Arid Viper | APT’s Nest of SpyC23 Malware Continues to Target Android Devices
Hamas-aligned threat actor delivers spyware through weaponized apps posing as Telegram or Skipped messenger.
Read More
11 Ways to Tweak radare2 for Faster and Easier macOS Malware Analysis
Simplifying radare2 for macOS malware research, these tips and tricks will help to improve workflow and supercharge productivity.
Read More
The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest
Cyber warfare occurring amidst the Israel-Hamas war underscores the importance of keeping tabs on rising APTs and opportunistic hacktivists.
Read More
Sandman APT | A Mystery Group Targeting Telcos with a LuaJIT Toolkit
Sophisticated threat actor deploys high-end malware utilizing the LuaJIT platform to backdoor telcos in Europe, Middle East and South Asia.
Read More
Cyber Soft Power | China’s Continental Takeover
China-aligned threat actors are increasingly involved in strategic intrusions in Africa, aiming to extend the PRC's influence across the continent.
Read More
CapraTube | Transparent Tribe’s CapraRAT Mimics YouTube to Hijack Android Phones
Pakistan-aligned threat actor weaponizes fake YouTube apps on the Android platform to deliver mobile remote access trojan spyware.
Read More
Bloated Binaries | How to Detect and Analyze Large macOS Malware Files
Massive malware binaries are becoming more common on macOS and can cause problems for detection and analysis. Here's how we can successfully deal with them.
Read More
Chinese Entanglement | DLL Hijacking in the Asian Gambling Sector
Threat actors abuse Adobe Creative Cloud, Edge, and other executables vulnerable to DLL hijacking in campaign targeting the Southeast Asian gambling sector.
Read More
Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company
North Korean threat actors attempt to further missile program by compromising sanctioned Russian defense company with OpenCarrot backdoor.
Read More
JumpCloud Intrusion | Attacker Infrastructure Links Compromise to North Korean APT Activity
North Korean state sponsored APT is behind a new supply chain attack on zero-trust directory platform JumpCloud.
Read More