ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM
Doppelganger Russia Aligned Influence Operation Targets Germany 2
labs
Adversary

Doppelgänger | Russia-Aligned Influence Operation Targets Germany 
Aleksandar Milenkoski /

Doppelgänger, a sophisticated Russia-aligned operation, targets German public opinion with disinformation ahead of elections.

Read More
A Glimpse Into Future ScarCruft Campaigns Attackers Gather Strategic Intelligence And Target Cybersecurity Professionals 20
labs
Advanced Persistent Threat

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
Aleksandar Milenkoski & Tom Hegel /

New ScarCruft activity suggests the adversary is planning to target cybersecurity professionals and businesses.

Read More
Gaza Cybergang Unified Front Targeting Hamas Opposition 13
labs
Adversary

Gaza Cybergang | Unified Front Targeting Hamas Opposition
Aleksandar Milenkoski /

Cluster of threat groups continues on trajectory to consolidate with shared victims, TTPs and evolving malware.

Read More
Sandman APT China Based Adversaries Embrace Lua 19
labs
Advanced Persistent Threat

Sandman APT | China-Based Adversaries Embrace Lua
Aleksandar Milenkoski /

SentinelLabs, Microsoft, and PwC threat intelligence researchers provide attribution-relevant information on the Sandman APT cluster.

Read More
Sandman APT A Mystery Group Targeting Telcos With A LuaJIT Toolkit 4
labs
Advanced Persistent Threat

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
Aleksandar Milenkoski /

Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.

Read More
Chinese Entanglement DLL Hijacking In The Asian Gambling Sector By Aleksandar Milenkoski And Tom Hegel 5
labs
Adversary

Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
Aleksandar Milenkoski /

Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.

Read More
Kimsuky Strikes Again New Social Engineering Campaign Aims To Steal Credentials And Gather Strategic Intelligence 5
labs
Advanced Persistent Threat

Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence
Aleksandar Milenkoski /

Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.

Read More
Operation Magalenha Long Running Campaign Pursues Portuguese Credentials And PII 3
labs
Adversary

Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII
Aleksandar Milenkoski /

A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.

Read More
Kimsuky Ongoing Campaign Using Tailored Reconnaissance Toolkit 1
labs
Adversary

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
Aleksandar Milenkoski /

North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.

Read More
Transparent Tribe 6
labs
Advanced Persistent Threat

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector
Aleksandar Milenkoski /

SentinelLabs has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).

Read More
1 2 3