GSC Research

@[email protected]
4 Followers
5 Following
22 Posts
Global Security Challenges :: Research and Consulting
GSC R&Chttps://gsc-rc.net/
GSC ResearchMay 13, 2023
As correctly stated by @pmelson , intelligence analysis is not an inherently technical discipline, but by its very nature, cyber threat intelligence is. To be good at CTI requires both the competence to understand raw technical data in context as well as the analytical rigor to draw sound conclusions from it. The telltale sign of a classically trained intel analyst moving into CTI unprepared is an over-reliance on other reporting and analysis without challenging technical details or supporting prior reports with additional technical artifacts collected independently.
Show threadGSC ResearchFeb 16, 2022

@dober

"while we are warning our customers to prepare themselves and their operations, we are confident that we can weather these cyber attacks. We should prepare, but not panic because our perceptions are also the target [of the adversary]."

https://www.mandiant.com/resources/ukraine-crisis-prepare-not-panic

The Ukraine Cyber Crisis: We Should Prepare, But Not Panic | Mandiant

Show threadGSC ResearchJan 17, 2022
Destructive malware targeting Ukrainian organizations: technical blog post by #MSTIC : https://www.microsoft.com/security/blog/2022/01/15/destructive-malware-targeting-ukrainian-organizations/
Destructive malware targeting Ukrainian organizations - Microsoft Security Blog

Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.

Microsoft Security Blog
GSC ResearchJan 17, 2022
Samples of #WhisperGate (VXUG) aka #attack13 (DG) aka DEV-0586 (MSTIC) - the MBR Overwriter targeting Gov #Ukraine https://samples.vx-underground.org/APTs/2022/2022.01.15/Samples/ (pass "infected")
vx-underground - Directory

Show threadGSC ResearchJan 14, 2022
New official version: not a #vulnerability in OctoberCMS but supply chain attack. https://cip.gov.ua/ua/news/derzhspeczv-yazku-z-yasuvala-yak-khakeri-zlamali-saiti-derzhustanov-sho-stalosya (currently UA only, sorry). Company not named, but rumored to be Kitsoft Ukraine
Державна служба спеціального зв’язку та захисту інформації України

Вебсайт Державної служби спеціального зв’язку та захисту інформації України

GSC ResearchDec 27, 2021
In short, they are proposing to break the internet totally. https://crowdsec.net/log4j-tracker/
The CrowdSec Log4J worldwide threat tracker

Check our full Log4J threat report and find out more about attackers trying to exploit the vulnerability, as reported by the CrowdSec community.

The open-source & collaborative IPS
Show threadGSC ResearchDec 20, 2021
Sample: https://samples.vx-underground.org/samples/Families/Log4J%20Malware/Mirai/
vx-underground - Directory

GSC ResearchDec 20, 2021
#VXUnderground published a first worm sample that uses a #Log4Shell to install Monero-miner.
Self-propagating #Mirai-bot identified by security researcher [email protected]