An Iranian cyber-operations group, Emennet Pasargad — also known as Cotton Sandstorm — has broadened its attacks, expanding its targets beyond Israel and the United States and targeting new IT assets, such as IP cameras.
In an advisory published last week, the US Departments of Justice and Treasury — along with the Israel National Cyber Directorate (INCD) — called out the change in tactics and noted that the group had provided resources and infrastructure services to Middle Eastern threat groups by operating as a legitimate company, Aria Sepehr Ayandehsazan (ASA). In addition, since the beginning of the year, Emennet Pasargad has scanned for IP cameras, targeted organizations in France and Sweden, and actively probed a variety of election sites and systems, according to the government advisory.
Källa: Iranian APT Targets IP Cameras, Extends Attacks Beyond Israel