Threat Inteliigence / OSINT / NETSEC / NATSEC

A brief look at cyber operations in the context of hostilities

Recent related events clearly show the intentions of the Kremlin, which decided to invade Ukraine, potentially threatening the entire territory of the state. In the context of military operations, there is often talk of the role of cyber operations as supporting or even replacing kinetic operations. Especially the latter use awakens the imagination - the media and commentators point out [...]

In the wilderness of mirrors - attribution in the context of threat intelligence

One of the most polarizing and imaginative issues in the practice of analyzing hostile activity is attribution, i.e. an attempt to define specific entities, organizations or persons responsible for the operation. The interest in "who did it" should come as no surprise - the process of analyzing cyber activity often takes the exact opposite of investigating "ordinary" crimes. […]