Latest news with #Iran-linked
Time of India
08-07-2025
- Politics
- Time of India
Who are Yemen's Houthis, the group behind the recent Red Sea cargo ship attack?
UAE rescue vessel arrives at the damaged Magic Seas cargo ship after Houthi attack in the Red Sea/ Image: File TL;DR: A cargo ship sailing through the Red Sea was attacked by Yemen's Houthi rebels using drones, missiles, and explosive boats. The crew abandoned the ship. The UAE responded and rescued all 22 people on board. This is the first Houthi strike on commercial shipping in months and may signal a return to tensions in the region. The Red Sea, one of the busiest maritime routes in the world, saw a serious escalation over the weekend. A commercial ship named Magic Seas came under attack near Yemen's coast on July 7. It was hit with a mix of weapons, including drones, ballistic missiles, and unmanned boats filled with explosives. The attack on Magic Seas shows that maritime threats in the Red Sea haven't gone away, but just paused. This isn't the first time the Iran-linked Houthi group has gone after cargo ships. But this was their first such strike in months, and it came after a temporary pause in violence following a U.S.-brokered ceasefire earlier this year. The attack forced the crew to send out a distress call. What followed was a swift response by the UAE. Who are the Houthis? The Houthis are a rebel group based in northern Yemen. They began as a local movement in the 1990s but have grown into a powerful armed force. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like An engineer reveals: One simple trick to get internet without a subscription Techno Mag Learn More Undo In 2014, they took control of Yemen's capital, Sanaa, and have been fighting the country's internationally recognized government ever since. They're widely supported by Iran, especially when it comes to weapons and military training, though both deny direct control. Over time, the Houthis have upgraded their capabilities, now launching long-range missiles and drones and even staging attacks at sea. Their current focus goes beyond Yemen. Since the war in Gaza started in October 2023, the group has tried to target ships they believe are linked to Israel. What happened to Magic Seas? The cargo ship Magic Seas, owned by a Greek company and sailing under a Liberian flag, was attacked while passing through the Red Sea. It had reportedly docked in Israel on a previous voyage, something the Houthis used to justify the strike. The group used a wide range of weapons: Drones Cruise and ballistic missiles Two unmanned explosive boats Small boats with armed men using rifles and rocket-propelled grenades The attack damaged the ship. Fearing it would sink, the crew abandoned it. UAE takes charge of rescue The UAE responded quickly. A vessel operated by Abu Dhabi Ports Group, called Safa Breeze, picked up the distress call and reached the ship in time. The rescue was coordinated with the United Kingdom Maritime Trade Operations (UKMTO) and other maritime safety agencies. All 22 people on board, including crew and security, were brought to safety. Officials confirmed that standard safety procedures were followed throughout the operation. Latest developments: New deadly attack raises fears Two crew members of another cargo ship, the Eternity C , a Liberian-flagged, Greek-owned bulk carrier were killed in a sea drone and speedboat attack off Yemen on Monday night. The attack lasted several hours and left the ship surrounded by small craft still attacking it. According to maritime safety authorities, at least two others were injured and two crew members were reported missing. The ongoing assault by Yemen's Houthi rebels on the Eternity C has raised alarm over a potential surge in violence along this vital shipping route, the United Kingdom Maritime Trade Operations Center warned. What happens next? The attack on Magic Seas and the deadly assault on Eternity C, highlight growing risks to freedom of navigation through the Red Sea, a key shipping lane connecting Europe, Asia, and Africa. Shortly after the Magic Seas incident, Israel reportedly carried out airstrikes on Houthi-controlled areas near the Yemeni port city of Hodeida. One of the targets was the Galaxy Leader, a ship the Houthis captured last year. In response, the Houthis launched missiles toward Israel. The Red Sea could now become a flashpoint again, as violence in Gaza spills into wider regional conflict. FAQs Why did the Houthis attack this ship? They said it had docked in Israel before, which, in their view, made it a target. Was anyone injured or killed? No injuries were reported. All 22 people on board were rescued safely. What weapons were used in the attack? The attack involved explosives, five cruise and ballistic missiles, three drones, small arms and rocket-propelled grenades What was the UAE's role? The UAE, through its maritime operations, led the rescue. The crew was evacuated by Safa Breeze, a ship operated by Abu Dhabi Ports Group. Is this the start of more attacks? It could be. This was the first Houthi attack on a commercial vessel in months, and it comes as tensions between Israel and its regional enemies continue to grow.
