ABOUT

VISIT SENTINELONE.COM

Advanced Persistent Threat

Sandman APT China Based Adversaries Embrace Lua 19

Advanced Persistent Threat

Sandman APT | China-Based Adversaries Embrace Lua

Aleksandar Milenkoski / December 11, 2023

SentinelLABS, Microsoft, and PwC threat intelligence researchers provide attribution-relevant information on the Sandman APT cluster.

Elephant Hunting Inside An Indian Hack For Hire Group 9

Advanced Persistent Threat

Elephant Hunting | Inside an Indian Hack-For-Hire Group

Tom Hegel / November 16, 2023

Exploring the technical intricacies of Appin, a hack-for-hire group, revealing confirmed attribution and global threat activity, both old and new.

Arid Viper APTs Nest Of SpyC23 Malware Continues To Target Android Devices 1

Advanced Persistent Threat

Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices

Alex Delamotte / November 6, 2023

Hamas-aligned threat actor delivers spyware through weaponized apps posing as Telegram or Skipped messenger.

The Israel Hamas War Cyber Domain State Sponsored Activity Of Interest 6

Advanced Persistent Threat

The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest

Tom Hegel / October 24, 2023

Cyber warfare occurring amidst the Israel-Hamas war underscores the importance of keeping tabs on rising APTs and opportunistic hacktivists.

Sandman APT A Mystery Group Targeting Telcos With A LuaJIT Toolkit 4

Advanced Persistent Threat

Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit

Aleksandar Milenkoski / September 21, 2023

Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.

CapraTube Transparent Tribes CapraRAT Mimics YouTube To Hijack Android Phones 3

Advanced Persistent Threat

CapraTube | Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones

Alex Delamotte / September 18, 2023

Pakistan-aligned threat actor weaponizes fake YouTube apps on the Android platform to deliver mobile remote access trojan spyware.

JumpCloud Intrusion Attacker Infrastructure Links Compromise To North Korean APT Activity 5

Advanced Persistent Threat

JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity

Tom Hegel / July 20, 2023

North Korean state sponsored APT is behind a new supply chain attack on zero-trust directory platform JumpCloud.

Kimsuky Strikes Again New Social Engineering Campaign Aims To Steal Credentials And Gather Strategic Intelligence 5

Advanced Persistent Threat

Kimsuky Strikes Again | New Social Engineering Campaign Aims to Steal Credentials and Gather Strategic Intelligence

Aleksandar Milenkoski / June 6, 2023

Threat actor targets experts in North Korean affairs with spoofed URLs and weaponized Office documents to steal Google and other credentials.

Kimsuky Evolves Reconnaissance Capabilities In New Global Campaign 9

Advanced Persistent Threat

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign

Tom Hegel / May 4, 2023

DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.

Transparent Tribe 6

Advanced Persistent Threat

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector

Aleksandar Milenkoski / April 13, 2023

SentinelLABS has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).

1 2 3 4

Next

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

LABScon25 Replay | Breach Alpha: Trading on Cyber Fallout
May 14, 2026
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
May 7, 2026
LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience
May 6, 2026

Labs Categories

Crimeware
Security Research
LABScon
Advanced Persistent Threat
Adversary
Security & Intelligence
AI Research

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

LABScon25 Replay | Breach Alpha: Trading on Cyber Fallout
May 14, 2026
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
May 7, 2026
LABScon25 Replay | Please Connect to the Foreign Entity to Enhance Your User Experience
May 6, 2026

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2026 SentinelOne, All Rights Reserved.