In Evidence
Restricted Area
“Restricted Area” is born: a new exclusive channel in Italian and English on the latest cyber security researcher JAMESWT hunting, documented with pictures. For the moment it’s open, but soon it will only be visible by subscription.
Defence
7 December 2022
Baghdad sends reinforcements and equipment to counter growing violations of its national sovereignty. Kurdistan, on the other hand, receives international aid for security.
6 December 2022
According to a new law, only 1 foreign vessel will be able to pass at a time and notify it 3 months in advance. Also, submarines will have to navigate on the surface.
5 December 2022
The most accredited hypothesis is that it is due to logistical needs (supplying the front line with ammunition). This suggests that Ankara lacks advanced Combat Service Support.
2 December 2022
Overview of the situation in waters around the world in the last month, by the Italian company thanks to its M.A.R.E. intelligence platform.
1 December 2022
It will be the first in Africa and will operate from Johannesburg. The initiative confirms Moscow's interest in extending its influence on the continent.
30 November 2022
The letter, addressed to the ambassador, exploded when an employee of the diplomatic office opened it, wounding him slightly. It is unclear whether the attack is related to the war with Russia.
30 November 2022
Pro-ISIS jihadists want to raise their heads by taking advantage of the Turkish Claw-Sword operation in northern Kurdistan, but SDF and Inherent Resolve had foreseen this.
29 November 2022
Moscow doesn’t want to get involved Ankara-Kurds conflict. Meanwhile, the TAF intensifies raids against the SDF command and control centers and sources of supply.
Cyber
7 December 2022
The link in the email points to a fake Word page where the user is pre-set and only the password needs to be entered. Warning, it's a scam!
6 December 2022
Check Point cybersecurity experts: The leaked database is a re-use of an older 2019 Facebook leak, but it’s still dangerous for vishing and smishing.
5 December 2022
Volexity cybersecurity experts: The North Korea’s APT uses a fake trading website, that mimic a legit one, and DLL Side-loading to distribute the malware.
2 December 2022
It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
1 December 2022
An email asks to open a link to read them. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
30 November 2022
The doc attachment contacts a link, exploiting the Equation Editor vulnerability, and downloads an exe: the malware. Data is then exfiltered via SMTP to an email address.
29 November 2022
The doc attachment contacts a link, also used for Lokibot, and downloads the malware. The stolen data is exfiltrated to an email via SMTP.
28 November 2022
The message template is identical to the previous one, except for the dates and the name of the attachment: 25_153325_221122_113030.7z. Inside is an exe, the malware, which exfiltrates stolen data via SMTP.