Swedish court upholds dismissal of migration official over Iran security concerns

The newspaper wrote that banking outages have become almost routine for many Iranians over the past two years. Cards stop working, ATMs and mobile banking services fail, customers line up outside branches, and officials ask people to be patient and follow news from official sources.

Then, after hours, days or sometimes weeks, services return without a full explanation of the cause, the damage, the vulnerable points in the system or the responsibility of the banks and regulators involved.

The latest wave of disruption hit several major banks in June, including Melli, Saderat, Tejarat and the Export Development Bank of Iran. Mobile banking, internet banking, ATMs, point-of-sale terminals and card-based services were disrupted. The Coordination Council of Banks and the Informatics Services Corporation confirmed cyberattacks but said customer data remained safe.

• 

  Banking disruption hits services at eight Iranian banks

Days later, another wider disruption affected card-based services across the banking network, with Melli, Saderat and Tejarat again among the banks most affected. The Informatics Services Corporation said some services had been deliberately restricted to prevent unauthorized access and protect customers’ data and assets.

But Shargh said many users were still reporting problems even after officials said services had been restored. The paper said ordinary transactions had become difficult for some people, including buying bread, paying taxi fares and transferring or receiving money.

The pattern is not new. During the 12-day Iran-Israel war last year, Bank Sepah suffered a major cyberattack that disrupted non-branch services.

The hacker group Predatory Sparrow claimed responsibility and said it had destroyed part of the bank’s infrastructure. Bank Pasargad was also hit shortly afterward. The government confirmed attacks on both banks and said public data had not been harmed, but full restoration of some services took days or weeks.

Shargh said the repeated failures have left one central question unanswered: why does Iran’s banking network collapse every few months, while no transparent report is published on the cause of the attacks, the scale of the damage or the responsibility of the institutions in charge?

• 

  CoinEx became key channel for Iranian crypto flows – WSJ

Nima Amirshakari, an electronic banking specialist, told Shargh that the root of the problem is Iran’s weak connection to the outside world. He said parts of the country’s banking infrastructure are nearly three decades old and were built around systems bought long ago from foreign companies.

According to Amirshakari, many of those systems have been expanded through hardware upgrades, with more processors, storage and equipment, but their core software has not been properly modernized. A system that is not updated, patched or redesigned, he said, becomes easier for attackers to predict.

He argued that banks connected to the global financial system are forced to keep pace with changing standards in security, credit, lending and technology. Iranian banks, by contrast, operate in a closed environment where modernization is often treated as a choice rather than a necessity.

Shargh also quoted cybersecurity expert Saeed Souzangar as saying that the problem is not just technology. Sanctions, internet restrictions, weak administrative structures and limited investment in skilled personnel have left many institutions with expensive equipment but not enough expertise to use it securely.

Souzangar said banks and regulators in Iran do not appear to face a serious obligation to inform the public during cyber incidents. In many countries, organizations hit by cyberattacks must explain the scope of the incident, the number of users affected and the corrective steps taken. In Iran, he said, such reporting is often replaced by short and general statements.

That absence of accountability may be the most damaging part of the crisis. If banks face no clear legal, financial or reputational cost for service failures or security weaknesses, there is little pressure to invest seriously in prevention, training and public reporting.

The latest attacks have also triggered a political dispute over whether access to the international internet made the banking system more vulnerable.

Some officials blamed the reopening of internet access, but Behdad Akbari, deputy communications minister and head of Iran’s Infrastructure Communications Company, rejected the claim, saying the affected core banking systems were not connected to the public internet.

Shargh’s experts said blaming internet access alone is not a serious explanation. Internet restrictions can weaken security by limiting updates and access to global tools, but the causes of repeated banking failures cannot be reduced to a single technical claim without a proper investigation.

Iran finished third in Group G with three points from three draws after Belgium beat New Zealand 5-1 in the simultaneous match to top the group. Egypt also advanced, finishing second on five points but behind Belgium on goal difference.

The draw leaves Iran in the ranking of third-placed teams, with the expanded 48-team World Cup sending the top two teams from each group and the eight best third-placed teams into the Round of 32.

Iran can still qualify with three points if one of several remaining results goes its way: Ghana beats Croatia, DR Congo fail to beat Uzbekistan, or the Austria-Algeria match produces a winner.

Any one of those outcomes would be enough to keep Iran inside the qualifying places among third-placed teams.

• 

  Can Iranians cheer Team Melli without cheering the state?

• 

  Iran's Pride Match is about visibility, not politics

The match began badly for Iran. Mahmoud Saber scored for Egypt in the fifth minute, the fastest World Cup goal in Egypt’s history, after Iran failed to clear inside the area.

Iran had a quick chance to respond when Mehdi Taremi stepped up for a penalty six minutes later, but Egypt goalkeeper Ahmed Shobeir saved his shot.

Ramin Rezaeian equalized in the 14th minute, finishing from a tight angle after Milad Mohammadi’s shot had been pushed away.

Rezaeian has now scored in two of Iran’s three matches at this World Cup, after also scoring in the opening 2-2 draw with New Zealand.

