SentinelLabs - We are hunters, reversers, exploit developers, and tinkerers shedding light on the world of malware, exploits, APTs, and cybercrime across all platforms.
Category

Labs

Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor

Black Basta operational TTPs are described here in full detail, revealing previously unknown tools and techniques and a link to FIN7.

Read More

WIP19 Espionage | New Chinese APT Targets IT Service Providers and Telcos With Signed Malware

Precision targeting of critical infrastructure industries indicates espionage-related activity by an unattributed Chinese-speaking threat group.

Read More

Void Balaur | The Sprawling Infrastructure of a Careless Mercenary

The Void Balaur cyber mercenary group has thrived throughout 2022, attacking targets on a global scale with new phishing campaigns.

Read More

The Mystery of Metador | An Unattributed Threat Hiding in Telcos, ISPs, and Universities

An elusive adversary is attacking high-value targets with impunity using novel malware frameworks and custom-built backdoors.

Read More

Crimeware Trends | Ransomware Developers Turn to Intermittent Encryption to Evade Detection

Partially encrypting victims' files improves ransomware speed and aids evasion. First seen in LockFile, the technique is now being widely adopted.

Read More

PyPI Phishing Campaign | JuiceLedger Threat Actor Pivots From Fake Apps to Supply Chain Attacks

A new threat actor is spreading infostealer malware through targeted attacks on developers and fraudulent cryptotrading applications.

Read More

Who Needs Macros? | Threat Actors Pivot to Abusing Explorer and Other LOLBins via Windows Shortcuts 

Crimeware vendors say 'macros are dead', but they have a new weapon to help threat actors successfully deploy malware.

Read More

LockBit 3.0 Update | Unpicking the Ransomware’s Latest Anti-Analysis and Evasion Techniques

The self-proclaimed 'oldest ransomware affiliate on the planet' has new tricks and new features and continues to beat enterprise defenses.

Read More

Inside Malicious Windows Apps for Malware Deployment

Learn how threat actors manipulate Windows to install malicious apps that are trusted by the system, and how to defend against them.

Read More

Targets of Interest | Russian Organizations Increasingly Under Attack By Chinese APTs

Chinese-linked phishing campaign seeks to compromise Russian targets with custom malware designed for espionage.

Read More