Labs Archive

LABScon24 Replay | Farmyard Gossip: The Foreign Footprint in US Agriculture

LABScon / March 5, 2025

Kristin Del Rosso & Madeleine Devost explore the growing trend of foreign ownership of farmland and its implications for national security.

Adversary

Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition

Tom Hegel / February 25, 2025

Latest Ghostwriter campaign brings Belarusian opposition into its sights for the first time as it continues weaponizing XLS docs to drop malware.

Security & Intelligence

Censorship as a Service | Leak Reveals Public-Private Collaboration to Monitor Chinese Cyberspace

Alex Delamotte, Aleksandar Milenkoski & Dakota Cary / February 21, 2025

Data leak reveals how a top tier cybersecurity vendor helps the PRC enforce content monitoring and manipulation of public opinion in China.

Security Research

X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams

Tom Hegel, Jim Walter & Alex Delamotte / January 31, 2025

SentinelLABS has observed an active phishing campaign targeting high-profile X accounts to hijack and exploit them for fraudulent activity.

LABScon

LABScon24 Replay | Follow the Money: Uncovering the Incorporation and the CCP’s Ownership of Chinese Firms Investing in the USA

LABScon / January 30, 2025

Chinese foreign direct investment should trigger American national security concerns, but much of it doesn’t. Elly Rostoum reveals why.

LABScon

LABScon24 Replay | The Real AI Race: Disinformation in the Taiwanese Election

LABScon / January 9, 2025

Martin Wendiggensen reveals how disinformation shaped Taiwan’s election, and how AI-powered research uncovered hidden influences on voter behavior.

LABScon

LABScon24 Replay | The Ransomware Trust Paradox

LABScon / December 19, 2024

Max Smeets explores how ransomware groups leverage public reporting and why we must disrupt the trust dynamic between threat actors and victims.

LABScon

LABScon24 Replay | Let Them Eat Cake: “Secure by Upgrade” Software is a National Security Threat

LABScon / December 18, 2024

Kymberlee Price reveals the technical chaos facing SMBs as they struggle with solutions aimed at bigger fish in the face of expanding crimeware.

Advanced Persistent Threat

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

Aleksandar Milenkoski & Luigi Martire (Tinexta Cyber) / December 10, 2024

Threat actors abused Visual Studio Code and Microsoft Azure infrastructure to target large business-to-business IT service providers in Southern Europe.

LABScon

LABScon24 Replay | PKfail: Supply-Chain Failures in Secure Boot Key Management

LABScon / December 3, 2024

Binarly’s Alex Matrosov and Fabio Pagani present PKfail, a firmware supply-chain security issue affecting major device vendors and hundreds of device models.

LABScon24 Replay | Resilience and Protection in the Windows Ecosystem

LABScon24 Replay | Farmyard Gossip: The Foreign Footprint in US Agriculture

Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition

Censorship as a Service | Leak Reveals Public-Private Collaboration to Monitor Chinese Cyberspace

X Phishing | Campaign Targeting High Profile Accounts Returns, Promoting Crypto Scams

LABScon24 Replay | Follow the Money: Uncovering the Incorporation and the CCP’s Ownership of Chinese Firms Investing in the USA

LABScon24 Replay | The Real AI Race: Disinformation in the Taiwanese Election

LABScon24 Replay | The Ransomware Trust Paradox

LABScon24 Replay | Let Them Eat Cake: “Secure by Upgrade” Software is a National Security Threat

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

LABScon24 Replay | PKfail: Supply-Chain Failures in Secure Boot Key Management