Exception Tracking Spreadsheet (TicklerTrax™)
Downloaded by more than 1,000 bankers. Free Excel spreadsheet to help you track missing and expiring documents for credit and loans, deposits, trusts, and more. Visualize your exception data in interactive charts and graphs. Provided by bank technology vendor, AccuSystems. Download TicklerTrax for free.
New tradecraft of Iranian Cyber group
The FBI, the Treasury Department, and the Israel National Cyber Directorate have issued a Cybersecurity Advisory (CSA) to warn network defenders of new cyber tradecraft of the Iranian cyber group Emennet Pasargad, which has been operating under the company name Aria Sepehr Ayandehsazan (ASA) and is known by the private sector terms Cotton Sandstorm, Marnanbridge, and Haywire Kitten.
The group exhibited new tradecraft in its efforts to conduct cyberenabled information operations into mid-2024 using a myriad of cover personas, including multiple cyber operations that occurred during and targeting the 2024 Summer Olympics – including the compromise of a French commercial dynamic display provider. ASA has also undertaken a project to harvest content from IP cameras and used online resources related to Artificial Intelligence. Since 2023, the group has exhibited new tradecraft including the use of fictitious hosting resellers to provision operational server infrastructure to its own actors as well as to an actor in Lebanon involved in website hosting. Recently released reporting from Microsoft indicates this group has demonstrated interest in election-related websites and media outlets, suggesting preparations for future influence operations.
The CSA provides the threat group’s tactics, techniques, and procedures (TTPs), including its leveraging of online resources related to Artificial Intelligence, and indicators of compromise (IOCs). The CSA also highlights similar activity from a previous FBI advisory that was published on 20 October 2022. This new advisory’s information and guidance are derived from FBI investigative activity and technical analysis of this group’s intrusion activity against U.S. and foreign organizations and engagements with numerous entities impacted by this malicious activity.
The authoring agencies recommend all organizations follow guidance provided in the Mitigations section to defend against the Iranian cyber group’s activities.