The game then settled after a frantic start. Egypt lost Mohamed Salah in the second half when he was substituted in the 57th minute, apparently because of discomfort in his hamstring.

Iran’s biggest moment came deep into stoppage time. Shoja Khalilzadeh appeared to have scored a late winner that would have sent Iran through automatically, but the goal was ruled out for offside after a VAR review.

• 

  FIFA lets fans take rainbow flags to Iran-Egypt match, but bars Lion and Sun

• 

  Team Melli Or Team Mullah: Iranian Soccer Fans Disown National Team

• 

  World Cup déjà vu: Iran’s ominous Brazil-Scotland quake memory haunts Venezuela

Moments later, Saeid Ezatolahi struck the post from close range, leaving Iran with another draw and no control over its own qualification.

Iran had entered the final group match after two draws: 2-2 against New Zealand in its opener and 0-0 against Belgium in its second game.

The three-match unbeaten run is the first time Iran has completed a World Cup group stage without defeat, though it has still not won a match at the tournament.

The result is therefore both Iran’s strongest unbeaten group-stage return and another missed opportunity.

The match also took place in a politically charged atmosphere for Iranians.

The national team remains a divisive symbol for many inside Iran and across the diaspora, with some viewing it as a football team to be separated from politics and others seeing it as inseparable from the Islamic Republic it officially represents.

Those tensions had already followed Iran through the tournament. Before the Egypt match, FIFA said rainbow flags would be allowed inside the stadium, while Iran’s pre-revolutionary Lion and Sun flag remained barred from World Cup venues under rules against political symbols.

100%

100%

The billboards, installed this week along the route to Beirut-Rafic Hariri International Airport, carried the slogan “Thank you to loyal Iran.” They appeared days after a ceasefire was announced between Israel and Hezbollah as part of wider US-Iran negotiations, and as Lebanese and Israeli officials continued direct US-mediated talks over southern Lebanon.

Interior Minister Ahmad Hajjar said Thursday he had ordered the banners and posters removed within two days. Speaking on the sidelines of a Cabinet meeting, he said the decision was part of efforts to regulate public spaces and enforce existing laws.

But the timing gave the order wider political weight. Hezbollah and its allies have portrayed the ceasefire as proof of Iran-backed “resistance” leverage, while Lebanon’s government is trying to show that decisions over the country’s territory, security and public space still belong to the Lebanese state.

The airport road is one of Lebanon’s most visible political corridors. For years, posters and banners linked to Hezbollah, Amal and Iran-aligned figures have lined parts of the route into Beirut.

100%

In 2022, Lebanon’s Tourism Ministry asked Hezbollah and Amal to remove billboards showing religious and political figures from the same road and replace them with signs promoting tourism.

The latest posters carried a sharper message. By thanking Iran days after the ceasefire, they presented Tehran not as an outside power in Lebanon’s war but as the loyal patron whose support helped shape the outcome.

That message comes as the ceasefire itself remains unsettled. Lebanese and Israeli officials have been engaged in US-mediated talks over southern Lebanon, including proposals for Israeli forces to hand some areas to the Lebanese army and for Hezbollah to be kept out of those zones.

Israel, however, has signaled it does not intend to leave southern Lebanon quickly. Prime Minister Benjamin Netanyahu has said Israel will remain in a southern security zone as long as required, while Defense Minister Israel Katz has said Israeli troops will not withdraw even under US pressure.

The ceasefire has also been strained by continued violence. Local and international reports have described Israeli strikes and gunfire in southern Lebanon since the truce was announced, while Hezbollah has accused Israel of violating the agreement.

Hezbollah, for its part, has rejected any settlement that resembles normalization with Israel. In a televised Ashura address on Friday, Hezbollah leader Naim Qassem said Israel must leave Lebanon “unconditionally” and said the group would accept no normalization, no end to hostility with Israel, no gains for Israel and no partial Israeli presence on Lebanese soil.

His remarks placed Hezbollah on a collision course with the logic of the US-mediated talks, which depend on a negotiated security arrangement in the south. They also reinforced the message carried by the airport road billboards: that Iran and Hezbollah see the ceasefire as part of a wider regional struggle, not merely a Lebanese border arrangement.

For Lebanon’s government, the posters created an immediate sovereignty problem. Leaving them in place would allow an Iran-Hezbollah victory message to dominate the country’s main international gateway at the very moment Beirut is trying to negotiate under its own authority.

Removing them, however, exposes the limits of that authority. The Lebanese state can clear a road, but it cannot easily resolve the deeper conflict behind the posters: Hezbollah’s weapons, Israel’s presence in the south, Iran’s role in the ceasefire and Washington’s attempt to keep Lebanon’s track separate from its broader deal with Tehran.

The arrangement follows months of confrontation and is designed to reduce the risk of renewed escalation. But it does not settle the core dispute between Washington and Tehran: how much uranium enrichment Iran will be allowed to retain, and under what conditions.

