home.aspx
 
. https://itinfrastructure.report/Resources/Whitepapers/8b098bde-12bc-4ca0-87b9-e16d173f9e20_IranianThreat_WP.pdf
whitepaper
IRANIAN THREAT ACTOR AMASSES LARGE CYBER OPERATIONS INFRASTRUCTURE NETWORK TO TARGET SAUDI ORGANIZATIONSA
Insikt Group® researchers used proprietary methods, including Recorded Future Network Traffic Analysis and Recorded Future Domain Analysis, along with common analytical techniques, to profile Iranian cyberespionage threat actor APT33 (Elfin) and determine whether the public exposure of their TTPs in March 2019 impacted their operations. Data sources include the Recorded Future® Platform, Farsight Security’s DNSDB, ReversingLabs, VirusTotal, Shodan, and common OSINT techniques. This report will be of greatest interest to those interested in Middle Eastern geopolitics, as well as network defenders of organizations with a presence in the Middle East or in industries targeted by APT33, such as aerospace and defense, energy, finance, telecommunications, and manufacturing. DOWNLOAD