The S2 Group’s intelligence team has identified through adversary tracking a new phishing campaign by Snake Keylogger, a Russian origin stealer programmed in .NET, targeting various types of victims, such as companies, governments or individuals. The campaign has been identified as using spearphishing emails offering oil products. These emails will contain a zipped attachment that […]
Russia
CYBER GRU: Russian military intelligence in cyberspace
I am excited to share that today I sent a new book to the printer titled CYBER GRU: Russian military intelligence in cyberspace. As this title states, it is a book where I delve into the GRU in cyberspace, ended in May and that, after some retouches and a foreword, is being printed to arrive […]
Some thoughts about Laundry Bear
Today, Dutch intelligence (AIVD and MIVD) and Microsoft have published two reports unveiling a potential new Russian threat actor: Laundry Bear, or Void Blizzard. This actor was discovered through a recent compromise of the Dutch Police, and it has been targeting Western organizations since at least 2024, including armed forces, government organizations and defense contractors, […]
New invitation from APT29 to use CCleaner
Last month of May we were talking about the new APT29 campaign that we called “Information”. Recently, just a week ago, an unknown actor used similar techniques to APT29. This time APT29 is once again the focus after new techniques were identified in their operations. This post details the new techniques observed, in particular: SVG […]
Another cyber espionage campaign in the Russia-Ukrainian ongoing cyber attacks
From lab52, in connection to the latest events related to the Russia’s ongoing cyberattacks in Ukraine, beyond destructive artifacts seen like Wipers and others, a new wave of malicious office documents (hereinafter maldocs) has been observed attempting to compromise systems leveraging a variant of well-know and open-source malware known as Quasar RAT. Recently, we identified […]
The geopolitical and potential cyber influence of Russia in Africa
In this report there is an analysis about the current geopolitical relationship between Russia and Africa. Furthermore, it shows several malicious campaigns presumably attributed to Russia with diplomatic, energetic and defense targets. Geopolitical Russian influence over Africa: Africa has been an historical geostrategic target for most relevant countries with a significant power in the order […]