US State Department Launches Cyber Threat Counter Bureau

Moving from active cyber defense to proactive cyber offensive campaigns. The CIA is renowned for its proactive covert operations against countries threatening the US. These operations are simply being shifted to cyberspace. The West is now realising the need for a cyber statecraft strategy to dominate and compete in cyberspace. Business leaders must also recognise the importance of a cyber statecraft strategy to identify the opportunities as a crucial element of their growth strategy. This isn’t about cybersecurity; it’s about understanding your operations in cyberspace and identifying your threats and reducing that risk.

How CISOs Can Stop Iranian Wiper Campaigns Before They Cripple Entire Networks Introduction: Cyberwarfare Is No Longer Subtle Geopolitical tensions are no longer confined to diplomatic statements or economic sanctions. Today, they spill directly into corporate networks, hospital systems, and critical infrastructure. For Chief Information Security Officers, this shift introduces a new category of threat. These are attacks that are not designed to steal money or data, but to destroy operations entirely. Iranian wiper campaigns represent one of the clearest examples of this transformation, where the goal is disruption, chaos, and long-term damage rather than financial gain....

🚨𝐂𝐘𝐁𝐄𝐑𝐃𝐔𝐃𝐄𝐁𝐈𝐕𝐀𝐒𝐇 𝐒𝐞𝐧𝐭𝐢𝐧𝐞𝐥 𝐀𝐏𝐄𝐗 – 𝐓𝐡𝐫𝐞𝐚𝐭 𝐀𝐝𝐯𝐢𝐬𝐨𝐫𝐲 𝐁𝐮𝐥𝐥𝐞𝐭𝐢𝐧 🚨 Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 𝐋𝐚𝐲𝐞𝐫: CYBERDUDEBIVASH Sentinel APEX 𝐒𝐢𝐭𝐮𝐚𝐭𝐢𝐨𝐧 𝐎𝐯𝐞𝐫𝐯𝐢𝐞𝐰 The CYBERDUDEBIVASH Sentinel APEX AI detection framework has identified New Active Threat. 𝐄𝐱𝐞𝐜𝐮𝐭𝐢𝐯𝐞 𝐓𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥 𝐁𝐫𝐢𝐞𝐟 & 𝐂𝐨𝐦𝐩𝐥𝐞𝐭𝐞 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥 𝐑𝐞𝐩𝐨𝐫𝐭 https://lnkd.in/gGdPDpVg

a viral “cyber warning” urging u.s. personnel to disable location services amid escalating iran tensions spread rapidly online — but it did not originate from u.s. cyber command or the pentagon, raising urgent questions about digital misinformation in moments of geopolitical crisis. Our latest coverage examines how the message gained traction across defense and security circles, why location-tracking fears resonate so strongly during active cyber operations, and what the episode reveals about the fragile line between operational security and viral rumor. We analyze how references to cyber activity linked to iran amplified credibility, why unofficial alerts can create real-world behavioral shifts even without formal authority, how information gaps during high-stakes military operations create space for narrative manipulation, and what this incident signals about the growing convergence of cyber warfare, psychological operations, and social amplification. The big question: in an era where a screenshot can travel faster than an official briefing, how should leaders verify and respond to security warnings without either dismissing legitimate threats or fueling misinformation? Read the full breakdown 👇 https://lnkd.in/gRMc295N #cybersecurity #cyberwarfare #geopolitics #nationalsecurity #misinformation #defensetech #thetechmarketer

The escalating conflict between Iran and the United States has officially spilled into cyberspace. We are witnessing the opening of a massive new digital front alongside traditional military operations. Following coordinated strikes in February 2026, cyber activity has surged. The impact is already hitting major corporations and public infrastructure. Key developments in the ongoing cyber conflict: - Immediate Retaliation: Hours after physical strikes, Iranian digital infrastructure and consumer apps faced widespread hacking and defacement. - Major Corporate Breaches: Hacker group Handala, linked to Iranian intelligence, claims to have breached U.S. medical technology company Stryker, allegedly extracting 50 terabytes of corporate data. - Expanding Targets: Cybersecurity analysts warn that state-linked groups are actively targeting banks, airports, water systems, and energy infrastructure across allied nations. - Modern warfare now extends directly into the networks that power the digital economy. A successful attack in one sector can easily ripple across interconnected global industries. Read the full report on Techsoma to understand the scope of these emerging threats: [https://lnkd.in/df6xiZdy]

