Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000
Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]
Read more