Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

A hacker group associated with the Iranian government is selling “access to compromised networks on an underground forum,” likely without Tehran’s blessing, according to research by threat intelligence firm CrowdStrike.

Why it matters: That these Iranian hackers were apparently caught trying to make money on the side may show the dangers of relying on likely underpaid contractors to conduct sensitive offensive cyber operations.

What’s happening: The group, which CrowdStrike has named “Pioneer Kitten,” has been active since 2017, with its last known activity occurring in July 2020.

  • The group has focused on hacking North American and Israeli targets in the “technology, government, defense, healthcare, aviation, media, academic, engineering, consulting and professional services, chemical, manufacturing, financial services, insurance, and retail” sectors, says CrowdStrike, with a particular focus on government, defense and tech firms.
  • Pioneer Kitten often focuses on targets of opportunity, says CrowdStrike, such as unpatched devices, showing that you don’t need to employ advanced tactics to achieve operational results.

The intrigue: In late July, CrowdStrike observed someone associated with Pioneer Kitten selling access to hacked networks online.

  • CrowdStrike believes this commercial activity would not have been sanctioned by Tehran and that Pioneer Kitten may therefore consist of contractors associated with the Iranian government — not actual intelligence officers.

Go deeper

Nov 27, 2020 - World

Maximum pressure campaign escalates with Fakhrizadeh killing

Photo: Fars News Agency via AP

The assassination of Mohsen Fakhrizadeh, the architect of Iran’s military nuclear program, is a new height in the maximum pressure campaign led by the Trump administration and the Netanyahu government against Iran.

Why it matters: It exceeds the capture of the Iranian nuclear archives by the Mossad, and the sabotage in the advanced centrifuge facility in Natanz.

Janet Yellen confirmed as Treasury secretary

Janet Yellen. Photo: Alex Wong/Getty Images

The Senate voted 84-15 to confirm Janet Yellen as Treasury secretary on Monday.

Why it matters: Yellen is the first woman to serve as Treasury secretary, a Cabinet position that will be crucial in helping steer the country out of the pandemic-induced economic crisis.

Dan Primack, author of Pro Rata
3 hours ago - Economy & Business

Scoop: Red Sox strike out on deal to go public

Illustration: Sarah Grillo/Axios

The parent company of the Boston Red Sox and Liverpool F.C. has ended talks to sell a minority ownership stake to RedBall Acquisition, a SPAC formed by longtime baseball executive Billy Beane and investor Gerry Cardinale, Axios has learned from multiple sources. An alternative investment, structured more like private equity, remains possible.

Why it matters: Red Sox fans won't be able to buy stock in the team any time soon.