SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
Category

Labs

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise

Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.

Read More

Inside the Black Box | How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities

A must-read for fuzzing fans, this post gives a detailed look at the advanced techniques used in our recent discovery of multiple bugs in Defender for IoT.

Read More

AcidRain | A Modem Wiper Rains Down on Europe

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Read More

Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All

As if IoT & OT aren't hard enough to defend, we dive into five critical vulnerabilities in Microsoft Defender for IoT that leave the door wide open.

Read More

Chinese Threat Actor Scarab Targeting Ukraine

Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.

Read More

The Art and Science of macOS Malware Hunting with radare2 | Leveraging Xrefs, YARA and Zignatures

In the next part of our series on reversing macOS malware, we dig into identifying reused code across malware samples for hunting and detection.

Read More

Another Brick in the Wall: Uncovering SMM Vulnerabilities in HP Firmware

How we used Brick to discover six different vulnerabilities affecting HP laptops' firmware

Read More

Zen and the Art of SMM Bug Hunting | Finding, Mitigating and Detecting UEFI Vulnerabilities

In Part 5 of our ongoing series on UEFI security research, we dive into the fascinating world of hunting and exploiting SMM vulnerabilities.

Read More

HermeticWiper | New Destructive Malware Used In Cyber Attacks on Ukraine

A new malware is attacking Ukrainian organizations and erasing Windows devices. In this early analysis, we provide technical details, IOCS and hunting rules.

Read More

Sanctions Be Damned | From Dridex to Macaw, The Evolution of Evil Corp

What really happened to Evil Corp after the OFAC sanctions? Did they cut and run, or are they still operating with impunity?

Read More