Adversary

DragonSpark Attacks Evade Detection With SparkRAT And Golang Source Code Interpretation 1

DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation

A cluster of attacks SentinelLabs tracks as DragonSpark uses a novel technique, Golang source code interpretation, to avoid detection while also deploying a little-known tool called SparkRAT.

Read More
NoName05716 The Pro Russian Hacktivist Group Targeting NATO 2

NoName057(16) – The Pro-Russian Hacktivist Group Targeting NATO

In the name of Russia's war in Ukraine, NoName057(16) abuses GitHub and Telegram in an ongoing campaign to disrupt NATO's critical infrastructure.

Read More
Driving Through Defenses Targeted Attacks Leverage Signed Malicious Microsoft Drivers 8

Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers

Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.

Read More
The Sprawling Infrastructure Of A Careless Mercenary 3

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

The Void Balaur cyber mercenary group has thrived throughout 2022, attacking targets on a global scale with new phishing campaigns.

Read More
Targets Of Interest Russian Organizations Increasingly Under Attack By Chinese APTs 7

Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs

Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.

Read More
Moshen Dragons Triad And Error Approach Abusing Security Software To Sideload PlugX And ShadowPad 1

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad

Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.

Read More
AcidRain A Modem Wiper Rains Down On Europe 2

AcidRain | A Modem Wiper Rains Down on Europe

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Read More
Chinese Threat Actor Scarab Targeting Ukraine 13

Chinese Threat Actor Scarab Targeting Ukraine

Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.

Read More
Log4j2 In The Wild Iranian Aligned Threat Actor TunnelVision Actively Exploiting VMware Horizon 10

Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon

Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.

Read More
ModifiedElephant APT And The Decade Of Fabricating Terrorism 5

ModifiedElephant APT and a Decade of Fabricating Evidence

A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.

Read More