Home » Archives pour David Bizeul

Walking on APT31 infrastructure footprints

November 10th, 2021 – SEKOIA.IO’s Cyber Threat Intelligence team had an in-depth look at  the APT31 intrusion set at the beginning of 2021 when the BfV (Bundesamt für Verfassungsschutz)¹ and McAfee² released some new information. A few months later, the...

An insider insights into Conti operations – Part two

The first blog post was focusing on Conti’s evolution and the leak’s context and analysis. In this second blog post, we will look into how to make simple detection rules to detect the techniques shown in the Conti manuals. The techniques are simple for most of...

An insider insights into Conti operations – Part one

This is the first of two blog posts, where we focus on the Conti ransomware group whose training material was recently leaked on a cybercrime forum. To provide some context to this analysis, we describe Conti’s evolution and success since its origin. We then...