• Skip to primary navigation
  • Skip to main content
  • Skip to footer
lab52

lab52

The threat intelligence division of S2 Grupo

  • Home
  • Faq
  • Blog
  • About
  • Contact

The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey

May 14, 2020

Energy reserves in the Eastern Mediterranean Sea and the “MEDEAST” gas pipeline: The Mediterranean Sea has become an increasingly relevant geostrategic topic for the Ministries of Foreign Affairs of Turkey, Greece, Cyprus, Israel and even China due to the controversies generated during the last decade for the discoveries of natural gas resources located in the […]

Dex

How Lab52 free service can protect your organization

May 07, 2020

Advanced Persistent Threats (APT) represent a risk to organizations, but they can not be deal with the same tools as generic malware. The main difference lies in the financial support they have (for example, governments or organized crime) Among the activities of the APT, one could highlight both espionage that provides strategic and political advantage […]

Dex

China: From culture to conflict in the cyberspace

April 14, 2020

Since in 2013 the US cybersecurity consultancy Mandiant published its famous report about APT1, showing its links with different agencies presumably associated with the Chinese government, the news about its actions in cyberspace has been significantly increased. Among others, we find APT15, APT27 or Winnti Group (APT41); the US DoJ’s allegations of cyber espionage towards […]

w0lfvan

APT-C-36 new anti-detection tricks

March 23, 2020

Lab52 has recently detected an increase in the efforts carried out by APT-C-36 to improve their capabilities to remain undetected by Anti Malware software, using a more complex infection chain than a simple packer, as they have been doing so far. The sample detected using this new detection evasion technique has a name and icon […]

JagaimoKawaii

The role of China in the Persian Gulf and potential cyberthreats:

February 18, 2020

After the rise of tensions between the US and Iran due to the US military operation that ended the life of the Iranian General Qasem Soleimani and the Iraqi Commander Abu Mahdi al-Muhandis ([12]), Iran carried out an attack with missiles against two US military bases located in Iraq ([13]). These events have generated a […]

Dex

Intelligence operation against targets in Indonesia

February 12, 2020

Lab52 has detected malicious activity targeting Indonesian victims. This activity could be linked to an intelligence operation. We have been tracking this activity since December 27th of 2019 The main tools of this threat actor, are built as DLL files, and launched with this commands: “C:\Windows\System32\rundll32.exe” shell32.dll,ShellExec_RunDLL regsvr32 /s C:\ProgramData\pubpool.dll /i:process104.dll “C:\WINDOWS\system32\regsvr32.exe” /s C:\ProgramData\pubpool.dll /i:process104.dll […]

ml10

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 6
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Interim pages omitted …
  • Go to page 14
  • Go to Next Page »

Footer

Copyright &copy Lab52 2019 by S2 Grupo | Legal notice | Cookie policy | Privacy policy