In the middle of this year, from Lab52, thanks to our automated IOCs extraction and search system (hashes, domains, etc…), a match was found with a hash that we had in our database. The coincidence occurred in an email sent on May 14 of this year. When checking the log of the mail gateways, it […]
Ongoing Njrat campaign against Middle East
During the last months, Lab52 has been monitoring an infection campaign that is using different kinds of threats. One of these threats is Vengeance Justice Worm, also known as Vjw0rm, which is developed in Javascript. This is a type of malware capable of acting as a RAT or spreading through removable devices, thus doing worm […]
Geopolitical strategy of Iran and the cyberattacks of APT33
Executive summary The following report shows an analysis of several hybrid strategies that presumably Iran usually carries out against its national and international enemies. Currently, it is important to analyze how the Iranian Defense structures are composed to develop and execute from the State the cyberattacks and hybrid operations. Moreover, in the report there is […]
G20 event in Osaka targeted by threat actors:
The 28th and 29th of June is going to celebrate the G20 event in Osaka, Japan. In this event, the most relevant powerful decision makers will discuss the significant topics and strategies that will influence global order. The Nation-States with cyber offensive capabilities would be highly interested in cyberattacking the IT systems of politicians, organizations […]
Lab52 is focusing on geopolitical analysis and cybersecurity:
Lab52 offers a service which is completely focused on geopolitics and cybersecurity. Currently, there is an important correlation between geopolitics and cyberattacks. All the cyberattacks promoted by states have their origins or roots in the ancient framework of military espionage and intelligence ([1]). For that reason, Lab52 is permanently following and investigating the new updates related […]
Leviathan: Geostrategy and TTP (Tactics, Techniques and Procedures)
Executive summary: FireEye posted a relevant report regarding one of the most active threat groups; Leviathan, also known as TEMP, Periscope or TEMP.Jumper. This APT is supposedly attributed to the Chinese government ([1]). In this report is shown how involved the cyber threat groups are in the geostrategy of countries. China is the main supplier […]