[threat-actors] Add Storm-1575

pull/921/head
Mathieu4141 2024-02-01 11:02:05 -08:00
parent a42dc67fb6
commit e497ec2b38
1 changed files with 11 additions and 0 deletions

View File

@ -14717,6 +14717,17 @@
}, },
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2", "uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
"value": "Storm-0835" "value": "Storm-0835"
},
{
"description": "Storm-1575 is a threat actor identified by Microsoft as being involved in phishing campaigns using the Dadsec platform. They utilize hundreds of Domain Generated Algorithm domains to host credential harvesting pages and target global organizations to steal Microsoft 365 credentials.",
"meta": {
"refs": [
"https://www.bridewell.com/insights/blogs/detail/analysing-widespread-microsoft365-credential-harvesting-campaign",
"https://twitter.com/MsftSecIntel/status/1712936244987019704?lang=en"
]
},
"uuid": "2485a9cb-b41c-43bd-8b1c-c64e919c0a4e",
"value": "Storm-1575"
} }
], ],
"version": 298 "version": 298