Ep. 51 - 2026 Cyber War Update: Handala, MuddyWater, and the Rise of Destructive Attacks

Iranian cyber attacks are escalating—shifting from espionage to destructive, large-scale operations. In this episode, we break down what CISOs need to know.

Host Tova Dvorin and offensive security expert Adrian Culley analyze the latest Iranian cyber threat activity, including groups like Handala (Void Manticore) and MuddyWater (Mango Sandstorm), and how their tactics are evolving.

You’ll learn how attackers are using malwareless techniques like Microsoft Intune device wipes, blockchain-based command-and-control via Ethereum, and Telegram-driven infrastructure to bypass traditional defenses. We also explore how IRGC-linked operations are targeting critical infrastructure, including water and power systems.

Finally, we cover what this means for defenders, including why Continuous Threat Exposure Management (CTEM), Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) are now critical for modern security teams.

This episode delivers a practical breakdown of the 2026 cyber threat landscape and how organizations can better prepare.