• Skip to primary navigation
  • Skip to main content
  • Skip to footer
lab52

lab52

The threat intelligence division of S2 Grupo

  • Home
  • Faq
  • Blog
  • About
  • Contact

Leviathan: Geostrategy and TTP (Tactics, Techniques and Procedures)

May 30, 2019

Executive summary: FireEye posted a relevant report regarding one of the most active threat groups; Leviathan, also known as TEMP, Periscope or TEMP.Jumper. This APT is supposedly attributed to the Chinese government ([1]). In this report is shown how involved the cyber threat groups are in the geostrategy of countries. China is the main supplier […]

Dex

Winnti Group: Geostrategic and TTP (Tactics, Techniques and Procedures)

May 16, 2019

Executive Summary China is one of the world powers with more presence within the international market of the gaming sector, controlling the Southeast Asian market and even more than half of the global market of the Gaming sector. Winnti Group is currently considered to be an APT group allegedly attributed to the government of China […]

Dex

Ukraine election 2019 polls Maldoc: analysis

April 17, 2019

From Lab52 at S2 Grupo, we have recently detected a malicious document titled “Ukraine_election_2019_polls.doc”. The document was uploaded to Virustotal on March 12nd, 2019 from Germany. The title and uploading date is especially relevant in this case, because of the existing conflict between Ukraine and Russia and the general elections at Ukraine. Document content Regarding […]

JagaimoKawaii

Military Financing Maldoc: analysis

April 04, 2019

Recently at Lab52 from S2 Grupo, we have detected an infection campaign through a malicious document that has called our attention due to its content and title. The document in question, named “Military Financing.xlsm” and hash “efe51c2453821310c7a34dca3054021d0f6d453b7133c381d75e3140901efd12”  stands out mainly for the image it contains, which refers to a document with secret information about the […]

JagaimoKawaii

(Cyber) GRU (VIII): Structure. Unit 74455

April 02, 2019

Apparently, Unit 74455 is linked to operations of disinformation, influence, propaganda … which would reconfirm the broad concept of information warfare of the Russian military doctrine. We have already referred to it repeatedly, and to the mixture of the purely technical field with the psychological field (dezinformatsiya, spetspropaganda, kompromat, etc.). In fact, the US DIA […]

BigBoss

(Cyber) GRU (VII): Structure. Unit 26165

April 02, 2019

Unit 26165 (85th Special Service Center) is located at number 20 of Komsomolskiy Prospekt. Also, at this same address is the Military Unit 06410 (152nd Training Center) with Koval NIKOLAY NESTEROVICH in command, which was created on 08/27/1943. Apparently, this second Unit is not related to the cyber field from a technical point of view, […]

BigBoss

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 10
  • Go to page 11
  • Go to page 12
  • Go to page 13
  • Go to page 14
  • Go to Next Page »

Footer

Copyright &copy Lab52 2019 by S2 Grupo | Legal notice | Cookie policy | Privacy policy