Microsoft report links Iranian Mint Sandstorm APT to US critical infrastructure attacks, utilizing new tactics and targeting multiple organizations and individuals #cybersecurity #criticalinfrastructure #MintSandstormAPT
In a recent report, Microsoft has connected the Iranian Mint Sandstorm APT to a string of attacks aimed at critical infrastructure in the US from late 2021 to mid-2022. The group has refined its tactics, techniques, and procedures (TTPs) by quickly weaponizing N-day vulnerabilities in enterprise applications using publicly disclosed POCs and custom tools. The group has targeted private and public organizations, including political dissidents, journalists, activists, the Defense Industrial Base (DIB), and employees from multiple government agencies, as well as individuals protesting oppressive regimes in the Middle East. The Mint Sandstorm group is also associated with other known groups, such as APT35, APT42, Charming Kitten, and TA453.