https://live.paloaltonetworks.com/t5/threat-vector/threat-vector-unit-42-s-iran-threat-brief-what-we-re-seeing/ta-p/1249454 <DIV class="lia-message-template-content-zone"> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Threat Vector Template.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/70870i8F07A17F8AC90F5B/image-size/large?v=v2&amp;px=999" role="button" title="Threat Vector Template.jpg" alt="Threat Vector Template.jpg" /></span></P> <P>&nbsp;</P> <P><SPAN>Unit 42 is tracking more than 60 active hacktivist groups and Iran-linked threat actors right now. What are they actually doing, what should you believe, and what should you do about it?</SPAN></P> <P><SPAN>In this episode of Threat Vector, David Moulton sits down with </SPAN><A href="https://www.linkedin.com/in/justinmoore-00" target="_blank" rel="noopener"><SPAN>Justin Moore</SPAN></A><SPAN>, Senior Manager of Threat Intelligence Research at Unit 42, and </SPAN><A href="https://www.linkedin.com/in/andypiazza" target="_blank" rel="noopener"><SPAN>Andy Piazza</SPAN></A><SPAN>, Senior Director of Threat Intelligence at Unit 42, to walk through the Unit 42 Iran Threat Brief and what the observed activity means for defenders.</SPAN></P> <P>&nbsp;</P> <P><STRONG>You'll learn:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><SPAN>What Unit 42 is actually observing from groups like Handala Hack, FAD Team, and Dark Storm, and what claims remain unverified</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Why Iran's reduced internet connectivity changes the threat picture in ways that aren't obvious</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>What dispersed operators and proxy groups mean for organizations far outside the Middle East</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Which defensive actions matter most against the TTPs and IOCs Unit 42 has documented</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>How to handle hacktivist claims that may be exaggerated or false</SPAN></LI> </UL> <P><A href="https://www.linkedin.com/in/justinmoore-00" target="_blank" rel="noopener"><SPAN>Justin Moore</SPAN></A><SPAN> brings nine years of intelligence officer experience plus senior threat intel roles at Mandiant, Google, and TikTok before joining Unit 42. </SPAN><A href="https://www.linkedin.com/in/andypiazza" target="_blank" rel="noopener"><SPAN>Andy Piazza</SPAN></A><SPAN> has more than 20 years in security operations and threat intelligence, including leading IBM X-Force's global threat intel team.</SPAN></P> <P>&nbsp;</P> <P><STRONG>Read the threat brief from Unit 42:&nbsp;</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://unit42.paloaltonetworks.com/iranian-cyberattacks-2026/" target="_blank" rel="noopener"><SPAN>Escalation of Cyber Risk Related to Iran</SPAN></A><SPAN> (March 2026)</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://unit42.paloaltonetworks.com/iranian-cyberattacks-2025/" target="_blank" rel="noopener"><SPAN>Escalation of Cyber Risk Related to Iran</SPAN></A><SPAN> (June 2025)</SPAN></LI> </UL> <P><SPAN>This episode is essential listening if you're: a CISO assessing current exposure, a threat analyst tracking Iran-linked groups, or a security leader who needs to explain the actual observed risk to your board.</SPAN></P> <P>&nbsp;</P> <P><STRONG>Related Episodes:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-the-mind-of-statesponsored-cyberattackers" target="_blank" rel="noopener"><SPAN>Inside the Mind of State-Sponsored Cyberattackers</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-frenemies-with-benefits" target="_blank" rel="noopener"><SPAN>Frenemies With Benefits</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-from-policy-to-cyber-interference" target="_blank" rel="noopener"><SPAN>From Policy to Cyber Interference</SPAN></A></LI> </UL> <P>&nbsp;</P> <P><STRONG>Join the conversation on our social media channels:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><STRONG>Website</STRONG><SPAN>:</SPAN><A href="https://www.paloaltonetworks.com/unit42" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.paloaltonetworks.com/</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Threat Research:</STRONG><A href="https://unit42.paloaltonetworks.com/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Facebook:</STRONG><A href="https://www.facebook.com/LifeatPaloAltoNetworks/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>LinkedIn:</STRONG><A href="https://www.linkedin.com/company/unit42/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>YouTube:</STRONG> <SPAN>@paloaltonetworks</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Twitter:</STRONG><A href="https://twitter.com/PaloAltoNtwks" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠</SPAN></A><SPAN><A href="https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠" target="_blank" rel="noopener">https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠</A></SPAN></LI> </UL> <IFRAME src="https://playlist.megaphone.fm?e=CYBW3694586443" width="100%" height="200" frameborder="0" scrolling="no"></IFRAME> <P>&nbsp;</P> </DIV> Tue, 21 Apr 2026 15:13:13 GMT dmoulton 2026-04-21T15:13:13Z https://live.paloaltonetworks.com/t5/threat-vector/threat-vector-unit-42-s-iran-threat-brief-what-we-re-seeing/ta-p/1249454 <DIV class="lia-message-template-content-zone"> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Threat Vector Template.jpg" style="width: 960px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/70870i8F07A17F8AC90F5B/image-size/large?v=v2&amp;px=999" role="button" title="Threat Vector Template.jpg" alt="Threat Vector Template.jpg" /></span></P> <P>&nbsp;</P> <P><SPAN>Unit 42 is tracking more than 60 active hacktivist groups and Iran-linked threat actors right now. What are they actually doing, what should you believe, and what should you do about it?