Search This Blog

Intelligence Corner

My blog to share open-source intelligence, often pertaining to state-sponsored cyber threats and research on national security questions.

Moving to sploited.blog

Get link
Facebook
X
Pinterest
Email
Other Apps

- May 12, 2025

For anyone following my posts, I'm migrating over to sploited.blog where I will continue to post with more frequency.

Get link
Facebook
X
Pinterest
Email
Other Apps

Comments

Russian GRU Unit 29155 recent operations

- November 01, 2024

Background Russian GRU military intelligence Unit 29155 (aka Cadet Blizzard, Ember Bear, FrozenVista, UNC2589) is a covert subunit of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU), primarily tasked with conducting high-stakes and clandestine operations abroad. Established under the GRU, Unit 29155 gained public attention due to its involvement in activities that align with Russia's asymmetric warfare objectives, particularly in Europe, Ukraine, and NATO-affiliated regions. Unit 29155 operates in several domains, from traditional espionage and sabotage to cyber operations. Figure 1 WANTED: GRU Unit 29155 [1] Unit 29155 has significantly intensified operations since 2020, pivoting from covert actions in Europe toward a greater emphasis on cyber operations with a focus on undermining Ukraine and NATO allies through espionage, data manipulation, and sabotage. Primary TTPs Espionage and Data Theft Unit 29155 conducts extensive espionage ca...

Ukraine halts natural gas transit to Europe citing national security concerns

- January 10, 2025

" Kyiv took the step on Jan. 1st to cut off revenue helping to fund Russia's war on Ukraine, having given time for alternative suppliers to be found, and supplies have been maintained in the EU " - Reuters Very interesting development today. Seems like this would have some profound implications for the geopolitical landscape, affecting alliances, economic policies, security strategies, etc. Slovakia considering retaliation against Ukraine according to Reuters on Thursday, Jan. 9th citing Slovakian Prime Minister Robert Fico: " ... threatened to cut emergency electricity supplies to Ukraine as Russia attacks its power grid, or reduce aid for Ukrainian refugees ". The move aims to reduce or remove Russia's leverage on Western European countries through the use of energy as a geopolitical tool, which affects Europe's energy security. European countries will face increased pressure to further diversify their energy sources to reduce their vulnerability to an...

- May 14, 2024

ESET's APT Activity Report Q4 2023-Q1 2024 summarizes observations of various advanced persistent threat (APT) groups documented by ESET researchers between October 2023 and March 2024. Their observations highlight the broader threat landscape investigated during this period of time and details trends, developments and tooling used by these threat actors. The public report proclaims to contain a fraction of what private ESET customers receive. China Chinese-aligned cyber espionage groups have traditionally targeted public facing applications for obtaining initial access on a target network. In many campaigns investigated by ESET and others, the groups leveraged one-day vulnerabilities against a range of appliances and software including VPNs, firewalls, Confluence, Exchange, and others. See ESETs report linked below for their detailed analysis on Chinese threat activity. Middle East According to ESET's research, a potentially Iranian-aligned threat group BladedFeline continued...