ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

en

English
日本語
Deutsch
Español
Français
Italiano
Dutch
한국어

ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Category

Adversary

WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks

Aleksandar Milenkoski / February 16, 2023

A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.

DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation

Aleksandar Milenkoski / January 24, 2023

A cluster of attacks SentinelLabs tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.

NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO

Tom Hegel / January 12, 2023

In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.

Adversary | Security & Intelligence

Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers

sentinellabs / December 13, 2022

Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

Tom Hegel / September 22, 2022

The Void Balaur cyber mercenary group has thrived throughout 2022, attacking targets on a global scale with new phishing campaigns.

Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs

Tom Hegel / July 7, 2022

Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad

Joey Chen / May 2, 2022

Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.

AcidRain | A Modem Wiper Rains Down on Europe

Juan Andrés Guerrero-Saade / March 31, 2022

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Chinese Threat Actor Scarab Targeting Ukraine

Tom Hegel / March 24, 2022

Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.

Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon

Amitai Ben Shushan Ehrlich / February 17, 2022

Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.

1 2

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
March 23, 2023
Winter Vivern | Uncovering a Wave of Global Espionage
March 16, 2023
IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks
March 9, 2023

Labs Categories

Crimeware
Security Research
Adversary
Advanced Persistent Threat
Security & Intelligence
LABScon

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

RT @SentinelOne: In @CyberScoopNews: "A years-long Chinese-aligned cyberespionage operation has been actively updating its abilities usin…4 days ago
RT @MigoKed: New #SentinelLabs discovery: "Tainted Love" APT targets Middle East telecoms, by @milenkowski @juanandres_gs @joeychen Fun fa…4 days ago
New Research -- "Tainted Love" APT Operation ✴️Targeting Middle East telecom. ✴️ Likely connected to a Chinese gro… https://t.co/GYsgcwydTr4 days ago
Great report from our friends at @redcanary https://t.co/8xjdslejlI5 days ago

Recent Posts

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
March 23, 2023
Winter Vivern | Uncovering a Wave of Global Espionage
March 16, 2023
IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks
March 9, 2023

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2023 SentinelOne, All Rights Reserved.