Expert Reacted On Microsoft Says Iranian Hackers “Phosphorus” Targeted Conference Attendees

By   ISBuzz Team
Writer , Information Security Buzz | Oct 29, 2020 07:21 am PST

Microsoft says it detected and worked to stop a series of cyberattacks from the threat actor Phosphorous masquerading as conference organizers to target more than 100 high-profile individuals. Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia. The Munich Security Conference is the most important gathering on the topic of security for heads of state and other world leaders, and it has been held annually for nearly 60 years. Likewise, T20 is a highly visible event that shapes policy ideas for the G20 nations and informs their critical discussions. Based on current analysis, Microsoft does not believe this activity is tied to the U.S. elections in any way.

More information:

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
James McQuiggan
James McQuiggan , Security Awareness Advocate
October 29, 2020 3:27 pm

The mailing lists for previous conferences could have been collected via a data breach or other theft, and the cybercriminals are using those lists to target the users specifically. The user may feel more relaxed and not scrutinise the email, as it appears to come from a trusted source; especially if he/she had previously attended the conference. End users receiving these types of emails will want to make sure they know the social engineering scams and techniques used by cybercriminals to engineer them to fall victim to these attacks.

All organisations should have a robust security awareness training program to ensure that employees can make smarter security decisions like recognising a spear-phishing email and taking the necessary actions to protect an organisation from various attacks.

Last edited 3 years ago by James McQuiggan

Recent Posts

Would love your thoughts, please comment.x