S3E1: Spotlight Iran - from Cain & Abel to full SANDSPY

In response to increased U.S.-Iran tensions stemming from the recent death of Quds Force leader Qasem Soleimani by U.S. forces and concerns of potential retaliatory cyber attacks, we're bringing the latest from our front-line experts on all things Iran. Christopher Glyer and Nick Carr are joined by Sarah Jones (@sj94356) and Andrew Thompson (@QW5kcmV3) to provide a glimpse into Iran-nexus threat groups - including APT33, APT34, APT35, APT39, and TEMP.Zagros - as well as the freshest actionable information on suspected Iranian uncategorized (UNC) groups that are active right now. We get right into it with a picture of Iranian compromise activity from just a few years ago - what we observed and the basic, cookie-cutter approach to their intrusions - and then begin to walk through the stark contrast to their TTPs today. We discuss how and why their Computer Network Operations (CNO) has evolved quickly and provide a detailed walk through all of the graduated Iranian APT groups. Our experts share their exp