ABOUT

VISIT SENTINELONE.COM

Adversary

Moshen Dragons Triad And Error Approach Abusing Security Software To Sideload PlugX And ShadowPad 1

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad

Joey Chen / May 2, 2022

Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.

AcidRain A Modem Wiper Rains Down On Europe 2

AcidRain | A Modem Wiper Rains Down on Europe

Juan Andrés Guerrero-Saade / March 31, 2022

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Chinese Threat Actor Scarab Targeting Ukraine 13

Chinese Threat Actor Scarab Targeting Ukraine

Tom Hegel / March 24, 2022

Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.

Log4j2 In The Wild Iranian Aligned Threat Actor TunnelVision Actively Exploiting VMware Horizon 10

Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon

Amitai Ben Shushan Ehrlich / February 17, 2022

Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.

ModifiedElephant APT And The Decade Of Fabricating Terrorism 5

ModifiedElephant APT and a Decade of Fabricating Evidence

Tom Hegel / February 9, 2022

A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education 1

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education

Amitai Ben Shushan Ehrlich / September 30, 2021

Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.

MeteorExpress Mysterious Wiper Paralyzes Iranian Trains With Epic Troll 7

MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll

Juan Andrés Guerrero-Saade / July 29, 2021

In the midst of an epic troll on a country-wide railway system, we discovered a new threat actor and their reusable wiper called Meteor.

ThunderCats Hack The FSB Your Taxes Didnt Pay For This Op 5

ThunderCats Hack the FSB | Your Taxes Didn’t Pay For This Op

Juan Andrés Guerrero-Saade / June 8, 2021

Early fingerpointing at Western governments for a hack against the Russian government was misplaced. Our taxes didn’t pay for this one.

From Wiper To Ransomware The Evolution Of Agrius 7

From Wiper to Ransomware | The Evolution of Agrius

Amitai Ben Shushan Ehrlich / May 25, 2021

New threat actor Agrius engages in espionage and destructive attacks, masquerades as ransomware with custom backdoor, wiper and malware.

Copy Of Relaying Potatoes DCE RPC NTLM Relay EOP 7

Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol

Antonio Cocomazzi / April 26, 2021

A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there’s no patch in sight.

1 2 3 4

Next

Search

Search ...

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Recent Posts

FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
May 8, 2025
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
April 28, 2025
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
April 9, 2025

Labs Categories

Crimeware
Security Research
Advanced Persistent Threat
Adversary
LABScon
Security & Intelligence

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Recent Posts

FreeDrain Unmasked | Uncovering an Industrial-Scale Crypto Theft Network
May 8, 2025
Top Tier Target | What It Takes to Defend a Cybersecurity Company from Today’s Adversaries
April 28, 2025
AkiraBot | AI-Powered Bot Bypasses CAPTCHAs, Spams Websites At Scale
April 9, 2025

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

Twitter
LinkedIn

©2025 SentinelOne, All Rights Reserved.