Labs Archive

LABScon23 Replay | macOS Components Used in North Korean Crypto-Heists

LABScon / May 8, 2024

Greg Lesnewich takes us on a tour of North Korean APTs targeting macOS and explores techniques for tracking an increasingly active threat cluster.

LABScon

LABScon23 Replay | From Vulkan to Ryazan – Investigative Reporting from the Frontlines of Infosec

LABScon / April 30, 2024

Covering investigations into Turla, Magna Bear and REvil, this talks offers a fascinating insight into how researchers unmask threat actor identities.

Meet The Iranian Company Powering Russias Drone War On Ukraine Header

LABScon

LABScon23 Replay | Meet the Iranian Company Powering Russia’s Drone War on Ukraine

LABScon / April 23, 2024

Take a unique look inside Iran's drone and missile program as Adam Rawnsley charts the rise of Mado, a key IRGC drone company.

Adversary

AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine

Juan Andrés Guerrero-Saade & Tom Hegel / March 21, 2024

SentinelLABS has discovered a novel malware variant of AcidRain that could be targeting telecoms networks in Ukraine.

Doppelganger Russia Aligned Influence Operation Targets Germany 2

Adversary

Doppelgänger | Russia-Aligned Influence Operation Targets Germany

Aleksandar Milenkoski / February 22, 2024

Doppelgänger, a sophisticated Russia-aligned operation, targets German public opinion with disinformation ahead of elections.

I Soons Data Breach The Leak That Revealed Chinas Cyber Operations 5

Advanced Persistent Threat

Unmasking I-Soon | The Leak That Revealed China’s Cyber Operations

Dakota Cary & Aleksandar Milenkoski / February 21, 2024

The I-Soon leak reveals the maturing nature of China’s cyber espionage and a competitive hacker marketplace driven by government demands.

Chasing Shadows The Rise Of A Prolific Espionage Actor 1

LABScon

LABScon Replay | Chasing Shadows | The Rise of a Prolific Espionage Actor

LABScon / February 20, 2024

Kris McConkey reveals the rise of a cyber espionage 'superpower,' impacting 35+ countries with sophisticated tools like ShadowPad.

Crimeware

SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud

Alex Delamotte / February 15, 2024

Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.

Chinas Cyber Revenge Why The PNC Fails To Back Its Claims Of Western Espionage 4

Security & Intelligence

China’s Cyber Revenge | Why the PRC Fails to Back Its Claims of Western Espionage

Dakota Cary / February 12, 2024

China's claims of hacks and espionage lack the rigorous technical detail seen in western threat intel. Why the asymmetry, and how does it benefit the PRC?

A Glimpse Into Future ScarCruft Campaigns Attackers Gather Strategic Intelligence And Target Cybersecurity Professionals 20

Advanced Persistent Threat

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals

Aleksandar Milenkoski & Tom Hegel / January 22, 2024

New ScarCruft activity suggests the adversary is planning to target cybersecurity professionals and businesses.