POLONIUM (3c5129ea-8f18-4bcf-a33b-b5aab0720494)
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| POLONIUM (3c5129ea-8f18-4bcf-a33b-b5aab0720494) | Threat Actor | Plaid Rain (ce5357da-0e15-5022-bd4f-74aa689d0b2e) | Microsoft Activity Group actor | 1 |