Latest news with #SanazYashar
Forbes
4 days ago
- Politics
- Forbes
US And Israel Should Prepare For Destructive Iranian Cyberattacks, Ex-Intel Officer Says
In the aftermath of American strikes against multiple Iranian nuclear sites on Saturday, the country retaliated with strikes on Israel and on a U.S. base in Qatar, where no casualties were reported. This morning, a ceasefire was confirmed by all sides, though Israel quickly accused Iran of breaking it. But longer term, in lieu of a nuclear bomb or significant firepower in the face of U.S. and Israeli military might, Iran may turn to cyberattacks. The country has a 'robust cyber apparatus,' according to Sanaz Yashar, a former intelligence officer in Israel who fled Iran as a teenager and now runs a cybersecurity startup. Its cyber program is spread across three different agencies: the Islamic Revolutionary Guard Corps (IRGC), the Ministry of Intelligence and the Ministry of Defense. Yashar expects Iran's cyber offensive units to respond soon with 'quick and dirty' operations, which will be disruptive but not catastrophic. In the longer-term, 'there will be investment in destructive cyber capabilities' because they're 'impactful and deniable,' Yashar added. On Sunday, the DHS warned of an increased risk of cyberattacks either from Iran-friendly hacktivist groups or from the Iranian regime itself. 'Any new work is going to cause more strain on CISA.' A current CISA employee U.S. cyber infrastructure, however, may not be adequately prepared because of staff losses at the DHS Cybersecurity and Infrastructure Agency (CISA), which currently lacks a permanent director. The agency has been bleeding talent since many of its leadership, including former director Jen Easterly, have departed or were fired. Trump's nominated director, Sean Plankey, is yet to be confirmed. One CISA insider told Forbes that if there was to be an increase in Iranian cyber activity, the agency would be stretched to respond to the mass of threats currently facing America in cyberspace. 'Any new work is going to cause more strain on CISA because we aren't even being given the resources needed for our current workload,' they said. Concerns swirled online about if the problems at CISA could hobble a U.S. response. 'Start scheduling backups and don't be surprised by cyber attacks from Iran or their supporters. Right after dismantling CISA, perfect timing,' wrote Jeff Moss, founder of the DEF CON cyber conference and a former member of the CISA Cyber Security Advisory Council, on BlueSky. Though manifold reports have pointed to a CISA with low morale and overworked staff, the agency's public affairs director Marci McCarthy told Forbes that CISA had been 'lost and unfocused under Joe Biden,' with a 'ballooning budget.' Now, President Trump and secretary for homeland security Kristi Noem are refocusing CISA, said McCarthy. 'The agency was focused on censorship, branding and electioneering instead of defending America's critical infrastructure,' McCarthy said. 'That era is over. Today CISA is focused squarely on executing its statutory mission: serving as the national coordinator for securing and protecting the nation's critical infrastructure.' She added that there are currently 'no specific credible threats against the homeland,' but critical infrastructure organizations should remain vigilant. Iranian hackers have in recent years been accused of some significant cyberattacks. In late 2023, a number of American water plants were breached, which led to the 2024 sanctions of six officials at the IRGC. Earlier this year, the U.S. offered a $10 million reward for information on the identities and whereabouts of members of CyberAv3ngers, a group linked to various attacks on global critical infrastructure, with a focus on targeting Israeli-made equipment. Yashar said Iran's hackers will want to use attacks as a type of influence operation that will 'show off and enhance regime stability internally.' 'The biggest concern would be they go after databases of naval, aviation and shipping information for further targeting,' she said. But it's disputed just how much of a digital threat Iran poses. The CISA insider said Iran was not considered a serious cyber threat on the level of China or Russia. Other experts agree. John Hultquist, chief analyst at Google's Threat Intelligence Group, wrote on LinkedIn over the weekend that Iran's main focus for its cyber warfare is psychological. 