SentinelLabs Logo RGB WhitePurp
ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Aleksandar Milenkoski

Aleksandar Milenkoski is a Senior Threat Researcher at SentinelLabs. With expertise in malware research and focus on targeted attacks, he brings a blend of practical and deep insights to the forefront of cyber threat intelligence. Aleksandar has a PhD in system security and is the author of numerous reports on cyberespionage and high-impact cybercriminal operations, conference talks, and peer-reviewed research papers. From 2011 to 2014, he was a European Commission Marie Skłodowska-Curie Research Fellow. His research has won awards from SPEC, the Bavarian Foundation for Science, and the University of Würzburg.
Op Digital Eye Ftr
labs
Advanced Persistent Threat

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Aleksandar Milenkoski & Luigi Martire (Tinexta Cyber) / December 10, 2024

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe.

Read More
Doppelganger Russia Aligned Influence Operation Targets Germany 2
labs
Adversary

Doppelgänger | Russia-Aligned Influence Operation Targets Germany 

Aleksandar Milenkoski / February 22, 2024

Doppelgänger, a sophisticated Russia-aligned operation, targets German public opinion with disinformation ahead of elections.

Read More
A Glimpse Into Future ScarCruft Campaigns Attackers Gather Strategic Intelligence And Target Cybersecurity Professionals 20
labs
Advanced Persistent Threat

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

Aleksandar Milenkoski & Tom Hegel / January 22, 2024

New ScarCruft activity suggests the adversary is planning to target cybersecurity professionals and businesses.

Read More
Gaza Cybergang Unified Front Targeting Hamas Opposition 13
labs
Adversary

Gaza Cybergang | Unified Front Targeting Hamas Opposition

Aleksandar Milenkoski / December 14, 2023

Cluster of threat groups continues on trajectory to consolidate with shared victims, TTPs and evolving malware.

Read More
Sandman APT China Based Adversaries Embrace Lua 19
labs
Advanced Persistent Threat

Sandman APT | China-Based Adversaries Embrace Lua

Aleksandar Milenkoski / December 11, 2023

SentinelLABS, Microsoft, and PwC threat intelligence researchers provide attribution-relevant information on the Sandman APT cluster.

Read More
Sandman APT A Mystery Group Targeting Telcos With A LuaJIT Toolkit 4
labs
Advanced Persistent Threat

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit

Aleksandar Milenkoski / September 21, 2023

Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.

Read More
Chinese Entanglement DLL Hijacking In The Asian Gambling Sector By Aleksandar Milenkoski And Tom Hegel 5
labs
Adversary

Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector

Aleksandar Milenkoski / August 17, 2023

Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.

Read More
Kimsuky Strikes Again New Social Engineering Campaign Aims To Steal Credentials And Gather Strategic Intelligence 5
labs
Advanced Persistent Threat

Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

Aleksandar Milenkoski / June 6, 2023

Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.

Read More
Operation Magalenha Long Running Campaign Pursues Portuguese Credentials And PII 3
labs
Adversary

Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII

Aleksandar Milenkoski / May 25, 2023

A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.

Read More
Kimsuky Ongoing Campaign Using Tailored Reconnaissance Toolkit 1
labs
Adversary

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit

Aleksandar Milenkoski / May 23, 2023

North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.

Read More
Previous
1 2 3
Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

  • FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    May 8, 2025
  • Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    April 28, 2025
  • AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2025 SentinelOne, All Rights Reserved.