Earth Simnavaz, an Iranian APT group, has deployed a new backdoor targeting UAE government sectors and critical infrastructure, which exploits on-premises Microsoft Exchange servers to exfiltrate sensitive credentials, reflecting their continued focus on cyber espionage in the Gulf region. It has been exploiting dropped password filter policy vulnerabilities to extract clean-text passwords and has also … Continue reading Earth Simnavaz conducts cyberattacks in UAE and Gulf regions