Leafminer, a threat actor that appears to be operating out of Iran, is conducting a wide-ranging cyber espionage campaign. The group has run targeted vulnerability scans against as many as 809 organizations across multiple industries in Saudi Arabia, United Arab Emirates, Egypt, Kuwait, Israel, and other countries in the Middle East. Group’s major focus areas appear to be organizations in the financial, government, and petrochemical sectors, with half of its targest in those industries. Leafminers’ tactics, techniques and procedures are somewhat similar to the so-called “living-off-the-land” approach.”]