Search This Blog

Intelligence Corner

My blog to share open-source intelligence, often pertaining to state-sponsored cyber threats and research on national security questions.

Moving to sploited.blog

Get link
Facebook
X
Pinterest
Email
Other Apps

- May 12, 2025

For anyone following my posts, I'm migrating over to sploited.blog where I will continue to post with more frequency.

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

The (un)Usual Suspects: Tracking America's Next Adversaries (2025-2045)

- April 08, 2025

Framing the Future Disclaimer : This research project uses data derived from open-source materials like public intelligence assessments, government publications, and think tank reports. This report is based solely on my personal insights, hypothetical scenarios, and independent analysis. It does not contain any sensitive or classified information and does not reflect the views of my employer. This report's purpose is to serve as an exercise in research, analysis, and critical thinking. As the global security environment grows increasingly complex, United States (US) national defense strategies need to evolve beyond traditional threat frameworks. While Russia (RU), China (CN), Iran (IR), and North Korea (NK) - the "Big Four" - remain primary national security concerns, they don't represent the full spectrum of emerging kinetic threats the US may face over the next two decades. A range of other state and non-state threat actors are developing the capabilities and intent...

Russian Intelligence Impersonates Multiple Organizations to Target Ukraine Sympathizers in New Phishing Campaign

- March 31, 2025

On March 14, 2024, Silent Push published a report [1] detailing a targeted phishing campaign suspected to be linked to Russian intelligence services , possibly associated with GRU Unit 29155 —a unit previously implicated in influence operations, assassinations, and destabilization campaigns across Europe [2]. The campaign appears to target individuals who are sympathetic to Ukraine or opposed to the Russian government , with the likely objective of collecting intelligence on opposition-aligned Russians , identifying potential defectors , and monitoring foreign sympathizers . Silent Push identified four distinct phishing clusters impersonating: The CIA – Websites masquerading as legitimate CIA communication portals, likely intended to trick users into self-identifying as informants or opposition supporters. Russian Volunteer Corps (RVC) – Fake sites spoofing this anti-Putin militia made up of Russian nationals fighting alongside Ukraine. Legion "Liberty" (Legion Svo...

Russian GRU Unit 29155 recent operations

- November 01, 2024

Background Russian GRU military intelligence Unit 29155 (aka Cadet Blizzard, Ember Bear, FrozenVista, UNC2589) is a covert subunit of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), primarily tasked with conducting high-stakes and clandestine operations abroad. Established under the GRU, Unit 29155 gained public attention due to its involvement in activities that align with Russia's asymmetric warfare objectives, particularly in Europe, Ukraine, and NATO-affiliated regions. Unit 29155 operates in several domains, from traditional espionage and sabotage to cyber operations. Figure 1 WANTED: GRU Unit 29155 [1] Unit 29155 has significantly intensified operations since 2020, pivoting from covert actions in Europe toward a greater emphasis on cyber operations with a focus on undermining Ukraine and NATO allies through espionage, data manipulation, and sabotage. Primary TTPs Espionage and Data Theft Unit 29155 conducts extensive espionage ca...