Advanced Persistent Threat

Op Digital Eye Ftr

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Aleksandar Milenkoski & Luigi Martire (Tinexta Cyber) /

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe.

Read More
BNThief Feature

BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence

SentinelLabs has observed a suspected DPRK threat actor targeting Crypto-related businesses with novel multi-stage malware.

Read More
ChamelGang Ftr 5

ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware

Aleksandar Milenkoski & Julian-Ferdinand Vögele (Recorded Future) /

Threat actors in the cyberespionage ecosystem are using ransomware for financial gain, disruption, distraction, misattribution, and the removal of evidence.

Read More
I Soons Data Breach The Leak That Revealed Chinas Cyber Operations 5

Unmasking I-Soon | The Leak That Revealed China’s Cyber Operations

The I-Soon leak reveals the maturing nature of China’s cyber espionage and a competitive hacker marketplace driven by government demands.

Read More
A Glimpse Into Future ScarCruft Campaigns Attackers Gather Strategic Intelligence And Target Cybersecurity Professionals 20

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

New ScarCruft activity suggests the adversary is planning to target cybersecurity professionals and businesses.

Read More
Sandman APT China Based Adversaries Embrace Lua 19

Sandman APT | China-Based Adversaries Embrace Lua

SentinelLabs, Microsoft, and PwC threat intelligence researchers provide attribution-relevant information on the Sandman APT cluster.

Read More
Elephant Hunting Inside An Indian Hack For Hire Group 9

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Exploring the technical intricacies of Appin, a hack-for-hire group, revealing confirmed attribution and global threat activity, both old and new.

Read More
Arid Viper APTs Nest Of SpyC23 Malware Continues To Target Android Devices 1

Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices

Hamas-aligned threat actor delivers spyware through weaponized apps posing as Telegram or Skipped messenger.

Read More
The Israel Hamas War Cyber Domain State Sponsored Activity Of Interest 6

The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest

Cyber warfare occurring amidst the Israel-Hamas war underscores the importance of keeping tabs on rising APTs and opportunistic hacktivists.

Read More
Sandman APT A Mystery Group Targeting Telcos With A LuaJIT Toolkit 4

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit

Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.

Read More