This week's Seriously Risky Business looks at , Iran cyber retaliation against U.S. and Israeli strikes, Meta removing end-to-end encryption for Instagram direct messages, ransomware actors shifting focus to data extortion, and more. Read the newsletter from Tom Uren. https://lnkd.in/eefbatjH

The largest coordinated cyberattack in history just happened. As US-Israeli military strikes hit Iran on Feb 28, a parallel digital offensive took down government websites, state media, banking systems, and dropped internet connectivity to just 4% of normal levels. Cybersecurity firms are now warning of imminent Iranian retaliation targeting US and Israeli commercial and civilian infrastructure. I broke down what happened, why it matters, and what every CISO should be doing right now. #cybersecurity #infosec #iranstrikes #cyberwarfare #CISO #threatintelligence

While the kinetic strikes in Iran this weekend have raised more questions than they've answered, multiple treat researchers agree that businesses and critical infrastructure operators should expect retaliatory cyber strikes. David Meyer's analysis of early signals and warnings: we will continue to report on events and deliver expert insights as events unfold this week. Read more: https://lnkd.in/eiH59vMs #Iran #cyberattack #Israel #threatintelligence #hackers #cyberwar

America First in Cyberspace: An EU Perspective on Trump’s 2026 Cyber Strategy The publication of Trump’s Cyber Strategy for America (March 2026) marks a decisive return to a muscular, sovereignty-driven conception of cybersecurity and technological power. The document is rhetorically forceful, strategically expansive, and explicitly geopolitical. It situates cyberspace not merely as an operational domain but as a theatre of ideological, economic, and military contestation. From a European Union perspective - particularly in light of the NIS2 Directive, the Cyber Resilience Act, the Digital Services Act (DSA), the Digital Markets Act (DMA), and the AI Act - the strategy presents serious normative divergences....

U.S. Israel-Iran War: The Cyber Space 🔎 While the military and air strikes continue in the Middle East, the digital space is unfolding with several "claims" from politically motivated threat collectives. ✏️ Some of the observed activity includes: - Dienet has been claiming to conduct DDoS attacks against countries in the Gulf region. - Cyber Islamic Resistance (CIR) has called for “general mobilization” and rallying of threat collectives to target those it deems to be against Iran.  - CIR claims RipperSec, and Cyb3rDrag0nz have “joined the electronic operations room of the Islamic Resistance Axis.”  - Cyb3rDrag0nz has claimed to be targeting several Israeli organizations, including law firms. - Some Telegram users are also advertising Reza Pahlavi and his wife's passport scans.  - Another hacktivist group, called 404 Cyber Team, claimed an attack on the Iranian undersea cable infrastructure. - Alttoufan team has also claimed attacks on various websites it claims are "related to Zionist-American" in support of "operations of the Islamic Republic." It has also announced that there will be more.  - Threat collective Handala has claimed that it is destroying “the cyber infrastructure of the Zionist regime’s oil and gas sector”. It has claimed an attack on Israel Opportunity Energy Resources LP. - Mr. Soul, a persona included in the indictment of CyberAv3ngers by the U.S. government as an Iran state-linked hacktivist, has declared they are returning to operations.  - Darkstormteam has claimed to have targeted several organizations in Israel.  - AnonGhost has issued a manifesto-style statement, threatening coordinated cyber operations against U.S. and Israeli digital infrastructure. The group claims to control a significant U.S. netblock and intends to launch further attacks targeting data centers, military databases, and financial systems. - Russian Legion forwarded a post advertising a dataset containing internal documents allegedly associated with the IDF. The post was created by threat actor ".cardinal." 🤔 What do we make of these operations? - Since Iran is facing an almost total internet blackout, threat actors operating from within the borders are unlikely to be able to conduct any attacks. Moreover, entities within the Iranian borders are also unlikely to face DDoS attacks by anti-Iran threat actors. It is also likely the primary reason the digital space is quieter, and the digital threats are less in scale than during other conflicts. - However, even if ground operations cease, these cyber operations, including Iranian state-linked ones, will likely continue for a few weeks afterwards. - If supply chains of organizations (or clients) are spread throughout the Middle East, they will very likely face repercussions of DDoS attacks. It is also likely that there will be state-sponsored espionage to gather intelligence from companies that are directly supporting the U.S. or the Israeli military.