
image credit: pexels
An Iranian state-sponsored group in operation since 2015 relies on highly targeted social engineering attack individuals and organizations that Tehran deems enemies of the regime, says a new report from cyberthreat intelligence firm Mandiant.
Targets of the threat actor Mandiant newly dubs APT42 include members of the Iranian diaspora as well as Western think tanks, academics and media organizations. The threat actor operates on behalf of the Islamic Revolutionary Guard Corps’ Intelligence Organization and appears to be trusted to quickly react to geopolitical changes and adjust to new targets of operational interest.