MuddyWater, an Iranian nation-state group, has been observed in destructive attacks on hybrid environments.
Microsoft Threat Intelligence team discovered MuddyWater and another emerging activity cluster, DEV-1084, targeting both on-premises and cloud infrastructures.
The attacks have been linked to Iran’s Ministry of Intelligence and Security (MOIS) and have primarily been against Middle Eastern nations.
DEV-1084, with the help of MuddyWater, conducted destructive actions after gaining a foothold in the target environment, such as encryption of on-premise devices and large-scale deletion of cloud resources.
Furthermore, the threat actors gained full access to email inboxes through Exchange Web Services.
Cisco Talos has described MuddyWater as a conglomerate of several smaller clusters, with DEV-1084 suggesting that this is true.
MuddyWater, an Iranian nation-state group, has been observed in destructive attacks on hybrid environments.
Microsoft Threat Intelligence team discovered MuddyWater and another emerging activity cluster, DEV-1084, targeting Middle Eastern nations.
The two groups have been linked to Iran’s Ministry of Intelligence and Security (MOIS) and have conducted destructive actions such as encryption of on-premise devices and large-scale deletion of cloud resources.
Cisco Talos has described MuddyWater as a conglomerate of several smaller clusters, with DEV-1084 suggesting that this is true.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply