![]() ![]() This new name is part of the new threat actor naming taxonomy we announced today, designed to keep pace with the evolving and growing threat landscape. Mint Sandstorm is Microsoft’s new name for PHOSPHORUS, an Iranian nation-state actor. Given this subgroup’s capabilities, the profile of past targets, and the potential for cascading effects, Microsoft is publishing details on known tradecraft alongside corresponding detections and mitigations to help organizations protect against this and similar threats. This Mint Sandstorm subgroup has also continued to develop and use custom tooling in selected targets, notably organizations in the energy and transportation sectors. Specifically, this subset has rapidly weaponized N-day vulnerabilities in common enterprise applications and conducted highly-targeted phishing campaigns to quickly and successfully access environments of interest. Over the past several months, Microsoft has observed a mature subgroup of Mint Sandstorm, an Iranian nation-state actor previously tracked as PHOSPHORUS, refining its tactics, techniques, and procedures (TTPs). Microsoft Purview Data Lifecycle Management.Microsoft Purview Information Protection.Information protection Information protection.Microsoft Priva Subject Rights Requests.Microsoft Purview Communication Compliance.Microsoft Purview Insider Risk Management.Risk management & privacy Risk management & privacy.Microsoft Intune Endpoint Privilege Management.Endpoint security & management Endpoint security & management.Microsoft Defender External Attack Surface Management.Microsoft Defender Cloud Security Posture Mgmt. ![]() Microsoft Defender Vulnerability Management.Azure Active Directory part of Microsoft Entra.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |