sentinelone
labs
The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis
Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.
Read More
labs
The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities
An elusive adversary is attacking high-value targets with impunity using novel malware frameworks and custom-built backdoors.
Read More
labs
CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.
Read More
labs
AcidRain | A Modem Wiper Rains Down on Europe
As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.
Read More
labs
HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine
A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.
Read More
labs
Hacktivism and State-Sponsored Knock-Offs | Attributing Deceptive Hack-and-Leak Operations
Are there still real hacktivists out there or are they all a cover for state-sponsored operations?
Read More
labs
AlphaGolang | A Step-by-Step Go Malware Reversing Methodology for IDA Pro
SentinelLabs sets off to dispel the myth that Go malware is hard to reverse engineer. This suite of IDApython scripts will set you well on your way
Read More
labs
EGoManiac | An Unscrupulous Turkish-Nexus Threat Actor
EGoManiac is a threat actor willing to spy on friend and foe and entrap journalists without compunction. Read our groundbreaking research.
Read More
labs
MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll
In the midst of an epic troll on a country-wide railway system, we discovered a new threat actor and their reusable wiper called Meteor.
Read More