ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Labs

Karma Ransomware An Emerging Threat With A Hint Of JSWorm Pedigree 6
Crimeware

Karma Ransomware | An Emerging Threat With A Hint of Nemty Pedigree
Antonis Terefos /

Exploring the links between Karma and other well-known malware families such as NEMTY and JSWorm, we find further IoCs and an evolving threat.

Read More
Case Studies In MacOS Malware String Decryption With Radare2 13
Security Research

Techniques for String Decryption in macOS Malware with Radare2
Phil Stokes /

In Part 3 of our macOS reversing series, we look at three different macOS malware samples and walk you through how to decipher encrypted strings.

Read More
New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education 1
Adversary

New Version Of Apostle Ransomware Reemerges In Targeted Attack On Higher Education
Amitai Ben Shushan Ehrlich /

Agrius has continued to evolve its toolkit from wiper to ransomware operations, including a recent attack on a higher education facility.

Read More
Defeating MacOS Malware Anti Analysis Tricks With Radare2 10
Security Research

Defeating macOS Malware Anti-Analysis Tricks with Radare2
Phil Stokes /

Learn how to beat malware authors' control flow and avoid executing unwanted parts of their code to analyze macOS malware in radare2.

Read More
CVE 2021 3437 HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions Of Gaming Devices 1
Security Research

CVE-2021-3437 | HP OMEN Gaming Hub Privilege Escalation Bug Hits Millions of Gaming Devices
Kasif Dekel /

A high severity flaw in HP's OMEN Gaming Hub software allows any user to escalate privileges to kernel-level mode.

Read More
Hide And Seek New Zloader Infection Chain Comes With Improved Stealth And Evasion Mechanisms 6
Crimeware

Hide and Seek | New Zloader Infection Chain Comes With Improved Stealth and Evasion Mechanisms
Antonio Pirozzi /

A new ZLoader campaign abuses Google Ads to target European banking institutions with signed MSI payloads and more than 300 domains.

Read More
EGoManiac An Unscrupulous Turkish Nexus Threat Actor 3
Advanced Persistent Threat

EGoManiac | An Unscrupulous Turkish-Nexus Threat Actor
Juan Andrés Guerrero-Saade /

EGoManiac is a threat actor willing to spy on friend and foe and entrap journalists without compunction. Read our groundbreaking research.

Read More
6 Pro Tricks For Rapid MacOS Malware Triage With Radare2 7
Security Research

6 Pro Tricks for Rapid macOS Malware Triage with Radare2
Phil Stokes /

Learn more about reversing real-world macOS malware in this new series for intermediate to advanced analysts, starting with these r2 tips!

Read More
Hive Attacks Analysis Of The Human Operated Ransomware Targeting Healthcare 10
Crimeware

Hive Attacks | Analysis of the Human-Operated Ransomware Targeting Healthcare
Jim Walter /

Hive is a double-extortion ransomware group that’s hit over 30 organizations. Read our deep-dive into the ransomware toolkit.

Read More
SHADOWPAD The Masterpiece Of Privately Sold Malware In Chinese Espionage 7
Advanced Persistent Threat

ShadowPad | A Masterpiece of Privately Sold Malware in Chinese Espionage
Yi-Jhen Hsieh /

Supplying a custom backdoor to a cluster of APT groups, the personas behind ShadowPad have maintained a cloak of secrecy, until now.

Read More
1 11 12 13 14 15 23