of C, and a Momentum Score of B. Earnings were strong last quarter. Creative Realities, Inc. beat our consensus estimate by 366.67%, and for the current fiscal year, CREX is expected to post earnings of $0.46 per share on revenue of $55.96 million. Shares of Creative Realities, Inc. have gained 62.6% over the past month, and currently trade at a forward P/E of 7.46X and a P/CF of 29.81X. The Internet - Software industry is in the top 22% of all the industries we have in our universe, so it looks like there are some nice tailwinds for RDWR and CREX, even beyond their own solid fundamental situation. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Radware Ltd. (RDWR) : Free Stock Analysis Report Creative Realities, Inc. (CREX) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research
