Category Archives: Uncategorized

Background In 2015 and 2016, the Democratic National Committee (DNC) was hacked by not one, but two Russian intelligence services, the Russian Main Intelligence Directorate (GRU) and the Russian Foreign Intelligence Service (SVR). The two advanced persistent threat (APT) groups attributed to these organizations coexisted inside the DNC’s networks for months and provided valuable political intelligence to […]

Background Destructive cyberattacks and digital espionage campaigns targeting international space programs is a growing and concerning trend. Some of the most significant cyberattacks over the last five years have been turning points in the state of cybersecurity of international space programs and organizations with satellite infrastructure in space.  Space exploration and the significance of having satellite […]

A Brief Analysis of Artifacts Left by a Mimikatz Campaign This short blog examines the remnants left behind by a Mimikatz operator’s campaign, analyzing the key artifacts and their implications. Background While doing to some internet dumpster-diving (as I like to call it) I came across an open directory belonging to a threat actor’s Mimikatz […]

Background Active since at least August 2021, a new English-speaking threat actor calling themselves “1977” has developed and advertised a new eCrime market on multiple underground forums called Darth Maul Shop. This blog aims to highlight some of the key aspects of a new emerging eCrime market, analyze its reception by other threat actors, and discuss […]

A Brief Overview of the Spread of an Advanced Commercial Penetration Testing Tool Among Cybercriminals This short blog aims to document the spread of a sophisticated commercial penetration testing tool within cybercriminal communities across multiple Russian- and English-speaking underground forums. What? Available since December 2020, Brute Ratel C4 (aka BRC4) is one of the hottest […]