SEARCH
Archive
Zero Day Exploit Reuse and A Busy Week for Iranian APTs
The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by private commercial surveillance vendors NSO Group and Intellexa.
New Backdoor Used By Iranian State-Sponsored Group
The backdoor is being used for intelligence gathering campaigns against U.S. organizations in the government, communications equipment, oil and gas and satellite sectors.
U.S. Government Warns of Iran-Based UNC757 Attacks
CISA and the FBI are warning of activity by the Iran-based UNC757 group, which includes the targeting of known Check Point and Palo Alto Networks vulnerabilities.
Mint Sandstorm APT Targets Universities, Researchers
A new phishing campaign by a subset of the Iranian threat group Mint Sandstorm is targeting universities and research organizations with custom backdoors.
Iranian Threat Group Targets Cloud With Password Spraying Attacks
An Iran state-backed group called Peach Sandstorm is using password spraying attacks to target cloud environments in organizations across many industries.