Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.
Read More
A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.
A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.
A cluster of attacks SentinelLabs tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.
In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.
Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.
The Void Balaur cyber mercenary group has thrived throughout 2022, attacking targets on a global scale with new phishing campaigns.
Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.
Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.
As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.
Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.