The Iranian nation-state threat actor known as Peach Sandstorm (HOLMIUM) has been conducting password spray campaigns targeting numerous organizations worldwide. While they previously targeted various sectors, including aviation, construction, defense, education, energy, finance, healthcare, government, satellite, and telecommunications, they have recently focused on the satellite, defense, and pharmaceutical industries. Microsoft's latest findings suggest that these campaigns are likely aimed at intelligence collection in support of Iranian state interests. Between February and July 2023, Peach Sandstorm launched waves of password spray attacks and attempted to exploit vulnerabilities in internet-facing applications to gain access to target environments. Microsoft emphasizes the need for organizations to enhance their defenses to counter these evolving threats and promises to continue monitoring Peach Sandstorm's activities while providing robust protections for their customers.
The Iranian nation-state threat actor known as Peach Sandstorm (HOLMIUM) has been conducting password spray campaigns targeting numerous organizations worldwide. While they previously targeted various sectors, including aviation, construction, defense, education, energy, finance, healthcare, government, satellite, and telecommunications, they have recently focused on the satellite, defense, and pharmaceutical industries. Microsoft's latest findings suggest that these campaigns are likely aimed at intelligence collection in support of Iranian state interests. Between February and July 2023, Peach Sandstorm launched waves of password spray attacks and attempted to exploit vulnerabilities in internet-facing applications to gain access to target environments. Microsoft emphasizes the need for organizations to enhance their defenses to counter these evolving threats and promises to continue monitoring Peach Sandstorm's activities while providing robust protections for their customers.