sandstorm – PossibleThreat Articles

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

September 12, 2024 0 Comments sandstorm, state-sponsored threat actor

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 28 Aug 2024 15:00:00 +0000

Between April and July 2024, Microsoft observed Iranian state-sponsored threat actor Peach Sandstorm deploying a new custom multi-stage backdoor, which we named Tickler. Tickler has been used in attacks against targets in the satellite, communications equipment, oil and gas, as well as federal and state government sectors in the United States and the United Arab […]

The post Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations appeared first on Microsoft Security Blog.

Microsoft Security

Staying ahead of threat actors in the age of AI

February 15, 2024 0 Comments blizzard, forest blizzard (strontium), Government, mitre att&ck, non-governmental organizations (ngos), sandstorm, sleet, typhoon

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 14 Feb 2024 12:00:00 +0000

Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. The observed activity includes prompt-injections, attempted misuse of large language models (LLM), and fraud.

The post Staying ahead of threat actors in the age of AI appeared first on Microsoft Security Blog.

Microsoft Security

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

January 20, 2024 0 Comments mint sandstorm (phosphorus), sandstorm

Credit to Author: Microsoft Threat Intelligence| Date: Wed, 17 Jan 2024 17:00:00 +0000

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, the threat actor used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files.

The post New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs appeared first on Microsoft Security Blog.

Microsoft Security

Microsoft shares threat intelligence at CYBERWARCON 2023

November 15, 2023 0 Comments blizzard, sandstorm, tsunami, typhoon

Credit to Author: Microsoft Threat Intelligence| Date: Thu, 09 Nov 2023 12:00:00 +0000

At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity, demonstrating Microsoft Threat Intelligence’s ongoing efforts to track threat actors, protect customers, and share information with the wider security community.

The post Microsoft shares threat intelligence at CYBERWARCON 2023 appeared first on Microsoft Security Blog.