Tom Hegel

ABOUT

VISIT SENTINELONE.COM

Tom Hegel

Tom Hegel is a Principal Threat Researcher with SentinelOne. He comes from a background of detection and analysis of malicious actors, malware, and global events with an application to the cyber domain. His past research has focused on threats impacting individuals and organizations across the world, primarily targeted attackers.

Winter Vivern Uncovering A Wave Of Global Espionage 6

Advanced Persistent Threat

Winter Vivern | Uncovering a Wave of Global Espionage

Tom Hegel / March 16, 2023

SentinelLABS uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.

8220 Gang Cloud Threat: How to Investigate and Track?

From the Front Lines | 7 minute read

Cloud Credentials Phishing | Malicious Google Ads Target AWS Logins

From the Front Lines | 6 minute read

SEO Poisoning: Risks, Solutions & Indicators of Compromise

From the Front Lines | 6 minute read

NoName05716 The Pro Russian Hacktivist Group Targeting NATO 2

NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO

Tom Hegel / January 12, 2023

In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.

8220 Gang Cloud Botnet Targets Misconfigured Cloud Workloads

From the Front Lines | 6 minute read

The Sprawling Infrastructure Of A Careless Mercenary 3

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

Tom Hegel / September 22, 2022

The Void Balaur cyber mercenary group has thrived throughout 2022, attacking targets on a global scale with new phishing campaigns.

From the Front Lines | 8220 Gang Massively Expands Cloud Botnet to 30,000 Infected Hosts

From the Front Lines | 14 minute read

Targets Of Interest Russian Organizations Increasingly Under Attack By Chinese APTs 7

Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs

Tom Hegel / July 7, 2022

Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.

Threat Landscape | The Most Dangerous Cloud Attack Methods In The Wild Today

Cloud, For CISO/CIO | 6 minute read

1 2 3

Next

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
May 8, 2025
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
April 28, 2025
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2025 SentinelOne, All Rights Reserved.