Muddled Libra now actively targets CSP environments and SaaS applications. Using the MITRE ATT&CK framework, we outline observed TTPs from incident response.

Unit42 is a cybersecurity research team known for its  analysis of cyber threats, malware, and cyber attack trends. Through research reports, threat intelligence briefings, and data analysis, Unit42 offers insights into emerging cyber threats and adversary tactics. Readers can learn about threat detection methodologies, vulnerability trends, and cyber attack attribution to enhance their cybersecurity posture and protect their organizations from advanced cyber threats.

Unit 42

Muddled Libra group targets SaaS applications and CSP environments to gather data and exfiltrate it. They use various access methodologies, perform common exploits in SaaS applications, and leverage legitimate CSP services for data exfiltration.

Muddled Libra’s Evolution to the Cloud