Adversary - Page 2 of 2 - SentinelOne
Category

Adversary

ModifiedElephant APT and a Decade of Fabricating Evidence

A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.

Read More

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education

Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.

Read More

MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll

In the midst of an epic troll on a country-wide railway system, we discovered a new threat actor and their reusable wiper called Meteor.

Read More

ThunderCats Hack the FSB | Your Taxes Didn’t Pay For This Op

Early fingerpointing at Western governments for a hack against the Russian government was misplaced. Our taxes didn’t pay for this one.

Read More

From Wiper to Ransomware | The Evolution of Agrius

New threat actor Agrius engages in espionage and destructive attacks, masquerades as ransomware with custom backdoor, wiper and malware.

Read More

Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol

A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there’s no patch in sight.

Read More

A Deep Dive into Zebrocy’s Dropper Docs

A new APT28 campaign targets Kazakhstan with Delphocy malware. We show how to reverse engineer the dropper and bypass the VBA macro’s password protection.

Read More

APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique

Vietnamese-linked APT group OceanLotus have innovated and imitated in their latest macOS trojan, while also leaving a mysterious hard-coded calling card.

Read More

Case Study: Catching a Human-Operated Maze Ransomware Attack In Action

Maze operators tailor attacks to the victim’s environment to evade detection. We show how they operate, and reveal a decoded HDA payload among other IOCs.

Read More

Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT

The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group

Read More