Iranian Cyber Group Nimbus Manticore Targets US Aviation and Software Firms with New Tactics
The Iranian cyber group Nimbus Manticore, linked to Iran's Islamic Revolutionary Guard Corps, has shifted its focus to targeting US aviation and software companies. Known for its previous operations in the Middle East and Europe, the group has adopted new tactics, including AppDomain hijacking and search engine optimization (SEO) poisoning, to distribute malware. Recent campaigns involved phishing lures and fake job offers to deploy the MiniFast backdoor, a tool for long-term persistence and remote command execution. The group's activities have intensified amid rising geopolitical tensions, with a deliberate focus on US-based targets, marking a significant shift in their operational strategy. 
