From lab52, in connection to the latest events related to the Russia’s ongoing cyberattacks in Ukraine, beyond destructive artifacts seen like Wipers and others, a new wave of malicious office documents (hereinafter maldocs) has been observed attempting to compromise systems leveraging a variant of well-know and open-source malware known as Quasar RAT. Recently, we identified […]
Cyberthreat
New TransparenTribe Operation: Targeting India with weaponized COVID-19 lure documents
Over the last months, lab52 has been researching an attack campaign which targets government and military personnel of India. In fact, targeting the Indian government seems to be one of the key indicators of the group that may be behind this attack. Furthermore, some of the artifacts and infrastructure used to carry out the novel […]
The energy reserves in the Eastern Mediterranean Sea and a malicious campaign of APT10 against Turkey
Energy reserves in the Eastern Mediterranean Sea and the “MEDEAST” gas pipeline: The Mediterranean Sea has become an increasingly relevant geostrategic topic for the Ministries of Foreign Affairs of Turkey, Greece, Cyprus, Israel and even China due to the controversies generated during the last decade for the discoveries of natural gas resources located in the […]
G20 event in Osaka targeted by threat actors:
The 28th and 29th of June is going to celebrate the G20 event in Osaka, Japan. In this event, the most relevant powerful decision makers will discuss the significant topics and strategies that will influence global order. The Nation-States with cyber offensive capabilities would be highly interested in cyberattacking the IT systems of politicians, organizations […]