__ ___ __ / /_____< /___ _____/ / __ / __/ ___/ / __ `/ __ / |/_/ / /_/ / / / /_/ / /_/ /> < \__/_/ /_/\__,_/\__,_/_/|_|home | about | articles | intel | contact
tr1adx Intelligence Bulletin (TIB) 00003: Bear Spotting Vol. 1: Russian Nation State Targeting of Government and Military Interests
[Published: January 9, 2017] [Last Updated: January 15, 2017]
The tr1adx team performs on-going research into Threat Actors, irrespective of their motivation, provenance, or targets. tr1adx Intelligence Bulletin #00003 shares intel on Russian Nation State Cyber Activity targeting Government and Military interests around the world. Please note this is an active bulletin, meaning we will occassionally add intel and information to this bulletin as we uncover new campaigns, targets or actors which meet the criteria.
tr1adx's research was able to identify targets in various countries and/or regions, including:
TTP's associated with Russian Nation State Threat Actors (Civil and Military Intelligence/GRU/APT28/APT29) allow us to track these Threat Actors' activities with a high/moderate degree of confidence, and follow their trail of breadcrumbs through past, present, and future campaigns. While, for operational security reasons, we cannot go into detail on our techniques, practices, and sources for intelligence collection and analysis, we can say that the majority of the information published in this bulletin is based on in-depth research leveraging available Open Source Intelligence (OSINT) sources. In a few cases, intel data has been enriched by, derived from, and collected through other non-OSINT means.
Indicators of Compromise
Added on 2017-01-15:
Added on 2017-01-09:
Indicators of Compromise (IOCs) [Downloadable Files]:
If a log search for any of these Indicators of Compromise returns positive hits, we recommend you initiate appropriate cyber investigative processes immediately and engage Law Enforcement where appropriate.