
The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis
Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
An elusive adversary is attacking high-value targets with impunity using novel malware frameworks and custom-built backdoors.

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.

AcidRain | A Modem Wiper Rains Down on Europe
As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine
A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.

Hacktivism and State-Sponsored Knock-Offs | Attributing Deceptive Hack-and-Leak Operations
Are there still real hacktivists out there or are they all a cover for state-sponsored operations?

AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro
SentinelLabs sets off to dispel the myth that Go malware is hard to reverse engineer. This suite of IDApython scripts will set you well on your way

EGoManiac | An Unscrupulous Turkish-Nexus Threat Actor
EGoManiac is a threat actor willing to spy on friend and foe and entrap journalists without compunction. Read our groundbreaking research.

MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll
In the midst of an epic troll on a country-wide railway system, we discovered a new threat actor and their reusable wiper called Meteor.