| SYMBOL | COMMON_NAME | aka. SYNONYMS |
CL-STA-0043 is a highly skilled and sophisticated threat actor, believed to be a nation-state, targeting governmental entities in the Middle East and Africa. They exploit vulnerabilities in on-premises Internet Information Services and Microsoft Exchange servers to infiltrate target networks. They engage in reconnaissance, locate vital assets, and have been observed using native Windows tools for privilege escalation.
There are currently no families associated with this actor.
| 2023-06-16
⋅
Palo Alto Networks: Cortex Threat Research
⋅
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa CHINACHOPPER Ladon Yasso CL-STA-0043 |