Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: Sandworm Team, Sandworm, Iron Viking, CTG-7263, Voodoo Bear, Quedagh, TEMP.Noble, ATK 14, BE2, UAC-0082, UAC-0113, UAC-0125, UAC-0133, FROZENBARENTS, IRIDIUM, Seashell Blizzard, APT 44, Blue Echidna, Grey Tornado, Razing Ursa, G0034, VOODOO BEAR, IRON VIKING, ELECTRUM, TeleBots, APT44, Curly COMrades, BlackEnergy (Group), GRU military unit 74455, Telebots, UNC3810, Hades, Phantom, BlackEnergy Lite
Iridium is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity. A researcher has attributed a recently publicized attack on Citrix’ internal network to the Iranian-linked group known as Iridium – and said that the data heist involved 6 terabytes of sensitive data. The culprit is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications and services for further unauthorized access to virtual private networks and single sign-on systems, according to Resecurity. “[Iridium] has hit more than 200 government agencies, oil and gas companies and technology companies, including Citrix Systems Inc.,” they said. Threatpost has reached out for further details as to how the firm is linking the APT to the attack and will update this post accordingly.
| CVE ID | Action |
|---|---|
| CVE-2019-10149 |
| View Details |
| CVE-2024-1708 | View Details |
| CVE-2016-6662 | View Details |
| CVE-2014-4114 | View Details |
| CVE-2013-3906 | View Details |
| CVE-2014-7169 | View Details |
| CVE-2024-1709 | View Details |