That question has long been the hardest part of any agreement. The latest understanding may ease immediate tensions, but it leaves unanswered what comes next and whether follow-on talks can produce a more durable settlement.

"The question is, do the follow-on talks yield a final deal that everyone can live with, do we go back to conflict, or do we just keep kicking the can down the road," Priddy said. "I think the most probable outcome is that they keep extending it."

Iran is unlikely to give up enrichment permanently, while the Trump administration has shown little interest in returning to a JCPOA-style framework that would allow limited enrichment under international safeguards.

Priddy said any long-term arrangement would probably need to include monitored enrichment, even if that remains politically difficult for Washington to accept.

"Iran is not going to concede to giving up enrichment forever," he said. "If we got to the point where the US could say yes, you could have limited enrichment under safeguards, a lot of other things start to become negotiable."

Priddy also said hardliners in Tehran may believe they have gained leverage after threatening the Strait of Hormuz, particularly after demonstrating they could use energy pressure to shape Washington's response.

"What I'm worried about at this point is I think there's a lot of hubris in Tehran right now among hardliners that they won the war," he said. "They can ask for everything now and get away with conceding very, very little."

Fears of higher gasoline prices and broader economic disruption helped push Washington toward restraint, while Persian Gulf energy infrastructure remained exposed.

Priddy described the situation as "mutually assured vulnerability," saying both sides now know they can target each other's energy infrastructure even if neither can eliminate the threat.

The regional fallout is likely to shape the next phase as much as the nuclear talks themselves. Persian Gulf states are likely to diversify their defence partnerships, while the United States may maintain a military presence in the region but with a smaller, more cautious footprint.

Israel remains the biggest wildcard in the next phase of negotiations. Washington appears intent on limiting further escalation, particularly in Lebanon, but Prime Minister Benjamin Netanyahu may still favour a more confrontational approach.

Priddy said he does not expect the current understanding to produce a grand bargain or a warmer relationship between Washington and Tehran. Instead, he said, the most likely outcome is a hostile but transactional relationship that is repeatedly extended rather than fundamentally resolved.

The 39-year-old man, who holds Iranian and Turkish citizenship, was identified by Montenegrin media as Amir Barati and was arrested in the Adriatic resort town of Kotor, Montenegro’s police directorate said Thursday.

He is wanted by the US District Court for the Southern District of New York on charges including conspiracy to commit computer fraud, hacking and identity theft. The case will now go before a High Court judge in Podgorica for extradition proceedings.

Montenegrin police said the suspect had carried out large-scale cyberattacks from 2013 onward, targeting more than 150 universities in the United States and causing damage estimated at more than $3.4 billion.

Police said the stolen data and access to compromised university accounts were used for the benefit of the Islamic Revolutionary Guard Corps and other Iranian entities, including universities.

Barati’s name does not appear on the FBI’s public list of nine Iranian hackers charged in 2018 over the Mabna Institute campaign, but the allegations described by Montenegrin police closely match that case, including the 2013 start date, the university targets, the IRGC connection and the $3.4 billion damage estimate.

The overlap leaves open the possibility that Barati was tied to the same broader operation or to a related US case, though neither US nor Montenegrin authorities have publicly linked him to the 2018 indictment.

100%

The FBI said in 2018 that the Mabna Institute, an Iran-based company created in 2013, was used to steal access to non-Iranian academic and scientific resources through computer intrusions. US authorities said members of the institute were contracted by the IRGC and other Iranian government clients.

According to the FBI, the campaign compromised about 144 US-based universities and 176 foreign universities in 21 countries. It also targeted private companies, US government entities, the states of Hawaii and Indiana, and the United Nations.

US authorities said the hackers targeted more than 100,000 professor accounts worldwide and successfully compromised about 8,000 of them. They stole more than 30 terabytes of academic data and intellectual property, including journal access, research papers, electronic books and other proprietary academic material.

The campaign relied heavily on spearphishing emails that appeared to come from other academics. Victims were directed to fake university login pages, where their credentials were captured and later used to access library databases and research platforms.

The FBI said the stolen material covered a wide range of fields, including science, technology, engineering, medicine, social sciences and other academic disciplines.

US investigators also said the hackers used password-spraying attacks against companies and government targets, gaining access to email accounts and sensitive data. Victims included academic publishers, media and entertainment companies, technology firms and investment firms.

When the 2018 charges were announced, then-FBI Deputy Director David Bowdich said apprehending the suspects would be difficult but “not impossible,” adding that the defendants could be arrested if they traveled outside Iran.

“Where we can’t apprehend these individuals quickly, we will resort to different methods – naming and shaming, sanctions, and a lot of publicity,” Bowdich said at the time. “We will keep at it, because the FBI and our partners at the Department of Justice have a very long memory.”

The arrest in Montenegro suggests that warning may now be playing out years later, as one suspect allegedly linked to the campaign faces possible extradition to the United States.

The case comes amid renewed US warnings about Iranian cyber operations. In April, US cybersecurity, law enforcement and intelligence agencies warned of escalating Iranian hacking campaigns targeting equipment across critical infrastructure.