Iran-linked Threat Actor Targets T20 Summit Attendees

It has been reported that an Iranian threat actor has successfully compromised attendees of two global conferences – including ambassadors and senior policy experts –  in an effort to steal their email credentials. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran. The group – also known as APT 35, Charming Kitten, and Ajax Security Team – has been known to use phishing as an attack vector.