(Cyber) GRU (VI): and now what?
The information that has come to light during 2018, both the official information of governments of the United Kingdom, the United States, the Netherlands and Canada, as well as the unofficial...
View ArticleClik here to view.
(Cyber) GRU (VII): Structure. Unit 26165
Unit 26165 (85th Special Service Center) is located at number 20 of Komsomolskiy Prospekt. Also, at this same address is the Military Unit 06410 (152nd Training Center) with Koval NIKOLAY NESTEROVICH...
View ArticleClik here to view.
(Cyber) GRU (VIII): Structure. Unit 74455
Apparently, Unit 74455 is linked to operations of disinformation, influence, propaganda … which would reconfirm the broad concept of information warfare of the Russian military doctrine. We have...
View ArticleClik here to view.
Exchange forensics: The mysterious case of ghost mail (II)
(Note: This is a fiction story, the characters and situations are not real, the only real thing is the technical part, which is based on a mixture of work done, experiences of other colleagues and...
View ArticleClik here to view.
Exchange forensics: The mysterious case of ghost mail (III)
Articles in the series “Exchange forensics: The mysterious case of ghost mail”: [1] [2] [3] [Note: This is a fiction story, the characters and situations are not real, the only real thing is the...
View ArticleExchange forensics: The mysterious case of ghost mail (IV)
Articles in the series “Exchange forensics: The mysterious case of ghost mail”: [1] [2] [3] [4] [Note: This is a fiction story, the characters and situations are not real, the only real thing is the...
View ArticleClik here to view.
ORANGEWORM GROUP – KWAMPIRS ANALYSIS UPDATE
The OrangeWorm group was named and described by the Symantec Company in different blog entries [1] [2]. We would highlight from these entries that it is a group that has been operational since 2015 and...
View ArticleClik here to view.
IoT in the Industry 4.0 – Our data – collaboration or use?
On 7 February, a meeting was held in Madrid at the Vodafone Observatory of the Company, where experts in the cloud, artificial intelligence, robotics and digital transformation gave a vision on how to...
View ArticleClik here to view.
Military Financing Maldoc: analysis
Recently at Lab52 from S2 Grupo, we have detected an infection campaign through a malicious document that has called our attention due to its content and title. The document in question, named...
View ArticleCISSP certificate – I
A few years ago (2011), our colleague José Luis Villalón told us about the (ISC)2 CISSP certification. As things have changed somewhat since then, and taking advantage of the fact that I recently...
View ArticleClik here to view.
Ukraine election 2019 polls Maldoc: analysis
From Lab52 at S2 Grupo, we have recently detected a malicious document titled “Ukraine_election_2019_polls.doc”. The document was uploaded to Virustotal on March 12nd, 2019 from Germany. The title and...
View ArticleCISSP certificate – II. Personal experience
In yesterday’s post we saw some general aspects of CISSP certification, which can be expanded consulting the official website of (ISC)2. In this post I will go into detail on the non-formal aspects,...
View Article(Cyber) GRU (IX): structure. Other units
In addition to the two previous units, which have gained prominence from the information brought to light in 2018, the GRU has other Military Units linked to signal intelligence, cybersecurity or...
View Article(Cyber) GRU (X): objectives
Apart from some more specific objectives, such as Westinghouse Electric Company’s – with business in nuclear technology – or domestic routers that can be compromised to orchestrate a distributed attack...
View ArticleClik here to view.
(Cyber) GRU (XI): TTP
The information that has come to light in recent months, especially Mueller’s accusation, has identified different tactics and techniques of the GRU, some of them previously known – and in many cases...
View ArticleClik here to view.
(Cyber) GRU (XII): OPSEC
The GRU members expelled from the Netherlands used basic OPSEC measures, such as throwing out their own rubbish while staying in a hotel; nevertheless, their arrest revealed the lack of other equally...
View Article(Cyber) GRU (XIII): questions and conspiracies
Everything that happened in 2018 in relation to the GRU, both the public accusations of different governments and the private investigations in relation to their activities, make us ask ourselves...
View ArticleClik here to view.
(Cyber) GRU (XIV): conclusions
In this work, we have analyzed mainly the structure, targets and TTP of the GRU in the cyber field, based on the information brought to light during 2018 and which allowed to obtain a detailed...
View ArticleClik here to view.
The 5 keys of an Operator’s Security Plan for a health service
(This post has been prepared by Juan Carlos Muria & Samuel Segarra.) Regarding the protection of critical infrastructures and essential services, as reflected in the European NIS Directive, in...
View ArticleClik here to view.
My5tery solved
Typical autumn day, through the window you can only see a gray sky. It is the typical day in which you believe that nothing strange is going to happen. Suddenly, our surveillance system alerts...
View Article