Anybody aware of a MISP server with events tagged with 'APT Iran" ?
CIRCL doesn't have anything.
Let me know please, would like to sync my instance.

]]>https://board.circlewithadot.net/topic/28f6fc85-d58d-44f5-a4ad-f4c39af6a390/anybody-aware-of-a-misp-server-with-events-tagged-with-apt-iranRSS for NodeThu, 09 Apr 2026 09:40:52 GMTFri, 27 Mar 2026 16:55:16 GMT60@jamesjguthrie that would be Handala

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302608807974465https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302608807974465Fri, 27 Mar 2026 18:42:55 GMT@nieldk no, the group who claimed the Lockheed Martin hack recently.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/jamesjguthrie/statuses/116302572698213851https://board.circlewithadot.net/post/https://infosec.exchange/users/jamesjguthrie/statuses/116302572698213851Fri, 27 Mar 2026 18:33:44 GMT@jamesjguthrie related to the Kash Patels “hack” ?

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302548049079522https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302548049079522Fri, 27 Mar 2026 18:27:28 GMT@nieldk they're different groups, 'APT Iran' is supposedly a unique threat actor https://unit42.paloaltonetworks.com/iranian-cyberattacks-2026/

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/jamesjguthrie/statuses/116302251630490259https://board.circlewithadot.net/post/https://infosec.exchange/users/jamesjguthrie/statuses/116302251630490259Fri, 27 Mar 2026 17:12:05 GMT@jamesjguthrie dunno, but maybe search for for example "Handala Hack" and "VoidManticore" ?

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302214791827618https://board.circlewithadot.net/post/https://infosec.exchange/users/nieldk/statuses/116302214791827618Fri, 27 Mar 2026 17:02:43 GMT