This blog is the latest in our series taking a deeper dive into advanced persistent threat (APT) groups. Throughout this series, we aim to demystify APT groups around the world, including their motives, dynamics, and some of their tactics, techniques, and procedures (TTPs). The “A” stands for advanced technical sophistication, the “P” for persistent access […]
In this months episode of the what we’re reading series, we deep dive into an investigation into Russia’s military intelligence service (GRU), the recent Ethereum merge, and tracking the Russia -Ukraine war in Liveuamap. Check out the key takeaways from the team below. Riam: Bellingcat GRU investigation Late last month, Bellingcat released findings from an […]
Since the beginning of the Russia-Ukraine war, hacktivism has experienced a substantial resurgence, with many hacktivist groups being created in support of either Ukraine or Russia. We have observed an explosion in the number of distributed denial-of-service (DDoS), defacement, and data-leakage attacks over the past few months, targeting governments, critical sectors, and organizations in key […]
Since Russia’s invasion of Ukraine in February, the Digital Shadows (now ReliaQuest) Photon team has been following multiple aspects of the tragic conflict and its impact on the cybersphere. We’ve explored threat actors’ initial responses to the war, shared advice on how to plan a cyber response to the events, and investigated the revival of […]
One month ago, the Russian government began the invasion of Ukraine, triggering one of the most severe security crises in Europe since the collapse of the Soviet Union in 1992. The Photon Intelligence Team has been constantly analyzing the development of this war, providing assessment about the involvement of hacktivism in this conflict, practical advice […]
In an interview on 28 Feb 2022, former Presidential candidate Hillary Clinton criticized several cryptocurrency exchanges that had decided against blanket bans for Russian users from their platforms. The decision against the bans on Russian users coincided with significant sanctions being applied against Russia following their invasion into Ukraine. Senator Clinton reiterated a common sentiment […]
At the end of last week, Digital Shadow’s CISO, Rick Holland, released his blog Russian Cyber Threats: Practical Advice For Security Leaders. In that blog, Rick emphasized the importance of developing intelligence requirements to help understand the Russian threat to your organization. As the war between Russia and Ukraine continues, we in the Photon Intelligence […]
As the world reacted to Russia’s invasion of Ukraine on 24 Feb 2022, cybercriminals were also formulating their own opinions and strategic responses to best support their operations. These cybercriminals range from well-known cybercriminal groups such as the operators behind the “Conti” ransomware and “coomingproject” data leak sites to assorted cyber criminals who lurk on […]
As I spent Wednesday night doom scrolling into the early hours of the morning, I felt pretty powerless as I watched the tragic Ukraine crisis unfold. On Thursday, I decided to put this blog together to help security leaders and practitioners prepare for potential Russian cyber threats that could impact their organizations. This thought process […]
Arguably the biggest cybersecurity event of the year so far was the Russian Federal Security Service (FSB) arresting suspected members of the REvil (aka Sodinokibi) ransomware group on 14 Jan 2022. News of this operation, which reportedly occurred at the request of US authorities, rocked the cybersecurity community and has led to endless debates about […]