'There is a real, practical risk to enterprises, but it's important that we don't overhype the threat here and give them the win they're after.' Israel began bombing Iran in mid-June, targeting its nuclear facilities. The U.S. launched air strikes over the weekend in support of Israel's effort to prevent Iran from building a nuclear weapon. How many years the American attack has put Tehran back is unclear, despite Trump's claims it had "totally obliterated" three of Iran's nuclear sites. Iran's leader Ayatollah Ali Khamenei has not yet spoken publicly about the strikes. Israel, which has built a major cyber intelligence operation across the IDF's Unit 8200, Mossad and other agencies, has not yet been credited with any significant cyberattacks since it launched airstrikes on Iran. Last week, a pro-Israel hacking crew known as Predatory Sparrow claimed responsibility for a breach of Iran's largest crypto exchange Nobitex, with as much as $90 million stolen. It's unclear what links, if any, Predatory Sparrow has to the Israel government. Iran, meanwhile, reportedly closed off its internet to protect from potential cyberattacks. One reason for the physical attacks on Iran's nuclear capabilities could be that cyber offensive operations are no longer effective enough. The Stuxnet cyberattacks on the Natanz nuclear facility back in 2009 were reportedly part of a joint U.S.-Israel effort that were estimated to have set Iran's nuclear program back by years. Now the same countries have taken to bombs rather than malware. More from Forbes Forbes Iranian Hackers Abuse Slack For Cyber Spying By Thomas Brewster Forbes Inside OilRig -- Tracking Iran's Busiest Hacker Crew On Its Global Rampage By Thomas Fox-Brewster Forbes Trump Pardoned Him. Now He's Selling His Cyber Business For $200 Million. By Thomas Brewster Forbes Iranians Hacked A Domestic Violence Shelter And U.S. Power Companies In Ransomware Rampage, DOJ Says By Thomas Brewster
Associated Press
28-04-2025
- Business
- Associated Press
Zafran Launches RemOps to Close the Remediation Gap in Vulnerability Management
Using generative AI, Zafran de-duplicates vulnerability findings and automates the delivery of simplified, focused remediation action plans NEW YORK, NY / ACCESS Newswire / April 28, 2025 / Zafran Security today announced the launch of RemOps, the latest addition to its Threat Exposure Management Platform, which integrates AI-powered remediation operations directly into vulnerability workflows. By connecting the most pressing risks with orchestrated remediation at scale, Zafran is closing the gap between Security and IT-turning insights into action and transforming vulnerability management from overwhelmed to operationalized. For years, security teams have been flooded with vulnerability detections. According to the newly released 2025 Zafran State of Exposure Management Report, 91% of leaders say so-called 'critical' vulnerabilities often aren't. The report further reveals that only 1 in 50,000 vulnerabilities is a critical exposure. Zafran cuts through this noise by applying risk context to reveal and mitigate what are actually the most critical vulnerabilities within your environment. And now, with the addition of RemOps, Zafran has doubled down on focused actionability. RemOps uses generative AI to combine overlapping vulnerability findings into a single remediation item and create a vastly simplified, get-well plan. Seamlessly integrated with existing IT workflows, RemOps facilitates collaboration between Security and IT, automatically assigning tickets and overseeing their completion. Its AI-driven approach reduces ticket noise, identifies the most efficient resolution path, and helps teams focus their efforts where they deliver maximum impact. 'RemOps is a real game-changer for cybersecurity operations,' said Sanaz Yashar, CEO and co-founder of Zafran Security. 'Zafran is bridging the gap between Security and IT. RemOps introduces a new operational scale for remediation-enabling security and IT teams to collaborate and resolve issues faster than ever. By unifying exposure assessment, mitigation, and now remediation, Zafran establishes a new standard for contextual, operationalized exposure management that empowers enterprises to reduce their attack surface while enhancing cross-functional collaboration.' 'Efficient remediation is the essential last mile for identifying and reducing real risk,' said Greg Garneau, VP/CISO, Hospital Sisters Health System. 'With RemOps, we are able to shift away from reactive, compliance-driven processes and achieve unified tracking across platforms like Jira, giving us full visibility into progress without slowing anyone down. Zafran provides us with clarity, control, and confidence to navigate an increasingly complex threat landscape-by revealing our critical risks, mitigating them to quickly compress the window of exposure, and operationalizing remediation at scale.' About Zafran Security Patching everything is impossible - but Zafran Security is creating an entirely new operating model for threat and vulnerability management. By leveraging existing security tools and IT context, Zafran proves that 90% of critical vulnerabilities are not exploitable-then quickly mitigates and remediates the 10% that are. Backed by AI and built for action, Zafran transforms how modern enterprises secure what matters most. Contact InformationYuval Porat SOURCE: Zafran press release
