Phosphorus (Iran): Phosphorus, a known Iran-backed threat actor was seen carrying out cyber-attacks trying to collect information about the upcoming U.S. presidential elections, according to Microsoft. Throughout 30 days between August and September 2019, 2,700 attempts were made by the group to identify emails of Microsoft users, and 241 Microsoft accounts were attacked in the process. The accounts that were targeted are associated with the presidential campaign in some way, whether they are people that work for the campaign, current or former politicians, government officials, or journalists reporting on world events surrounding Iran. Phosphorus managed to compromise four of the accounts, none of which were associated with the election, according to Microsoft. The threat actor was attempting to gain access to the secondary email that was being used by the victims, likely to use it to bypass two-factor authentication. These attacks that were seen by Microsoft were not sophisticated in any way, and for the time being, seemed to be more about collecting information versus exploiting stolen information.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security