RUAG Breach – A lesson in cyber espionage tradecraft tools & techniques

Following a successful data breach of Swiss defense contractor RUAG – specialising in aerospace technology – the Swiss Governmental Computer Emergency Response Team (GovCERT) took the unusual step of publishing a comprehensive data breach report. The reasons given for publishing the report: …to give organizations the chance to check their networks for similar infections, and to show the modus operandi of the attacker group. You can download the summary technical report here (PDF) – 2 pages And the full espionage report here (PDF) – 34 Pages If the full report is a little TL;DR for your time or taste – or even Read More

Anatomy of a Spear Phishing attack

Competent IT network admins have upped their security game. They’re constantly on the lookout for news on vulnerabilities, implementing necessary vendor patches and updates with gusto, and even scanning their own systems for open doorways and weaknesses. This is all good and necessary stuff. The upshot is that perimeter defences are strong, there’s a diminishing attack surface and criminals are finding it increasingly difficult to locate low-hanging fruit. THE FLIP SIDE As with the famous Maginot Line, criminals are going around the wall and targeting the ‘meatware’ or ‘human OS’. Every single day, grim news headlines confirm the above assertion. Given Read More