en
Get a Demo
Navigation Arrow Left Back
Navigation Close
Get a Demo

Adversary

Cyber Soft Power Chinas Continental Takeover 14
Adversary

Cyber Soft Power | China’s Continental Takeover
Tom Hegel /

China-aligned threat actors are increasingly involved in strategic intrusions in Africa, aiming to extend the PRC's influence across the continent.

Read More
Chinese Entanglement DLL Hijacking In The Asian Gambling Sector By Aleksandar Milenkoski And Tom Hegel 5
Adversary

Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
Aleksandar Milenkoski /

Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.

Read More
Comrades In Arms North Korea Compromises Sanctioned Russian Missile Engineering Company 1
Adversary

Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company
Tom Hegel /

North Korean threat actors attempt to further missile program by compromising sanctioned Russian defense company with OpenCarrot backdoor.

Read More
Operation Magalenha Long Running Campaign Pursues Portuguese Credentials And PII 3
Adversary

Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII
Aleksandar Milenkoski /

A Brazilian threat actor is targeting users of over 30 Portuguese financial institutions with custom backdoors.

Read More
Kimsuky Ongoing Campaign Using Tailored Reconnaissance Toolkit 1
Adversary

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
Aleksandar Milenkoski /

North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.

Read More
Dissecting AlienFox The Cloud Spammers Swiss Army Knife 13
Adversary

Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
Alex Delamotte /

A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.

Read More
WIP26 Espionage Threat Actors Abuse Cloud Infrastructure In Targeted Telco 4
Adversary

WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks
Aleksandar Milenkoski /

A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.

Read More
DragonSpark Attacks Evade Detection With SparkRAT And Golang Source Code Interpretation 1
Adversary

DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation
Aleksandar Milenkoski /

A cluster of attacks SentinelLabs tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.

Read More
NoName05716 The Pro Russian Hacktivist Group Targeting NATO 2
Adversary

NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO
Tom Hegel /

In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.

Read More
Driving Through Defenses Targeted Attacks Leverage Signed Malicious Microsoft Drivers 8
Adversary | Security & Intelligence

Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers
sentinellabs /

Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.

Read More
1 2 3