• ABOUT
  • CVE DATABASE
  • CONTACT
  • VISIT SENTINELONE.COM
Back
  • ABOUT
  • CVE DATABASE
  • CONTACT
  • VISIT SENTINELONE.COM
Advanced Persistent Threat

Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years

Targeting organizations in SE Asia and Australia, Aoqin Dragon uses pornographic-themed lures and custom backdoors to conduct espionage operations.

Read More
Security & Intelligence

Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs

Phil Stokes / May 25, 2022

A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method.

Read More
Crimeware

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware

Juan Andrés Guerrero-Saade / May 19, 2022

Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.

Read More
Security Research

Putting Things in Context | Timelining Threat Campaigns

Tom Hegel / May 11, 2022

Visualizing data is integral to threat research. See how we used this timeline analysis tool to track activity in the Ukrainian cyber conflict.

Read More
Security Research

Vulnerabilities in Avast And AVG Put Millions At Risk

Kasif Dekel / May 5, 2022

Two high-severity flaws in popular end user security tools allow attackers to elevate privileges and compromise devices.

Read More
Adversary

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad

Joey Chen / May 2, 2022

Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.

Read More
Crimeware

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility

James Haughom / April 27, 2022

Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.

Read More
Crimeware

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise

Antonis Terefos / April 21, 2022

Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.

Read More
Security Research

Inside the Black Box | How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities

Kasif Dekel / April 13, 2022

A must-read for fuzzing fans, this post gives a detailed look at the advanced techniques used in our recent discovery of multiple bugs in Defender for IoT.

Read More
Adversary

AcidRain | A Modem Wiper Rains Down on Europe

Juan Andrés Guerrero-Saade / March 31, 2022

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Read More
Previous
1 2 3 … 14
Next

Search

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

  • Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
    Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years
    June 9, 2022
  • Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    May 25, 2022
  • CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    May 19, 2022

Labs Categories

  • Security Research
  • Security & Intelligence
  • Crimeware
  • Adversary
  • Advanced Persistent Threat

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

  • New from SentinelLabs! A new #typosquatting attack against the #PyPI repository targets enterprise Macs with a dis… https://t.co/YIKUYfqSDf38 days ago
  • We just released a research on a supply-chain attack against the Rust development community. We referred to it as… https://t.co/T6T3Cp5cWa44 days ago
  • The Centre for Cybersecurity Belgium (CCB) kindly invites you to its online CCB Share & Connect event – previousl… https://t.co/7yoL03kHyp61 days ago
  • New on #SentinelLabs! We have disclosed 10.0 CVSS vulnerabilities on Microsoft’s Azure Defender for IoT allowing u… https://t.co/cEnYqccXrV95 days ago

Recent Posts

  • Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
    May 25, 2022
  • CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
    May 19, 2022
  • Putting Things in Context | Timelining Threat Campaigns
    Putting Things in Context | Timelining Threat Campaigns
    May 11, 2022

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2022 SentinelOne, All Rights Reserved.