SentinelLabs Logo RGB WhitePurp
ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Amitai Ben Shushan Ehrlich

Amitai is a Threat Intelligence Researcher at SentinelOne who specializes in threat intelligence, incident response and threat hunting. Before joining SentinelOne, he spent two years responding to targeted and financially motivated incidents, focusing on attribution and characterization of threat actors. Previously, he spent over 5 years at the IDF as a threat researcher and a threat research team lead.
PyPI Phishing Campaign JuiceLedger Threat Actor Pivots From Fake Apps To Supply Chain Attacks 1
Crimeware

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

Amitai Ben Shushan Ehrlich / September 1, 2022

A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.

Read More

Threat Actor UAC-0056 Targeting Ukraine with Fake Translation Software

From the Front Lines | 3 minute read
Read More >
Log4j2 In The Wild Iranian Aligned Threat Actor TunnelVision Actively Exploiting VMware Horizon 10
Adversary

Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon

Amitai Ben Shushan Ehrlich / February 17, 2022

Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.

Read More
Wading Through Muddy Waters Recent Activity Of An Iranian State Sponsored Threat Actor 6
Advanced Persistent Threat

Wading Through Muddy Waters | Recent Activity of an Iranian State-Sponsored Threat Actor

Amitai Ben Shushan Ehrlich / January 12, 2022

MuddyWater APT's updated toolkit: an evolution of PowGoop malware, abuse of tunneling tools, and targeting of Exchange servers. MuddyWater's activities are attributed to the Iranian Ministry of Intelligence by U.S. Cyber Command.

Read More
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education 1
Adversary

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education

Amitai Ben Shushan Ehrlich / September 30, 2021

Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.

Read More
From Wiper To Ransomware The Evolution Of Agrius 7
Adversary

From Wiper to Ransomware | The Evolution of Agrius

Amitai Ben Shushan Ehrlich / May 25, 2021

New threat actor Agrius engages in espionage and destructive attacks, masquerades as ransomware with custom backdoor, wiper and malware.

Read More

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

  • FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
    May 8, 2025
  • Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
    April 28, 2025
  • AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
    April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2025 SentinelOne, All Rights Reserved.