×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 13th August

August 13, 2021

A years-long reconnaissance campaign against an employee of a US aerospace defense company was discovered and attributed to “TA456”, an Iranian state-backed advanced persistent threat (APT) group. The campaign bore striking similarities to previous reconnaissance by Iran-backed APT groups―rapport with the victim was established to infect their machine with malware and extract sensitive information―although this campaign spanned a longer-than-usual period. It is believed that TA456 operates under the same threat umbrella as the “Tortoiseshell” group and that the groups are both affiliated with the Islamic Revolutionary Guard Corps (IRGC). Based on Iran’s historical targeting of US defense and government employees, it is likely that future social engineering campaigns will use similar tactics, techniques, and procedures (TTPs), to support Iran’s strategic goals.

 

Previous Report
Weekly Intelligence Summary 20th August
Weekly Intelligence Summary 20th August

A configurable, malicious Traffic Direction System (TDS) has been enabling widespread malware attacks.

Next Report
Weekly Intelligence Summary 6th August
Weekly Intelligence Summary 6th August

The new “BlackMatter”, “Haron”, and “El_Cometa” ransomware groups, which surfaced in the past three weeks, ...

×

Want these
Threat Intelligence reports sent straight to your inbox?

Subscribe below!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!