All posts by webmaster@telsy.com

Make the Internet a Secure++ Word – The Internet Service Provider Role

Make the Internet a Secure++ Word – The Internet Service Provider Role

“The current world of telematic communications appears as fast-changing environment. The actors of this ecosystems are represented by billions of nodes that, every day, globally transmit a huge amount of data and information. With a factor directly proportional to the increase in these nodes and to the quantity and type of information in transit within it, the number and type of information that the community has learned to classify as “cyber threat” have also grown exponentially, by species and by potential risk factor.” This paper, written by security researcher Emanuele De Lucia, head of Cyber Security & Threat Intelligence Division of Telsy, highlights the state-of-the-art of current cyber threats and […]

The Lazarus’ gaze to the world: What is behind the first stone ?

The Lazarus’ gaze to the world: What is behind the first stone ?

// Introduction Lazarus (aka APT38 / Hidden Cobra / Stardust Chollima) is one of the more prolific threat actors in the APT panorama. Since 2009, the group leveraged its capability in order to target and compromise a wide range of targets; Over the time, the main victims have been government and defense institutions, organizations operating in the energy and petrochemical sector in addition to those operating in financial and banking one. The group has also a wide range of tools at its disposal; among these, it’s possible to catalog [D] DoS botnets, first stage implanters, remote access tools (RATs), keyloggers and wipers. This list of malicious tools has over time […]

The deadly link between zero-day exploit and DDOS botnet attacks

The deadly link between zero-day exploit and DDOS botnet attacks

The growing demand for connectivity and faster data transfer, along with new technology trends such as the Internet of Things (IoT) and the Artificial Intelligence (AI), combined withthe progressive implementation of the 5G network, are going to irreversibly reshape the pre-existing structure of cybersecurity at a global level. It is true that 5G network will bring new services, new capabilities, new technologies and new regulatory requirements, but it will also bring new security threats and an increased attack surface. With IoT inception many and different actors and devices with different security standards will become involved in the transition, requiring superior attack resilience and a faster response time to counter the […]

Our Embedded Engineer Andrea Molino was one of the speakers at the National Cryptography Association ”De componentis cifris ”

Our Embedded Engineer Andrea Molino was one of the speakers at the National Cryptography Association  ”De componentis cifris ”

On 14 October 2019, a member of our team, Eng. Andrea Molino, gave a speech at the event ”La De Cifris incontra Torino” , organized by De Componendis Cifris and held at Politecnico in Turin. The event was focused on successful advancements in cryptography research and applications. The initiative involved several experts from academic institutions and business operating in the cryptography sector. The main goal was fostering cooperation between those who work in the Italian crypto domain. The contribution given by Andrea dealt with implementation aspects of cryptography. He underlined: “security architecture and schemes cannot ignore hardware systems in which they are going to be implemented”. Andrea’s attendance to the […]

Hacking the Artificial Intelligence

Hacking the Artificial Intelligence

The enemies of the future will not necessarily need bombs, missiles or atomic weapons to instil terror in civilian populations. They will need only some tape, scissors and good practical skills and they can magically transform a stop sign into a green light in the eyes of a self-driving car, causing crashes and disorder. Using an Artificial Intelligence attack (AI attack) adversaries can manipulate AI systems in order to alter their behaviour to serve a malicious end goal. The real effect of these attacks grows as artificial intelligence and IoT systems are further integrated into critical components of society (e.g. smart grid, transportation, healthcare, military etc.). In fact, the AI […]

Cybersecurity & Cyberattacks, a Hand In Hand Development Through The Years

Cybersecurity & Cyberattacks, a Hand In Hand Development Through The Years

The birth of the internet and the digital era brought to the light the theme of “cybersecurity”, that over the past years gained more and more importance. Security, indeed, has always been a challenge for IT people and corporate organizations alike since the launching of the first internet network, ARPAnet. During the seventies, the first viruses appeared in this web, that was developed for military purposes and that later on  became a universal  tool. Robert Thomas was the engineer who developed the first malware called “creeper”. He realized that it was possible to move across networks through a computer program and leave a mark. Taking inspiration from Thomas’ malware, Ray […]

Telsy is working for the planet

Telsy is working for the planet

Plastic is a term derived from the Latin “plasticus”, an evolution of the Greek term “plastikos”, that was used to describe something capable of being easily modelled. Today “plastics” or “plastic materials” are the terms used to describe an extremely large family of very different materials with different characteristics, properties and uses, that with the actual increased production and everyday usage are now heavily contributing in damaging our planet. A quarter of the plastic waste produced is released into nature every year and 600,000 tonnes end up polluting the Mediterranean Sea. It’s the equivalent of roughly 563 plastic bottles being dumped into the Mediterranean Sea every second. The root cause […]

DeadlyKiss: Hit one to rule them all. Telsy discovered a probable still unknown and untreated APT malware aimed at compromising Internet Service Providers

DeadlyKiss: Hit one to rule them all. Telsy discovered a probable still unknown and untreated APT malware aimed at compromising Internet Service Providers

In the first days of September 2019, Telsy Cyber Threat Intelligence Unit received a variant of a strange and initially mysterious malware from a stream of thousands of samples coming from a partner operating in the telecommunications and internet connectivity sector. Although this sharing had not been accompanied by much information about it, it immediately seemed quite clear that the object under analysis was not something very common to be observed. Indeed, a clear picture emerged that led to the observation of an advanced, rare and extremely evasion-oriented malware, which implements effective layered obfuscation techniques and adopts many solutions dedicated to operate “under the radar”. Finding no publicly known evidence […]

Zebrocy relies on dropbox and remote template injection to supply its dishes to an institution of Eastern Europe diplomatic sector.

Zebrocy relies on dropbox and remote template injection to supply its dishes to an institution of Eastern Europe diplomatic sector.

// Introduction On the 22nd of August 2019, a new spear-phishing email message has been collected by Telsy CTI Team. This malicious email has been armed with an attached lure document designed to infect and steal data from victim systems after executing a sequence of multi-stage malicious instructions. // Actor Profiling Zebrocy has been considered for years a subgroup of Sofacy (aka APT28, aka Fancy Bear, aka Group 74). However, it appears very different from the latter mainly due to its lower level of sophistication and an extensive use of a deal of development languages. Zebrocy has also the tendency to acquire and use publicly available code from sharing platforms […]

PRIMITIVE BEAR USES A NATO-THEMED LURE DOCUMENT TO TARGET UKRAINIAN GOVERNMENT AND DEFENSE AGENCIES

PRIMITIVE BEAR USES A NATO-THEMED LURE DOCUMENT TO TARGET UKRAINIAN GOVERNMENT AND DEFENSE AGENCIES

Recently we catched a NATO-themed malicious lure document to be likely associated with a new PRIMITIVE BEAR operation conducted against Ukrainian defense and government agencies. According to its metadata, the document is newly created (exactly on 22/07/2019) and aims to replicate an official press release from the Main Directorate of Intelligence of the Ukrainian Ministry of Defense. The press release concerned a meeting between representatives of the Ukrainian Ministry of Information Policy, the Ukrainian Ministry of Foreign Affairs, the Ukrainian National Institute for Strategic Studies, and NATO’s Strategic Communications division. It’s originally entitled “Представники ГУР МО України провели брифінг для експертів зі стратегічних комунікацій країн – членів НАТО” or, translated […]

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close