SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
Category

Labs

LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)

The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.

Read More

Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development

New PolyVice ransomware is likely in use by multiple threat actors building re-branded payloads with the same custom encryption scheme.

Read More

11 Problems ChatGPT Can Solve For Reverse Engineers and Malware Analysts

ChatGPT has captured the imagination of many across infosec. Here's how it can superpower the efforts of reversers and malware analysts.

Read More

LABScon Replay | Is CNVD ≥ CVE? A Look at Chinese Vulnerability Discovery and Disclosure

Vulnerability disclosure in the US lags behind China's NVD, which has a history of providing APT groups with exploits. How can researchers close the gap?

Read More

Driving Through Defenses | Targeted Attacks Leverage Signed Malicious Microsoft Drivers

Threat actors are abusing legitimately signed Microsoft drivers in active intrusions into telecommunication, BPO, MSSP, and financial services businesses.

Read More

The Mystery of Metador | Unpicking Mafalda’s Anti-Analysis Techniques

Discover the anti-analysis techniques of the Mafalda implant, a unique, feature-rich backdoor used by the Metador threat actor.

Read More

LABScon Replay | The Mystery of Metador

An elusive APT is attacking telcos, ISPs and Universities with custom backdoors and attack chains designed to bypass native security solutions.

Read More

LABScon Replay | Demystifying Threats to Satellite Communications in Critical Infrastructure

Satellite communications are an integral part of many Industrial Control Systems, but their usage in critical infrastructure continues to be misunderstood.

Read More

LABScon Replay | Are Digital Technologies Eroding the Principle of Distinction in War?

In recent conflicts, digital technology has become weaponized, eroding the traditional barriers that divide the roles of civilians and combatants.

Read More

SocGholish Diversifies and Expands Its Malware Staging Infrastructure to Counter Defenders

SocGholish operators continue to infect websites at a massive scale, and the threat actor is ramping up its infrastructure to match.

Read More