Common Information
| Type | Value |
|---|---|
| Value |
CL-STA-0043 |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | CL-STA-0043 is a highly skilled and sophisticated threat actor, believed to be a nation-state, targeting governmental entities in the Middle East and Africa. They exploit vulnerabilities in on-premises Internet Information Services and Microsoft Exchange servers to infiltrate target networks. They engage in reconnaissance, locate vital assets, and have been observed using native Windows tools for privilege escalation. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-10-30 | 25 | Investigating the Actor Behind Operation Diplomatic Specter — TGR-STA-0043 | ||
| Details | Website | 2023-07-10 | 3 | SOC Prime Threat Bounty — June 2023 Results - SOC Prime | ||
| Details | Website | 2023-06-19 | 4 | State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments | ||
| Details | Website | 2023-06-19 | 4 | State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments | ||
| Details | Website | 2023-06-19 | 4 | State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments - RedPacket Security |