• Skip to primary navigation
  • Skip to main content
  • Skip to footer
lab52

lab52

The threat intelligence division of S2 Grupo

  • Home
  • Faq
  • Blog
  • About
  • Contact

New book NOW available: Cyber GRU. Russian military intelligence in cyberspace

July 08, 2025

Finally, CYBER GRU: Russian military intelligence in cyberspace, the new book that I announced some days ago, was published last Friday, July 4th. In the previous post, the structure of the book was presented, together with its table of contents. Both the editor and the printer have worked quickly, and it is ready earlier than […]

BigBoss

Snake Keylogger in Geopolitical Affairs: Abuse of Trusted Java Utilities in Cybercrime Operations

June 27, 2025

The S2 Group’s intelligence team has identified through adversary tracking a new phishing campaign by Snake Keylogger, a Russian origin stealer programmed in .NET, targeting various types of victims, such as companies, governments or individuals. The campaign has been identified as using spearphishing emails offering oil products. These emails will contain a zipped attachment that […]

3722304989

CYBER GRU: Russian military intelligence in cyberspace

June 19, 2025

I am excited to share that today I sent a new book to the printer titled CYBER GRU: Russian military intelligence in cyberspace. As this title states, it is a book where I delve into the GRU in cyberspace, ended in May and that, after some retouches and a foreword, is being printed to arrive […]

BigBoss

Some thoughts about Laundry Bear

May 27, 2025

Today, Dutch intelligence (AIVD and MIVD) and Microsoft have published two reports unveiling a potential new Russian threat actor: Laundry Bear, or Void Blizzard. This actor was discovered through a recent compromise of the Dutch Police, and it has been targeting Western organizations since at least 2024, including armed forces, government organizations and defense contractors, […]

BigBoss

Grandoreiro Stealer Targeting Spain and Latin America: Malware Analysis and Decryption Insights

April 04, 2025

A new campaign targeting Spain and Latin American countries, utilizing the Brazilian stealer Grandoreiro, was detected during March 2025. This report provides detailed insights into the malware’s behavior, along with an explanation of the string obfuscation and decryption techniques employed in this campaign. Grandoreiro Grandoreiro is a Brazilian-origin stealer malware that has been active since […]

3722304989

GRU: Military Unit 54777

February 03, 2025

The main units of the Russian GRU engaged in cyberspace operations have been discussed in this blog: from our old posts (from 2018) about unit 26165 and 74455, to the recent rise of unit 29155. All these units have something in common, in addition to their cyberspace capabilities: they have been assigned an APT group […]

BigBoss

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 14
  • Go to Next Page »

Footer

Copyright &copy Lab52 2019 by S2 Grupo | Legal notice | Cookie policy | Privacy policy