Leonardo S.p.A. Data Breach Analysis
Published 1 month ago
ReaQta Threat Intelligence Team identified the malware used in an exfiltration operation against the defence contractor Leonardo S.p.A. The analysis of the malware, which we dubbed Fujinama, highlights its capabilities for data theft and exfiltration while maintaining a reasonably low-profile.
ReaQta Launches ReaQta-EON and Hive-Guard
Published 8 months ago
Introducing two new additions to the ReaQta suite of solutions, ReaQta-EON and Hive Guard.
Oil and Gas Supply-chain Phishing Campaign
Published 9 months ago
ReaQta has been tracking an extensive and long running spear-phishing campaign, targeting the supply-chain in the Oil & Gas industry, most likely for espionage purposes. The campaign started in 2018 and it’s still running today, with a new wave began on the first week of May. It is carefully prepared and executed, with attackers taking […]
MITRE ATT&CK Evaluation Confirms ReaQta-Hive Advanced Detection Capabilities
Published 10 months ago
The attack unfolded over 2 days in which the attackers gradually moved deeper into the network after obtaining initial access. The vast majority of operations were carried out using powershell, as opposed to custom tools and malware, in order to maintain a low detection profile. The evaluation goal is to show how tested solutions respond to the attack and what kind of visibility is provided along the entire kill-chain.
Spear-phishing campaign targeting Qatar and Turkey
Published 2 years ago
During our daily threat hunting activities we have come across a tweet reporting an active spear-phishing campaign apparently targeting Turkey. After an initial assessment we decided to investigate further, finding similarities with other campaigns active in the recent past and possibly coming from the same actors.
A dive into MuddyWater APT targeting Middle-East
Published 3 years ago
MuddyWater is a threat actor that caught our attention for their extensive use of “Living off the Land” attacks in a targeted campaign aimed at the Middle East. During our investigation we reconstruct the evolution of the vectors used and how the group operates to target their victims, evade detections and move laterally inside the compromised […]
Analysis of Dino, the French APT
Published 5 years ago
Eset published the analysis of Dino, a recently discovered APT that seems to be tied to the Animal Farm, the same group that allegedly developed Casper, Babar (previously analyzed by ReaQta) and Bunny.