Skip to Content

Tag: APT

APT Spotlight Series: Sandworm

This blog is the latest in our series taking a deeper dive into advanced persistent threat (APT) groups. Throughout this series, we aim to demystify APT groups around the world, including their motives, dynamics, and some of their tactics, techniques, and procedures (TTPs). The “A” stands for advanced technical sophistication, the “P” for persistent access […]

NATO Leaders are Meeting at the Madrid Summit 2022: What is going to happen?

Today, the leaders of the North Atlantic Treaty Organization (NATO) are gathering in Madrid, Spain for their annual Summit, where leaders from the 30 member countries meet to discuss the key issues facing the Alliance. This year’s Summit will be critical for the imminent and long-term future of this military and political defensive alliance, and […]

POLONIUM: Proxy Warfare and Iran’s Cyber Strategy

In June 2022, Microsoft reported that a new advanced persistent threat (APT) group was wreaking havoc on Israeli organizations. The group, dubbed “POLONIUM”, is reportedly based in Lebanon, and has targeted over 20 Israeli organizations in the past 3 months. But APTs targeting Israel isn’t exactly groundbreaking news– everyone from Iran to China to Palestine […]

What we’re reading this month: May 2022

Where is the year going? It only seems like yesterday that we celebrated the turn of the year, with the end of May also coming up fast. With that turn of the month, it is of course time for our team of talented analysts to give an update on what’s caught their attention this month.  […]

Advanced persistent threat group feature: Mustang Panda

Advanced persistent threat (APT) groups are often tricky to wrap your head around. By their nature, state-associated groups are well-resourced and as their terminology suggests, APT groups are persistent. They prioritize stealth and staying undetected for as long as possible. That means it is often difficult to catch them red-handed in the act of stealing […]

Five years after the WannaCry dumpster fire, ransomware remains a global threat

It has been five years since the dumpster fire we all remember as WannaCry. WannaCry is self-propagating ransomware that held hundreds of thousands of devices around the world hostage in 2017. While the WannaCry attack was catastrophic, the worm-like ransomware attack also served as a lesson for cybercriminals and network defenders alike. From a cybercriminal’s […]

What We’re Reading This Month: April 2022

As an intelligence analyst, it’s paramount to stay on top of what’s happening in the world around you. To inform our own research and develop skills, we typically keep on top of the news cycle by reading from multiple news sources, of course, mostly covering the world of cyber threats.  Some of the more interesting […]

Russia’s Second Front: The War on Information

You would think that it would be nearly impossible to industrialize propaganda in the 21st century, especially with the tremendous number of independent news outlets, media resources, and diverse social media content that is accessible to us all. However, the war between Russia and Ukraine is highlighting how information can be weaponized and distorted.  If […]