LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository
Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.
Read More
Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers
Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.
Read More
Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign
DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.
Read More
Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector
SentinelLABS has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).
Read More
Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.
Read More
The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis
Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.
Read More
Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
Cyber espionage actor deploys custom credential theft malware in new campaign targeting the telecoms sector.
Read More
Winter Vivern | Uncovering a Wave of Global Espionage
SentinelLABS uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.
Read More
IceFire Ransomware Returns | Now Targeting Linux Enterprise Networks
New Linux version of the IceFire ransomware have been observed in recent network intrusions of media and entertainment enterprises.
Read More
WIP26 Espionage | Threat Actors Abuse Cloud Infrastructure in Targeted Telco Attacks
A new threat cluster has been targeting telecommunication providers in the Middle East and abusing Microsoft, Google and Dropbox cloud services.
Read More