nation-state actor – PossibleThreat Articles

Microsoft shifts to a new threat actor naming taxonomy

April 18, 2023 0 Comments cybersecurity, Microsoft security intelligence, nation-state actor, private-sector offensive actor (psoa), threat actor tracking

Credit to Author: Microsoft Security Threat Intelligence – Editor| Date: Tue, 18 Apr 2023 15:00:00 +0000

Microsoft is excited to announce that we are shifting to a new threat actor naming taxonomy aligned to the theme of weather. The complexity, scale, and volume of threats is increasing, driving the need to reimagine not only how Microsoft talks about threats but also how we enable customers to understand those threats quickly and with clarity.

The post Microsoft shifts to a new threat actor naming taxonomy appeared first on Microsoft Security Blog.

Microsoft Security

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

April 18, 2023 0 Comments cybersecurity, Microsoft, Microsoft security intelligence, mint sandstorm, nation-state actor, phosphorus, Security

Credit to Author: Microsoft Security Threat Intelligence| Date: Tue, 18 Apr 2023 15:00:00 +0000

Today, Microsoft is reporting on a distinct subset of Mint Sandstorm (formerly known as PHOSPHORUS), an Iranian threat actor that specializes in hacking into and stealing sensitive information from high-value targets. This subset is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing recently disclosed vulnerabilities.

The post Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets appeared first on Microsoft Security Blog.

Microsoft Security

ZINC weaponizing open-source software

September 29, 2022 0 Comments cybersecurity, Microsoft, Microsoft security intelligence, nation-state actor, Security, Social engineering, zinc

Credit to Author: Katie McCafferty| Date: Thu, 29 Sep 2022 16:00:00 +0000

In recent months, Microsoft detected weaponization of legitimate open-source software by an actor the Microsoft Threat Intelligence Center (MSTIC) tracks as ZINC, targeting employees at media, defense and aerospace, and IT service provider organizations in the US, UK, India, and Russia.

The post ZINC weaponizing open-source software appeared first on Microsoft Security Blog.

Microsoft Security

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

June 2, 2022 0 Comments cybersecurity, Microsoft security intelligence, microsoft threat intelligence center (mstic), nation-state actor, polonium

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 02 Jun 2022 16:00:00 +0000

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.

The post Exposing POLONIUM activity and infrastructure targeting Israeli organizations appeared first on Microsoft Security Blog.