Business Insider
07-07-2025
- Business
- Business Insider
5 stock picks from an analyst for a new era of cybersecurity threats
Geopolitical tensions have soared in recent years, leading experts to worry about the rising threat of cyberattacks on governments and critical infrastructure. Cybersecurity concerns have jumped this year. After the US government targeted Iran in a military attack on its nuclear facilities, Iran-linked hackers responded by targeting American banks and defense contractors, as well as oil producers. Arnie Bellini, managing partner of cybersecurity investment firm Bellini Capital, believes that the US government will double down on cybersecurity — and he sees a key opportunity for investors in a handful of stocks that could benefit from the heightened spending. "A lot of people can make lots of money in the cyber space right now," he said. "It's a really smart play." Bellini told Business Insider that he's eyeing these stocks as top picks in the space. Palo Alto Networks From Bellini's perspective, cybersecurity firms that are strongly aligned with the federal government are in the best position to gain. He sees Palo Alto Networks as the best cybersecurity play, due to the company's federal alignment, dynamic list of product and artificial intelligence (AI) integration. "They've already worked with the government agencies, and they're rapidly expanding AI integrated threat detection and zero trust architecture to modern, very appropriate approaches to cybersecurity defense," he stated. Bellini cited the example of Palo Alto Network's history of collaborating with the Cybersecurity and Infrastructure Security Agency (CISA), noting that he expects the contract between the two to be expanded. Shares of Paolo Alto Networks are up 11% year-to-date. CrowdStrike Just behind Palo Alto Networks in Bellini's cyber stock rankings is Crowdstrike Holdings. Bellini highlighted CrowdStrike's popularity with both defense contracts and incident response teams, describing the company as a "go-to product" for many in these areas. "They also have a real-time threat intel and a security operations center automation that fit well with federal cyber rapid response mandates," he added, praising the company's ability to respond to attacks quickly, an essential component of cybersecurity success. Crowdstrike stock is up 50% in 2025. Fortinent and SentinelOne Bellini's also sees growth potential in Fortinet and SentinelOne. While Fortinet is up 12% this year, SentinelOne is down 17% in 2025. That said, Bellini touts them both as likely beneficiaries of a boost to government cyber defense spending. He touts Fortinet's network security and secure access services as a vital component for federal agencies that manage a hybrid infrastructure. "They tick off all the boxes as a company that could be used and is already being used by the federal government," he stated. Bellini acknowledges that SentinelOne is a comparatively new player in the industry but praises its use of AI as an effective cyber tool. "Those who seek to do us harm, the hackers, they're all using AI," he noted. "What's great about Sentinel one is they have an AI driven, autonomous detection and response system." He sees this as highly important because it can help close the skills gap that the cybersecurity industry is facing. A mixed take on Palantir The final cybersecurity stock in Bellini's top five ranking is Palantir Technologies, a company that has emerged as one of the year's breakout stocks. The tech firm has surged more than 78% this year, an is a popular favorite among retail investors. Palantir fits Bellini's criteria of being aligned with the government, as it's inked numerous contracts with agencies including the Department of Defense and Immigration and Customs Enforcement. However, Bellini ranks it below the other top names on his list because, in his words, Palantir is not pursuing AI in its cybersecurity endeavors. However, he added that he does believe that Palantir will benefit from any cyber defense push due to its extensive data mining.
