Category: MuddyWater
-
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater” Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to…