Research Saturday 1.22.22
Ep 216 | 1.22.22

A collaboration stumbles upon threat actor Lyceum.

Show Notes

Guest Rob Boyce, Accenture's Global Lead for Cyber Incident Response and Transformation Services, joins Dave to discuss joint research done by Accenture’s Cyber Threat Intelligence (ACTI) group and Prevailion’s Adversarial Counterintelligence Team (PACT). The teams dug into recently publicized campaigns of the cyber espionage threat group Lyceum (aka HEXANE, Spirlin) to further analyze the operational infrastructure and victimology of this actor. The team’s findings corroborate and reinforce previous ClearSky and Kaspersky research indicating a primary focus on computer network intrusion events aimed at telecommunications providers in the Middle East. Additionally, the research expands on this victim set by identifying additional targets within internet service providers (ISPs) and government agencies. Although all victim-identifying information has been redacted, this report seeks to provide these targeted industry and geographic verticals with additional knowledge of the threat and mitigation opportunities.

The research can be found here: