Today, Dutch intelligence (AIVD and MIVD) and Microsoft have published two reports unveiling a potential new Russian threat actor: Laundry Bear, or Void Blizzard. This actor was discovered through a recent compromise of the Dutch Police, and it has been targeting Western organizations since at least 2024, including armed forces, government organizations and defense contractors, […]
Russia
New invitation from APT29 to use CCleaner
Last month of May we were talking about the new APT29 campaign that we called “Information”. Recently, just a week ago, an unknown actor used similar techniques to APT29. This time APT29 is once again the focus after new techniques were identified in their operations. This post details the new techniques observed, in particular: SVG […]
Another cyber espionage campaign in the Russia-Ukrainian ongoing cyber attacks
From lab52, in connection to the latest events related to the Russia’s ongoing cyberattacks in Ukraine, beyond destructive artifacts seen like Wipers and others, a new wave of malicious office documents (hereinafter maldocs) has been observed attempting to compromise systems leveraging a variant of well-know and open-source malware known as Quasar RAT. Recently, we identified […]
The geopolitical and potential cyber influence of Russia in Africa
In this report there is an analysis about the current geopolitical relationship between Russia and Africa. Furthermore, it shows several malicious campaigns presumably attributed to Russia with diplomatic, energetic and defense targets. Geopolitical Russian influence over Africa: Africa has been an historical geostrategic target for most relevant countries with a significant power in the order […]
(Cyber) GRU (X): objectives
Apart from some more specific objectives, such as Westinghouse Electric Company’s – with business in nuclear technology – or domestic routers that can be compromised to orchestrate a distributed attack against the real objective, the information published in 2018 has brought to light five major GRU objectives, consistent with the interests of the Service and […]