Hanzala
Hanzala is a self-identified cyber group referenced in reporting that attributed to it a claimed compromise of the email account of Deborah Oppenheimer, described in the source as a senior Israeli-linked official, a former deputy director of external relations at Mossad, and the current director of international affairs at an Israeli security institute. The group claimed it obtained more than 100,000 confidential or sensitive emails and made them available for public download. In social media statements cited by the source, Hanzala framed the alleged leak as exposing what it described as Israeli influence networks, collaborations, media planning, and covert operations. The available content only supports that these were claims made by the group; it does not provide independent verification of the intrusion or of the authenticity of the alleged leaked emails. No additional aliases or sub-groups are provided in the content beyond the name Hanzala.
Know when an actor pivots toward your sector
Mallory correlates actor tradecraft and target patterns against your stack, your sector, and your geography. See overlap before they land.
Targeting
Who, where, and (when attributed) which flag flies behind the operation. Pulled from open-source reporting and Mallory's analyst review.
Who they target
Sectors the actor has been observed targeting.
- Commercial & Professional Services
Where they target
Geographies tied to known operations.
- 🇮🇱 Israel
Recent activity
1 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
The version that knows your environment.
Match sector + geo + tech-stack targeting against your real footprint.
Every observed MITRE ATT&CK technique, grouped by tactic.
Families this actor is known to deploy, with IOCs and behavior.
CVEs this actor has used in known campaigns.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Domains, IPs, and hashes tied to this actor, refreshed continuously.