Adversary

FIN7 AvNeuralizer Ftr

FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks

This research explores how FIN7 has adopted automated attack methods and developed defense evasion techniques previously unseen in the wild.

Read More
Capra Remix V2 Ftr

CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts

SentinelLabs has identified four new CapraRAT APKs associated with suspected Pakistan state-aligned actor Transparent Tribe.

Read More
Acid Pour Bg

AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine

SentinelLabs has discovered a novel malware variant of AcidRain that could be targeting telecoms networks in Ukraine.

Read More
Doppelganger Russia Aligned Influence Operation Targets Germany 2

Doppelgänger | Russia-Aligned Influence Operation Targets Germany 

Doppelgänger, a sophisticated Russia-aligned operation, targets German public opinion with disinformation ahead of elections.

Read More
Gaza Cybergang Unified Front Targeting Hamas Opposition 13

Gaza Cybergang | Unified Front Targeting Hamas Opposition

Cluster of threat groups continues on trajectory to consolidate with shared victims, TTPs and evolving malware.

Read More
Cyber Soft Power Chinas Continental Takeover 14

Cyber Soft Power | China’s Continental Takeover

China-aligned threat actors are increasingly involved in strategic intrusions in Africa, aiming to extend the PRC's influence across the continent.

Read More
Chinese Entanglement DLL Hijacking In The Asian Gambling Sector By Aleksandar Milenkoski And Tom Hegel 5

Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector

Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.

Read More
Comrades In Arms North Korea Compromises Sanctioned Russian Missile Engineering Company 1

Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company

North Korean threat actors attempt to further missile program by compromising sanctioned Russian defense company with OpenCarrot backdoor.

Read More
Operation Magalenha Long Running Campaign Pursues Portuguese Credentials And PII 3

Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII

A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.

Read More
Kimsuky Ongoing Campaign Using Tailored Reconnaissance Toolkit 1

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit

North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.

Read More