Advanced Persistent Threat - SentinelOne

Advanced Persistent Threat

Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.

Read More

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign

DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.

Read More

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector

SentinelLabs has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).

Read More

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks

Cyber espionage actor deploys custom credential theft malware in new campaign targeting the telecoms sector.

Read More

Winter Vivern | Uncovering a Wave of Global Espionage

SentinelLabs uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.

Read More

The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques

Discover the anti-analysis techniques of the Mafalda implant, a unique, feature-rich backdoor used by the Metador threat actor.

Read More

WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware

Precision targeting of critical infrastructure industries indicates espionage-related activity by an unattributed Chinese-speaking threat group.

Read More

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

An elusive adversary is attacking high-value targets with impunity using novel malware frameworks and custom-built backdoors.

Read More

Aoqin Dragon | Newly-Discovered Chinese-linked APT Has Been Quietly Spying On Organizations For 10 Years

Targeting organizations in SE Asia and Australia, Aoqin Dragon uses pornographic-themed lures and custom backdoors to conduct espionage operations.

Read More

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine

A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.

Read More