Iran: A new malware that has been dubbed ForLord was found targeting government officials and corporations from mid-2019 to January 2020. The malware was distributed through emails and targeted corporations in the countries of Turkey, Jordan, and Iraq. Government officials in Georgia and Azerbaijan were also targeted through the same means. The malware was attributed to Cobalt Ulster or Static Kitten, an Iranian APT. The attribution was made through the use of similar code and analyzing macros in the new malware compared to ones from open-source research.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in