USA Today
02-07-2025
- Politics
- USA Today
Iran enacts law suspending cooperation with UN nuclear watchdog
July 2 (Reuters) - Iranian President Masoud Pezeshkian put into effect on Wednesday a law passed by parliament last week to suspend cooperation with the U.N. nuclear watchdog, the IAEA, Iranian state media reported. The law stipulates that any future inspection of Iran's nuclear sites by the International Atomic Energy Agency needs approval by Tehran's Supreme National Security Council. "We are aware of these reports. The IAEA is awaiting further official information from Iran," the IAEA said in a statement. More: Iran-linked hackers threaten to release Trump aides' emails Iran has threatened to halt cooperation with the IAEA, accusing it of siding with Western countries and providing a justification for Israel's air strikes, which began a day after the IAEA board voted to declare Iran in violation of obligations under the Nuclear Non-Proliferation Treaty. Separately, Iranian Foreign Minister Abbas Araqchi said in an interview with CBS News that the U.S. bombing of Iran's key Fordow nuclear site has "seriously and heavily damaged" the facility. (Reporting by Dubai newsroom, additional reporting by Francois Murphy in Vienna; Editing by Andrew Heavens, Alex Richardson and Ros Russell)
New York Post
01-07-2025
- Politics
- New York Post
Iran-linked hackers threaten to release roughly 100 gigabytes worth of emails stolen from Trump's inner circle
An Iran-linked cyber group is threatening to release a trove of emails it claims to have stolen from top Trump officials and allies. The hackers previously released a batch of stolen emails to the media during the 2024 campaign. Advertisement Under the pseudonym Robert, the hackers first told Reuters they had roughly 100 gigabytes of emails from White House chief of staff Susie Wiles, President Donald Trump confidante Roger Stone, Trump lawyer Lindsey Halligan and Stormy Daniels, the porn star who claims to have had an affair with Trump. Attorney General Pam Bondi called the hack an 'unconscionable cyberattack' and said government agencies would work to 'protect the officials targeted by this rogue group.' FBI Director Kash Patel added in a statement, 'Safeguarding our administration officials' ability to securely communicate to accomplish the president's mission is a top priority.' 'Anyone associated with any kind of breach of national security will be fully investigated and prosecuted to the fullest extent of the law.' Advertisement 3 Iran-linked hackers, going under the pseudonyms Robert, plan to release a long list of emails claiming to have stolen information from Trump's inner circle. REUTERS Marci McCarthy, spokesperson for the Cyber and Infrastructure Security Agency, called Iran's threat 'an effort to distract, discredit and divide.' 'These criminals will be brought to justice,' she said in a statement. 'Let this be a warning to others there will be no refuge, tolerance or leniency for these actions.' Advertisement 3 The hackers told Reuters they have approximately 100 gigabytes of emails from White House chief of staff Susie Wiles, Roger Stone, Trump lawyer Lindsey Halligan, and Stormy Daniels. via Getty Images 'A hostile foreign adversary is threatening to illegally exploit purportedly stolen and unverified material in an effort to distract, discredit and divide. This so-called 'cyber attack' is nothing more than digital propaganda, and the targets are no coincidence. This is a calculated smear campaign meant to damage President Trump and discredit honorable public servants.' Last summer, at the height of the 2024 election, Iranian-linked hackers sent material stolen from the Trump campaign to individuals associated with the Biden campaign and to U.S. media organizations. In an indictment in September, the Biden Justice Department accused three members of Iran's Revolutionary Guard Corps of being behind the leak. In May, the hackers behind 'Robert' signaled to Reuters they would not be leaking any more documents. Advertisement 3 Attorney General Pam Bondi and FBI Director Kash Patel both released statements that the federal government will prosecute the individuals behind the 'unconscionable cyberattack.' 'I am retired, man.' However, the group reached back out after Israel and the U.S. attacked Iran's nuclear sites. They said they were organizing a sale of the stolen communications and asked Reuters to publicize it. U.S. cyber officials warned on Monday that U.S. companies and critical infrastructure operators may still be in Iran's crosshairs. Experts have suggested Iran may be looking for non-military ways to punish the U.S. for its strikes. 'Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still conduct malicious cyber activity,' U.S. agencies said in an advisory. The new threat comes as Trump insists he is not speaking to Iran and has offered them nothing for nuclear negotiations. He has said Iran's facilities were 'totally obliterated.'
