I use the label “APT29,” also known as Cozy Bear, The Dukes, NOBELIUM, and—under Microsoft’s taxonomy—Midnight Blizzard. Public reporting predominantly attributes this actor to Russia’s Foreign Intelligence Service (SVR), and the multiple aliases reflect vendor naming schemes. Objectives and targeting I observe a primary espionage focus on governments, diplomatic missions, think tanks, IT/Cloud providers, and…
I had long wanted to examine the intelligence employed during the Second World War. Drawing on the training I received at the École de Guerre Économique (EGE), I present here a neutral, factual synthesis, accompanied by full references as well as the original document that served as my source. This article synthesizes the report Secret…
I am sharing an analysis of two groups making headlines in the cybersecurity landscape, along with the sp1d3rhunters malware.All information comes from open sources, so you can verify every detail presented in this article. I wish you an excellent read. 1. General overview and history: ShinyHunters is a financially motivated hacking group that emerged in…
I adapted this article from my LinkedIn newsfeed to highlight not only a new cyber threat but also a brilliant cybersecurity researcher: Ms. Tammy HARPER. She published a detailed article on July 10, 2025, exposing a new exploitation framework named MIKRONET that has been put up for sale on Russian-speaking forums. Sold for $2,800 per…
I am revisiting the advisory published on July 22, 2025, in which several U.S. and North American government agencies issued a joint cybersecurity advisory regarding the Interlock ransomware, specifically targeting businesses and critical infrastructure across North America and Europe. This advisory stems from recent investigations conducted by the Federal Bureau of Investigation (FBI), the Cybersecurity…
A Flagship Forum of Russophone Cybercrime Here is a factual and neutral synthesis based on OSINT sources. The XSS forum (accessible via the domain xss.is) has emerged as one of the world’s leading cybercrime hubs, particularly within the Russian-speaking community. Originally launched in 2004 under the name DaMaGeLaB, this hacker forum has been active for…
