Microsoft Corp. (MSFT) has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks.
The Microsoft Threat Intelligence Center (MSTIC) and Digital Security Unit (DSU) assess this as part of a broader spying objective to compromise organizations of interest to the Iranian regime.