</SPAN></P> <P><SPAN>In this episode of Threat Vector, David Moulton sits down with </SPAN><A href="https://www.linkedin.com/in/justinmoore-00" target="_blank" rel="noopener"><SPAN>Justin Moore</SPAN></A><SPAN>, Senior Manager of Threat Intelligence Research at Unit 42, and </SPAN><A href="https://www.linkedin.com/in/andypiazza" target="_blank" rel="noopener"><SPAN>Andy Piazza</SPAN></A><SPAN>, Senior Director of Threat Intelligence at Unit 42, to walk through the Unit 42 Iran Threat Brief and what the observed activity means for defenders.</SPAN></P> <P>&nbsp;</P> <P><STRONG>You'll learn:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><SPAN>What Unit 42 is actually observing from groups like Handala Hack, FAD Team, and Dark Storm, and what claims remain unverified</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Why Iran's reduced internet connectivity changes the threat picture in ways that aren't obvious</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>What dispersed operators and proxy groups mean for organizations far outside the Middle East</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>Which defensive actions matter most against the TTPs and IOCs Unit 42 has documented</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><SPAN>How to handle hacktivist claims that may be exaggerated or false</SPAN></LI> </UL> <P><A href="https://www.linkedin.com/in/justinmoore-00" target="_blank" rel="noopener"><SPAN>Justin Moore</SPAN></A><SPAN> brings nine years of intelligence officer experience plus senior threat intel roles at Mandiant, Google, and TikTok before joining Unit 42. </SPAN><A href="https://www.linkedin.com/in/andypiazza" target="_blank" rel="noopener"><SPAN>Andy Piazza</SPAN></A><SPAN> has more than 20 years in security operations and threat intelligence, including leading IBM X-Force's global threat intel team.</SPAN></P> <P>&nbsp;</P> <P><STRONG>Read the threat brief from Unit 42:&nbsp;</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://unit42.paloaltonetworks.com/iranian-cyberattacks-2026/" target="_blank" rel="noopener"><SPAN>Escalation of Cyber Risk Related to Iran</SPAN></A><SPAN> (March 2026)</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://unit42.paloaltonetworks.com/iranian-cyberattacks-2025/" target="_blank" rel="noopener"><SPAN>Escalation of Cyber Risk Related to Iran</SPAN></A><SPAN> (June 2025)</SPAN></LI> </UL> <P><SPAN>This episode is essential listening if you're: a CISO assessing current exposure, a threat analyst tracking Iran-linked groups, or a security leader who needs to explain the actual observed risk to your board.</SPAN></P> <P>&nbsp;</P> <P><STRONG>Related Episodes:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-the-mind-of-statesponsored-cyberattackers" target="_blank" rel="noopener"><SPAN>Inside the Mind of State-Sponsored Cyberattackers</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-frenemies-with-benefits" target="_blank" rel="noopener"><SPAN>Frenemies With Benefits</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><A href="https://www.paloaltonetworks.com/resources/podcasts/threat-vector-from-policy-to-cyber-interference" target="_blank" rel="noopener"><SPAN>From Policy to Cyber Interference</SPAN></A></LI> </UL> <P>&nbsp;</P> <P><STRONG>Join the conversation on our social media channels:</STRONG></P> <UL> <LI style="font-weight: 400;" aria-level="1"><STRONG>Website</STRONG><SPAN>:</SPAN><A href="https://www.paloaltonetworks.com/unit42" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.paloaltonetworks.com/</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Threat Research:</STRONG><A href="https://unit42.paloaltonetworks.com/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Facebook:</STRONG><A href="https://www.facebook.com/LifeatPaloAltoNetworks/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>LinkedIn:</STRONG><A href="https://www.linkedin.com/company/unit42/" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠</SPAN></A></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>YouTube:</STRONG> <SPAN>@paloaltonetworks</SPAN></LI> <LI style="font-weight: 400;" aria-level="1"><STRONG>Twitter:</STRONG><A href="https://twitter.com/PaloAltoNtwks" target="_blank" rel="noopener"> <SPAN>⁠⁠⁠⁠</SPAN></A><SPAN><A href="https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠" target="_blank" rel="noopener">https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠</A></SPAN></LI> </UL> <IFRAME src="https://playlist.megaphone.fm?e=CYBW3694586443" width="100%" height="200" frameborder="0" scrolling="no"></IFRAME> <P>&nbsp;</P> </DIV> Tue, 21 Apr 2026 15:13:13 GMT https://live.paloaltonetworks.com/t5/threat-vector/threat-vector-unit-42-s-iran-threat-brief-what-we-re-seeing/ta-p/1249454 dmoulton 2026-04-21T15:13:13Z