LLMs & Ransomware | An Operational Accelerator, Not a Revolution
LLMs make competent ransomware crews faster and novices more dangerous. The risk is not superintelligent malware, but rather industrialized extortion.
Read More
Malicious Apprentice | How Two Hackers Went From Cisco Academy to Cisco CVEs
Read how two Cisco Network Academy Cup winners went from students to operators behind Salt Typhoon, a global cyber espionage campaign targeting telecoms.
Read More
Censorship as a Service | Leak Reveals Public-Private Collaboration to Monitor Chinese Cyberspace
Data leak reveals how a top tier cybersecurity vendor helps the PRC enforce content monitoring and manipulation of public opinion in China.
Read More
China’s Influence Ops | Twisting Tales of Volt Typhoon at Home and Abroad
China's CVERC attempts to attribute Volt Typhoon activities to the U.S., but the fact-free claims reveal much about the PRC's real agenda.
Read More
China’s Cyber Revenge | Why the PRC Fails to Back Its Claims of Western Espionage
China's claims of hacks and espionage lack the rigorous technical detail seen in western threat intel. Why the asymmetry, and how does it benefit the PRC?
Read More
Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers
Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.
Read More
Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method.
Read More
A Threat Hunter’s Guide to the Mac’s Most Prevalent Adware Infections 2022
Mac adware is hidden, persistent, and evasive, fingerprinting devices and delivering custom payloads. Learn how to hunt it on macOS.
Read More
New macOS Malware XcodeSpy Targets Xcode Developers with EggShell Backdoor
Targeting software developers is one route to a successful supply chain attack. Now threat actors are going after Apple developers through the Xcode IDE.
Read More
Threat Intel | Cyber Attacks Leveraging the COVID-19/CoronaVirus Pandemic
At Sentinel Labs, we have been closely tracking adversarial behavior as it pertains to COVID-19/Coronavirus. To date, we have observed a significant number of malware campaigns, spam campaigns, and outright…
Read More