Secret Blizzard – D E C E I V E R . I O

Deceive, Detect, Engage

Hunt: Snowblind – The Invisible Hand of Secret Blizzard

A sophisticated attacker, potentially the “Secret Blizzard” group, has gained access to the network and is actively attempting to establish persistence, evade detection, escalate privileges, and collect sensitive data. They are likely using custom malware with advanced anti-analysis capabilities and are targeting specific systems and data.

Snowblind – The Invisible Hand of Secret Blizzard

Secret Blizzard compromised command-and-control (C2) infrastructure used by Storm-0156, a Pakistani-based threat actor, to gain access to their targets’ networks and data. They leveraged Storm-0156’s existing access to deploy their own malware, “TwoDash” and “Statuezy,” into Afghan government networks. They also potentially acquired Storm-0156’s tools, C2 and target network credentials, and exfiltrated data from previous operations.

Tag: Secret Blizzard

Hunt: Snowblind – The Invisible Hand of Secret Blizzard

Snowblind – The Invisible Hand of Secret Blizzard

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense