A recent report by Mandiant unveils APT42, an Iranian hacking group, disguising themselves as journalists from major news outlets like The Washington Post to orchestrate social engineering schemes, gather credentials through spear-phishing campaigns, deploy malware, and targeting sectors beyond known sources. The meticulously planned approach allowed the group to gain access to victim networks, compromise Microsoft 365 environments, evade detection with simple tactics such as clearing browser histories, and using anonymized infrastructure. The group's activities are tied to the Iranian intelligence apparatus, focusing on preventing foreign threats and domestic unrest
Mandiant's findings indicate a large-scale impact globally, with instances of securing persistent access mechanisms and operating through sophisticated backdoors. ```https://www.bankinfosecurity.com/new-report-exposes-iranian-hacking-groups-media-masquerade-a-25011