Podcast: 2026 Cyber War Update: Handala, MuddyWater, and the Rise of Destructive Attacks

Iranian cyber attacks are escalating—shifting from espionage to destructive, large-scale operations. In this episode, we break down what CISOs need to know.

Host Tova Dvorin and offensive security expert Adrian Culley analyze the latest Iranian cyber threat activity, including groups like Handala (Void Manticore) and MuddyWater (Mango Sandstorm), and how their tactics are evolving.

You’ll learn how attackers are using malware-free techniques such as Microsoft Intune device wipes, blockchain-based command-and-control via Ethereum, and Telegram-driven infrastructure to bypass traditional defenses. We also explore how IRGC-linked operations are targeting critical infrastructure, including water and power systems.

Finally, we cover what this means for defenders, including why Continuous Threat Exposure Management (CTEM), Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) are now critical for modern security teams.

This episode delivers a practical breakdown of the 2026 cyber threat landscape and how organizations can better prepare.

Listen to the podcast, then dive into the Complete Guide to Iranian Threat Actors for a breakdown of adversary playbooks and practical guidance on validating your defenses.