"Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors"

UNC1549, an Iran-linked threat actor, has been attributed to new attacks targeting aerospace, aviation, and defense industries in the Middle East. According to Mandiant, the threat actor appears to overlap with Smoke Sandstorm (previously Bohrium) and Crimson Sandstorm (previously Curium). The attacks involve the use of Microsoft Azure cloud infrastructure for Command-and-Control (C2) and social engineering with job-related lures to deliver two backdoors called MINIBIKE and MINIBUS. This article continues to discuss the Iran-linked UNC1549 hackers targeting aerospace, aviation, and defense industries in the Middle East.

THN reports "Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors"

Submitted by grigby1

Submitted by Gregory Rigby on