![]() The Secretary of Defense has directed "a comprehensive review of DOD security, programs, policies and procedures," with a report due in forty-five days. The Department is also working to make future leaks of this kind less likely, and less troublesome. The US Department of Defense has decided that the Discord Papers leaks are unlikely to affect relations with allies. "Given the hardline consensus among policymakers in Tehran and sanctions previously levied on Iran’s security organizations, Mint Sandstorm subgroups may be less constrained in carrying out malicious cyber activity." "Mint Sandstorm is known to pursue targets in both the private and public sectors," Microsoft writes, " including political dissidents, activist leaders, the Defense Industrial Base (DIB), journalists, and employees from multiple government agencies, including individuals protesting oppressive regimes in the Middle East. Activity Microsoft tracks as part of the larger Mint Sandstorm group overlaps with public reporting on groups known as APT35, APT42, Charming Kitten, and TA453." Over the past two years the group has been observed to carry out attacks against infrastructure, and Microsoft thinks that its future activities may show a continued lessening of constraint. It's also been known mostly for reconnaissance and cyberespionage, but that may be changing, as there are signs the group is turning its attention to critical infrastructure. Microsoft this morning reported that the group it's tracked as Phosphorus (and will henceforth refer to as "Mint Sandstorm") has developed a specialty in weaponizing N-day vulnerabilities, that is, vulnerabilities for which a fix or mitigation is available, but which some organizations have failed to patch. Iranian threat actor exploits N-day vulnerabilities. CSC exposes subdomain hijacking vulnerabilities. ![]() Iranian threat actor exploits N-day vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |