Recently, a suspicious document has caught our attention due to its recent creation date (06-01-2020) and its title “How Swuleimani’s death will affect India and Pakistan.doc” which is directly related to recent political events between Iran and the USA. The document is in RTF format, and has an OLE object related with the Equation Editor. […]
CNA tactics: a first approach
Today’s post is a doctrinal and metaphysical one… really, it’s a pain. You’ve been warned 🙂 While talking about Computer Network Operations (CNO) we consider three capabilities or actions: CND, CNA and CNE (Defence, Attack and Exploitation respectively); while CND is obviously about technological defence of IT infrastructures against also technological attacks -not about a […]
The geopolitical and potential cyber influence of Russia in Africa
In this report there is an analysis about the current geopolitical relationship between Russia and Africa. Furthermore, it shows several malicious campaigns presumably attributed to Russia with diplomatic, energetic and defense targets. Geopolitical Russian influence over Africa: Africa has been an historical geostrategic target for most relevant countries with a significant power in the order […]
New PatchWork Spearphishing Attack
Recently, a somewhat more elaborated phishing has caught our attention at Lab52, it consists on a malicious office document of a real article from Samaa.tv published on 07-10-2019, one of the most important media in Pakistan. The article used in this campaign is related to the current rise of tension in the geopolitical Indian-Pakistani conflict […]
(Cyber) III Cold War: Hack the vote?
As you now, the DHS (Department of Homeland Security) along with the ODNI (Office of the Director of National Intelligence) formally accused Russia of meddling in the past US presidential elections with techniques from the burning information warfare and various cyberattacks. Let’s take a (somewhat delayed) look at this. It is not the first time that USA […]
(Cyber) GRU (XIV): conclusions
In this work, we have analyzed mainly the structure, targets and TTP of the GRU in the cyber field, based on the information brought to light during 2018 and which allowed to obtain a detailed knowledge of the Service and its activities, not only to intelligence services, but also to poor analysts like us who […]