Analysts at SentinelOne have released a report detailing an Iranian threat actor that they’ve named “Agrius,” TheRecord reports. Agrius has been tracked since early 2020, and has recently shifted their focus towards Israel-targeted operations. Agrius makes use of a data-wiping malware family, DEADWOOD, which has been attributed to Iranian threat actors in the past. Additionally, this actor, possibly in a bid to evade detections, deployed another sample named Apostle that also tried to delete files. SentinelLabs noted that Apostle did not work properly.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security