CYBER
ESPIONAGE
(APT)
If you can read French, I have written a book about cyberespionage, available on Amazon or in French libraries.
Thanks to my editor, Editions Eyrolles.
They wrote about it:
Cyber-Securite.fr
Cybertactique
Stéphane Bortzmeyer
M82 Project
This page lists all public cyberespionage (APT) publications I’ve worked on through time.
2022
Delving Deep: An Analysis of Earth Lusca’s Operations
Summary – Full paper
(in collab with Joseph C Chen, Kenney Lu, Gloria Chen, Jaromir Horejsi, Daniel Lunghi)
2021
Void Balaur and the Rise of the Cybermercenary Industry
Summary – Full paper
(in collaboration with Feike Hacquebord)
Journalists about it: Forbes – Le Monde – Le Figaro – 20 Minutes – The Hacker News – Threat Post
TechTarget – CSO Online – BleepingComputer – The Record – DarkReading – India Times
2020
Operation DRBControl – Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia
Summary – Full paper
(in collaboration with Daniel Lunghi, Kenney Lu, and Jamz Yaneza)
Journalists about it: BleepingComputer – CyberSecurityHelp
2019
Summary – Full paper
(in collaboration with Feike Hacquebord)
Journalists about it: Financial Post – CyberSecurity Europe – Intelligent CISO
—
Obfuscated APT33 C&Cs Used for Narrow Targeting
Full research
(in collaboration with Feike Hacquebord & Kenney Lu)
Journalists about it: ZDNet – Threat Post – DarkReading – SecurityWeek – TechRadar – Binary Defense – CyberScoop – Infosecurity Magazine – CybersecurityHelp – GBHackers
—
New SLUB Backdoor Uses GitHub, Communicates via Slack
Full research
(in collab with Elliot Cao, Jaromir Horejsi, Joseph C Chen, William Gamazo Sanchez)
Journalists about it: ZDNet – SecurityWeek – BleepingComputer – Security Intelligence – The Register – Le Monde Informatique – HackRead – TechCentral
2017
Untangling the Patchwork Cyberespionage Group
Summary – Full paper
(in collaboration with Daniel Lunghi, Jaromir Horejsi)
Journalists about it: SecurityWeek
—
Winnti Abuses GitHub for C&C Communications
Full research
(in collaboration with CSS Team)
Journalists about it: InfoWorld
2015
Operation Iron Tiger: Exploring Chinese Cyber-Espionage Attacks on United States Defense Contractors
Full paper
(in collaboration with Ziv Chang, Kenney Lu, Aaron Luo, Jay Yaneza)
Journalists about it: Forbes – SecurityWeek – TripWire – Infosecurity Magazine
—
The Spy Kittens Are Back: Rocket Kitten 2
Full paper
(in collaboration with Eyal Sela, ClearSky)
Journalists about it: SecurityWeek – SCMagazine – The Register – DarkReading – Softpedia – CyberSecurityIntelligence
—
Operation Woolen Goldfish – When Kittens Go Phishing
Summary – Full paper
(in collaboration with Kenney Lu)
Journalists about it: SecurityWeek – CyberDefenseMagazine – SpamFighter – HelpNetSecurity
2014
Operation Pitty Tiger – “The Eye of the Tiger”
Full paper
(in collab with Fabien Perigaud, Ronan Mouchoux, David Bizeul)
Journalists about it: HelpNetSecurity – SecurityWeek – InCyber – Zataz