[threat-actors] Add Storm-1575

This commit is contained in:
Mathieu4141 2024-02-01 11:02:05 -08:00
parent a42dc67fb6
commit e497ec2b38

View file

@ -14717,6 +14717,17 @@
}, },
"uuid": "2da09284-be56-49cd-ad18-993a6eb17af2", "uuid": "2da09284-be56-49cd-ad18-993a6eb17af2",
"value": "Storm-0835" "value": "Storm-0835"
},
{
"description": "Storm-1575 is a threat actor identified by Microsoft as being involved in phishing campaigns using the Dadsec platform. They utilize hundreds of Domain Generated Algorithm domains to host credential harvesting pages and target global organizations to steal Microsoft 365 credentials.",
"meta": {
"refs": [
"https://www.bridewell.com/insights/blogs/detail/analysing-widespread-microsoft365-credential-harvesting-campaign",
"https://twitter.com/MsftSecIntel/status/1712936244987019704?lang=en"
]
},
"uuid": "2485a9cb-b41c-43bd-8b1c-c64e919c0a4e",
"value": "Storm-1575"
} }
], ],
"version": 298 "version": 298