During the analysis of some malicious artifacts collected from an incident, we have recently detected a sample that has caught our attention, the sample was deployed on a server exposed to the Internet and was packed with “VMProtect”. After analyzing this malware sample we could see that it was a recent version of a tool […]
APT
The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey
Energy reserves in the Eastern Mediterranean Sea and the “MEDEAST” gas pipeline: The Mediterranean Sea has become an increasingly relevant geostrategic topic for the Ministries of Foreign Affairs of Turkey, Greece, Cyprus, Israel and even China due to the controversies generated during the last decade for the discoveries of natural gas resources located in the […]
The role of China in the Persian Gulf and potential cyberthreats:
After the rise of tensions between the US and Iran due to the US military operation that ended the life of the Iranian General Qasem Soleimani and the Iraqi Commander Abu Mahdi al-Muhandis ([12]), Iran carried out an attack with missiles against two US military bases located in Iraq ([13]). These events have generated a […]
The geopolitical and potential cyber influence of Russia in Africa
In this report there is an analysis about the current geopolitical relationship between Russia and Africa. Furthermore, it shows several malicious campaigns presumably attributed to Russia with diplomatic, energetic and defense targets. Geopolitical Russian influence over Africa: Africa has been an historical geostrategic target for most relevant countries with a significant power in the order […]
(Cyber) GRU (X): objectives
Apart from some more specific objectives, such as Westinghouse Electric Company’s – with business in nuclear technology – or domestic routers that can be compromised to orchestrate a distributed attack against the real objective, the information published in 2018 has brought to light five major GRU objectives, consistent with the interests of the Service and […]
G20 event in Osaka targeted by threat actors:
The 28th and 29th of June is going to celebrate the G20 event in Osaka, Japan. In this event, the most relevant powerful decision makers will discuss the significant topics and strategies that will influence global order. The Nation-States with cyber offensive capabilities would be highly interested in cyberattacking the IT systems of politicians, organizations […]