
NobleBaron | New Poisoned Installers Could Be Used In Supply Chain Attacks
Nobelium – the new face of APT29 – deploys poisoned installers against Ukrainian government targets in a possible supply chain attack.
Read More
Nobelium – the new face of APT29 – deploys poisoned installers against Ukrainian government targets in a possible supply chain attack.
Our analysis of the SUPERNOVA trojan reveals the differences between the legitimate DLL and the attacker’s implant, along with some new IoCs for detection.
A technical analysis of the SUNBURST stealthy APT including processes, services, and drivers. SentinelOne customers protected with no updates or configuration changes.
Cybercrime and nation state attacks haven’t come to a stop due to COVID-19. Here we describe a recent APT attack on a global brand prevented by SentinelOne.
TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT.
New threat intelligence on the ever-expanding toolset of North Korean APT Hidden Cobra (Lazarus) including IoCs for RATs, beacons, persistence and more.
Vitali Kremez dissecting the ‘Fin7’ malware chain that leverages malicious MS Office Macros and a JS loader.
Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems.