ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Cavern (Cav3rn) modular C2 framework links Iran to intrusions of Israeli orgs

Source headline: Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 1 week ago

Intelligence Summary

Check Point attributes targeting activity to an Iran-linked threat cluster affiliated with MOIS. The group uses a modular command-and-control framework called Cavern (Cav3rn), previously undocumented in public reporting. Victims include IT providers and government-related organizations, with Israeli entities highlighted. This increases the risk of sustained access, custom payload delivery, and difficult-to-detect infrastructure. Organizations should review for Cavern-related indicators, tighten network egress controls, and ensure incident response coverage for C2 behavior.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#command-and-control #c2 #iran-linked #israeli-targeting #threat-cluster
Original reporting The Hacker News Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
Open original source