Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
20 September 2024
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks.
Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and