ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Adversary

Chinese Threat Actor Scarab Targeting Ukraine 13
Adversary

Chinese Threat Actor Scarab Targeting Ukraine
Tom Hegel /

Chinese threat actor Scarab is targeting Ukrainian organizations. In this report, we share technical details and IOCs on attacks over the past two years.

Read More
Log4j2 In The Wild Iranian Aligned Threat Actor TunnelVision Actively Exploiting VMware Horizon 10
Adversary

Log4j2 In The Wild | Iranian-Aligned Threat Actor “TunnelVision” Actively Exploiting VMware Horizon
Amitai Ben Shushan Ehrlich /

Threat actor exploits Log4j2 vulnerabilities to drop PowerShell backdoors, harvest credentials, and communicate via legitimate services.

Read More
ModifiedElephant APT And The Decade Of Fabricating Terrorism 5
Adversary

ModifiedElephant APT and a Decade of Fabricating Evidence
Tom Hegel /

A previously unreported threat actor has been targeting civil society for over a decade. Read about how it operates and its relationships to other threats.

Read More
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education 1
Adversary

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Amitai Ben Shushan Ehrlich /

Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.

Read More
MeteorExpress Mysterious Wiper Paralyzes Iranian Trains With Epic Troll 7
Adversary

MeteorExpress | Mysterious Wiper Paralyzes Iranian Trains with Epic Troll
Juan Andrés Guerrero-Saade /

In the midst of an epic troll on a country-wide railway system, we discovered a new threat actor and their reusable wiper called Meteor.

Read More
ThunderCats Hack The FSB Your Taxes Didnt Pay For This Op 5
Adversary

ThunderCats Hack the FSB | Your Taxes Didn’t Pay For This Op
Juan Andrés Guerrero-Saade /

Early fingerpointing at Western governments for a hack against the Russian government was misplaced. Our taxes didn’t pay for this one.

Read More
From Wiper To Ransomware The Evolution Of Agrius 7
Adversary

From Wiper to Ransomware | The Evolution of Agrius
Amitai Ben Shushan Ehrlich /

New threat actor Agrius engages in espionage and destructive attacks, masquerades as ransomware with custom backdoor, wiper and malware.

Read More
Copy Of Relaying Potatoes DCE RPC NTLM Relay EOP 7
Adversary

Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol
Antonio Cocomazzi /

A newly-discovered NTLM relay attack makes every Windows system vulnerable to an escalation of privileges attack, and there’s no patch in sight.

Read More
A Deep Dive Into Zebrocys Dropper Docs 4
Adversary

A Deep Dive into Zebrocy’s Dropper Docs
Marco Figueroa /

A new APT28 campaign targets Kazakhstan with Delphocy malware. We show how to reverse engineer the dropper and bypass the VBA macro’s password protection.

Read More
APT32 Multi Stage MacOS Trojan Innovates On Crimeware Scripting Technique 7
Adversary

APT32 Multi-stage macOS Trojan Innovates on Crimeware Scripting Technique
Phil Stokes /

Vietnamese-linked APT group OceanLotus have innovated and imitated in their latest macOS trojan, while also leaving a mysterious hard-coded calling card.

Read More
1 2 3 4