en
Get a Demo
Navigation Arrow Left Back
Navigation Close
Get a Demo

Labs

Use Of Obfuscated Beacons In ‘pymafka Supply Chain Attack Signals A New Trend In MacOS Attack TTPs 1
Security & Intelligence

Use of Obfuscated Beacons in ‘pymafka’ Supply Chain Attack Signals a New Trend in macOS Attack TTPs
Phil Stokes /

A new typosquatting attack against the PyPI repository targets enterprise Macs with a distinctive obfuscation method.

Read More
CrateDepression Rust Supply Chain Attack Infects Cloud CI Pipelines With Go Malware 1
Crimeware

CrateDepression | Rust Supply-Chain Attack Infects Cloud CI Pipelines with Go Malware
Juan Andrés Guerrero-Saade /

Software developers using GitLab CI are being targeted with malware through a typosquatting attack, putting downstream users at risk.

Read More
Putting Things In Context Timelining Threat Campaigns Tom
Security Research

Putting Things in Context | Timelining Threat Campaigns
Tom Hegel /

Visualizing data is integral to threat research. See how we used this timeline analysis tool to track activity in the Ukrainian cyber conflict.

Read More
10 Year Old Vulnerabilities In Avast And AVG Antiviruses Put Millions Of Users At Risk 6
Security Research

Vulnerabilities in Avast And AVG Put Millions At Risk
Kasif Dekel /

Two high-severity flaws in popular end user security tools allow attackers to elevate privileges and compromise devices.

Read More
Moshen Dragons Triad And Error Approach Abusing Security Software To Sideload PlugX And ShadowPad 1
Adversary

Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
Joey Chen /

Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.

Read More
LockBit Ransomware Side Loads Cobalt Strike Beacon With Legitimate VMware Utility 4
Crimeware

LockBit Ransomware Side-loads Cobalt Strike Beacon with Legitimate VMware Utility
James Haughom /

Long-running LockBit ransomware attempts to evade Windows ETW, AMSI and EDR by leveraging legitimate VMware logging command line utility.

Read More
Nokoyawa Ransomware New KarmaNemty Variant Wears Thin Disguise 5
Crimeware

Nokoyawa Ransomware | New Karma/Nemty Variant Wears Thin Disguise
Antonis Terefos /

Nemty developers have created a new, flawed update to the Karma ransomware variant in a bid to avoid detection and mislead attribution.

Read More
Inside The Black Box How We Fuzzed Microsoft Defender For IoT And Found Multiple Vulnerabilities 5
Security Research

Inside the Black Box | How We Fuzzed Microsoft Defender for IoT and Found Multiple Vulnerabilities
Kasif Dekel /

A must-read for fuzzing fans, this post gives a detailed look at the advanced techniques used in our recent discovery of multiple bugs in Defender for IoT.

Read More
AcidRain A Modem Wiper Rains Down On Europe 2
Adversary

AcidRain | A Modem Wiper Rains Down on Europe
Juan Andrés Guerrero-Saade /

As the most impactful cyber attack of the Ukrainian invasion gets downplayed, SentinelLabs uncovers a more plausible explanation.

Read More
Pwning Microsoft Azure Defender For IoT Multiple Flaws Allow Remote Code Execution For All 20
Security Research

Pwning Microsoft Azure Defender for IoT | Multiple Flaws Allow Remote Code Execution for All
Kasif Dekel /

As if IoT & OT aren't hard enough to defend, we dive into five critical vulnerabilities in Microsoft Defender for IoT that leave the door wide open.

Read More
1 5 6 7 8 9 20