- In the spotlight this week is the Iran-linked threat group “APT35”, which took aim at the email accounts of political entities in the United States and prominent Iranians living outside Iran. The operation was likely meant to gather intelligence in support of Iranian state interests, but a United States presidential campaign was reportedly one of the targets, meaning it could be part of a broader influence operation linked to that campaign.
- Weekly highlights include: the targeting of government entities in South-East Asia by a threat actor known as Rancour; a card-skimming campaign by “Magecart 4”, which shared overlaps with “Cobalt Group”; and a banking trojan, dubbed Casbaneiro, targeting the financial services sector in Brazil and Mexico.