COBALT ILLUSION Masquerades as Atlantic Council Employee
Counter Threat Unit Research TeamThe phishing campaign targets researchers who document the suppression of women and minority groups in Iran. Read More
The phishing campaign targets researchers who document the suppression of women and minority groups in Iran. Read More
Both personas are likely operated by the Iranian COBALT SAPLING threat group. Read More
A subgroup of the Iranian COBALT MIRAGE threat group leverages Drokbk for persistence. Read More
How proactively hardening Active Directory and investing in the Taegis ManagedXDR service quickly contained a breach. Read More
Ransomware, loaders, stealers, zero-day exploits, cyberwarfare, espionage: the cyber threats kept coming in 2022 – and threat actors are growing in skill and stealth. Read More
Artifacts exposed personas and companies associated with the Iranian threat group. Read More
The likely Chinese government-sponsored threat group uses decoy documents and PlugX malware to compromise targets. Read More
Security controls such as MFA can limit access to internet-facing databases. Read More
The Iranian threat group blurs the line between financially motivated attacks and espionage. Read More
Updated samples indicate access to original source code and active development, signaling that GOLD SOUTHFIELD has resumed operations. Read More