• Skip to primary navigation
  • Skip to main content
  • Skip to footer
lab52

lab52

The threat intelligence division of S2 Grupo

  • Home
  • Faq
  • Blog
  • About
  • Contact

APT-C-36 recent activity analysis

January 15, 2020

From Lab52 we have been tracking during the last months the activity of the group APT-C-36. This group was named and publicly introduced by the Company 360 [1] last year. In this article is highlighted as the main objective of the group, the companies located in Colombia. If you don’t know APT-C-36, we recommend the […]

ml10

APT27 ZxShell RootKit module updates

January 13, 2020

Within the toolset of the different APT groups, one of the most interesting elements and the one that generally worries the most, are their capabilities in Ring0, generally RootKit/Bootkit type threats that act with the maximum level of privileges. An example of this type of threats is the RootKit module of ZxShell RAT used by […]

JagaimoKawaii

TA428 Group abusing recent conflict between Iran and USA

January 09, 2020

Recently, a suspicious document has caught our attention due to its recent creation date (06-01-2020) and its title “How Swuleimani’s death will affect India and Pakistan.doc” which is directly related to recent political events between Iran and the USA. The document is in RTF format, and has an OLE object related with the Equation Editor. […]

JagaimoKawaii

CNA tactics: a first approach

November 11, 2019

Today’s post is a doctrinal and metaphysical one… really, it’s a pain. You’ve been warned 🙂 While talking about Computer Network Operations (CNO) we consider three capabilities or actions: CND, CNA and CNE (Defence, Attack and Exploitation respectively); while CND is obviously about technological defence of IT infrastructures against also technological attacks -not about a […]

Dex

The geopolitical and potential cyber influence of Russia in Africa

October 31, 2019

In this report there is an analysis about the current geopolitical relationship between Russia and Africa. Furthermore, it shows several malicious campaigns presumably attributed to Russia with diplomatic, energetic and defense targets. Geopolitical Russian influence over Africa: Africa has been an historical geostrategic target for most relevant countries with a significant power in the order […]

Dex

New PatchWork Spearphishing Attack

October 22, 2019

Recently, a somewhat more elaborated phishing has caught our attention at Lab52, it consists on a malicious office document of a real article from Samaa.tv published on 07-10-2019, one of the most important media in Pakistan. The article used in this campaign is related to the current rise of tension in the geopolitical Indian-Pakistani conflict […]

JagaimoKawaii

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 7
  • Go to page 8
  • Go to page 9
  • Go to page 10
  • Go to page 11
  • Interim pages omitted …
  • Go to page 14
  • Go to Next Page »

Footer

Copyright &copy Lab52 2019 by S2 Grupo | Legal notice | Cookie policy | Privacy policy