Axios
01-07-2025
- Politics
- Axios
Iran leans on hacktivist proxies in wake of Israeli, U.S. strikes
Iranian state-backed hackers are borrowing from the Russian cyber playbook and sharing tools with ideologically aligned hacktivist groups in the wake of a series of military strikes, experts tell Axios. Why it matters: Leaning on these hackers allows Iran to amplify its reach while maintaining plausible deniability and staying below the threshold of what's considered war. Driving the news: Iran-linked hackers threatened last night to publish emails purportedly stolen from Trump allies, including White House chief of staff Susie Wiles, lawyer Lindsey Halligan and adviser Roger Stone. CISA and the FBI released an advisory yesterday warning U.S. critical infrastructure, and particularly defense contractors, are at increased risk for potential Iran-linked cyberattacks. The intrigue: Experts at cybersecurity firm Armis say they've observed Iranian nation-state actors providing tools and resources to pro-Iran hacktivist groups since Israel launched military strikes on June 13. Michael Freeman, head of threat intelligence at Armis, told Axios that pro-Iran hacktivists have received "a lot of help," including access to nondescript cyber weapons and hacking techniques that could help them target Western organizations. "Those [weapons and techniques] were being used to target more critical infrastructures within nation-states," Freeman told Axios. These attackers appear focused on strategic cyber campaigns, including ransomware, linked to the broader regional conflict. "They're definitely using these tools, gaining more access, being more careful — without getting caught," Freeman added. The big picture: Iran increasingly mirrors Russia's model of relying on cyber proxies and psychological operations to project power. "This is very Russian in nature," Alexander Leslie, a threat intelligence analyst at Recorded Future, told Axios. "Using proxies for plausible deniability is essentially the essence of how they can scale these operations and remain resilient to any kind of disruption." Leslie added that Iran frequently leans on "pseudo-hacktivist groups" to stay just below the threshold of conventional cyber warfare. Zoom in: A hacker tied to a well-known Russian nation-state hacking team has been sharing tools and advice in a pro-Iran hacktivist group, Freeman said. Between the lines: Some of the most serious attacks have likely been stopped before they became public, thanks to early detection and Five Eyes intelligence-sharing, Nadir Izrael, chief technology officer at Armis, told Axios. "The silence isn't an indication of nothing happening," Izrael said. "It's an indication of defenses holding — and a lot of people doing a lot of work to make that happen." State of play: Activity from pro-Iran hacktivist groups has dipped since a ceasefire was announced last week, but many of the most opportunistic actors had already pivoted to targeting last week's NATO summit. More than 100 hacktivists groups, 90 of which are linked to pro-Iranian positions, have been targeting organizations in Israel and throughout the Middle East, North Africa, Western Europe and North America since Israel's strikes last month, Leslie said. Many of those groups resurfaced during this conflict after a long hiatus, Leslie added. Despite broad claims of successful attacks, most of the groups' reported DDoS campaigns are unverified. "The point is to overwhelm and shape perception," Leslie said. Threat level: Freeman warned U.S. critical infrastructure operators to take inventory of their systems and patch overlooked vulnerabilities — especially in "systems that operate systems." "The companies who've had to deal with the Iranian groups, that really had a good understanding of their environment, were able to detect them quickly, within a few hours," he said. What to watch: Law enforcement and private sector partners are actively working to identify and harden vulnerable industrial systems that Iranian threat actors may be targeting.
