Insights, news, education and announcements from PolySwarm

APT42 Targets US Presidential Campaigns and Israel in Phishing Campaign

Aug 23, 2024 1:05:04 PM / by The Hivemind posted in Threat Bulletin, Government, Phishing, Military, APT42

Related Families: NewsTerminal, OfficeFuel, FuelDump, Gorble
Verticals Targeted: Government, Military, Education, Aerospace

Executive Summary

Iran nexus threat actor group APT42 was recently observed targeting entities in the US and Israel in a phishing campaign. Targets included entities in the government, military, education, and aerospace verticals, as well as individuals associated with the 2024 US Presidential candidates.

MOIS Affiliated Threat Actor Using Liontail Framework

Nov 6, 2023 12:58:47 PM / by The Hivemind posted in Threat Bulletin, APT, Financial, Government, Iran, Telecommunications, framework, Military, MOIS, Liontail, OilRig, Scarred Manticore, IT, NGOs

0 Comments

Verticals Targeted: Government, Defense, Telecommunications, Finance, NGO, IT services

Executive Summary

Scarred Manticore, a threat actor group associated with Iran’s MOIS, was observed using Liontail framework in an espionage campaign.

UNC4841 Targeting Government Entities with Barracuda ESG 0day

Sep 4, 2023 1:24:05 PM / by The Hivemind posted in Threat Bulletin, Government, Defense, Telecommunications, Aerospace, CVE-2023-2868, Military, Technology, DEPTHCHARGE, UNC4841, SKIPJACK, FOXTROT, FOXGLOVE

0 Comments

Related Families: SKIPJACK, DEPTHCHARGE, FOXTROT, FOXGLOVE
Verticals Targeted: Government, Military, Defense, Aerospace, Technology, Telecommunications

The PolySwarm Blog

APT42 Targets US Presidential Campaigns and Israel in Phishing Campaign

Executive Summary

Iran nexus threat actor group APT42 was recently observed targeting entities in the US and Israel in a phishing campaign. Targets included entities in the government, military, education, and aerospace verticals, as well as individuals associated with the 2024 US Presidential candidates.

MOIS Affiliated Threat Actor Using Liontail Framework

Executive Summary

Scarred Manticore, a threat actor group associated with Iran’s MOIS, was observed using Liontail framework in an espionage campaign.

UNC4841 Targeting Government Entities with Barracuda ESG 0day

Executive Summary

UNC4841 was observed using CVE-2023-2868 to target entities in multiple verticals, including government and military.

Subscribe to Email Updates

Lists by Topic

Posts by Topic

Recent Posts

Join the Marketplace

For Enterprises and Businesses

For Security Experts and AV Companies