ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Labs

Purple Fox EK New CVEs Steganography And Virtualization Added To Attack Flow 7
Crimeware

Purple Fox EK | New CVEs, Steganography, and Virtualization Added to Attack Flow
Gal Kristal /

New research shows that the Purple Fox exploit kit has added new tricks to its attack flow and continues to target vulnerable versions of Internet Explorer.

Read More
Leveraging LD AUDIT To Beat The Traditional Linux Library Preloading Technique 4
Security Research

Leveraging LD_AUDIT to Beat the Traditional Linux Library Preloading Technique
Lior Ribak /

Abusing LD_PRELOAD to intercept library calls on Linux is a known threat actor technique, but it’s possible to load libaries even before that. Meet LD_AUDIT

Read More
Moving From Manual RE Of UEFI Modules To Coverage Guided Fuzzing Of UEFI Firmware 3
Security Research

Moving From Manual Reverse Engineering of UEFI Modules To Dynamic Emulation of UEFI Firmware
Assaf Carlsbad /

Learn how to emulate, trace, debug, and Reverse Engineer UEFI modules in part 2 of our new blog series on Firmware Security

Read More
The FONIX RaaS New Low Key Threat With Unnecessary Complexities 6
Crimeware

The FONIX RaaS | New Low-Key Threat with Unnecessary Complexities
Jim Walter /

FONIX RaaS uses four methods of encryption per file and leads victims (and affiliates) on a merry dance through multiple emails to obtain decryption.

Read More
Scams Phishing And Malware Cyber Attacks Leveraging The COVID 19 CoronaVirus Pandemic 1
Security & Intelligence

Threat Intel | Cyber Attacks Leveraging the COVID-19/CoronaVirus Pandemic
Jim Walter /

At Sentinel Labs, we have been closely tracking adversarial behavior as it pertains to COVID-19/Coronavirus. To date, we have observed a significant number of malware campaigns, spam campaigns, and outright…

Read More
Multi Platform SMAUG RaaS Aims To See Off Competitors 6
Crimeware

Multi-Platform SMAUG RaaS Aims To See Off Competitors
Jim Walter /

Raas (Ransomware-as-a-Service) continues to fuel the cybercrime economy. SMAUG offers Windows, Linux and macOS support among other unique features.

Read More
Case Study Why You Shouldn’t Trust NTDLL From Kernel Image Load Callbacks 2
Security Research

Case Study: Why You Shouldn’t Trust NTDLL from Kernel Image Load Callbacks
Kasif Dekel /

Read how we discovered and exploited several severe flaws in a security product’s kernel mode driver due to a lack of user mode input validation.

Read More
Case Study Catching A Human Operated Maze Ransomware Attack In Action 1
Adversary

Case Study: Catching a Human-Operated Maze Ransomware Attack In Action
Jim Walter /

Maze operators tailor attacks to the victim’s environment to evade detection. We show how they operate, and reveal a decoded HDA payload among other IOCs.

Read More
Agent Tesla Old RAT Uses New Tricks To Stay On Top 4
Crimeware

Agent Tesla | Old RAT Uses New Tricks to Stay on Top
Jim Walter /

Aside from Dridex, Agent Tesla is the most widely used malware currently targeting businesses. We review its core functionality and latest adaptations.

Read More
Hacking Smart Devices For Fun Profit 3
Security Research

Hacking Smart Devices for Fun and Profit
Barak Sternberg /

Presented at DEF CON 28 (2020), this is the story of how SentinelOne researcher Barak Sternberg found four IoT vulnerabilities in thousands of smart devices.

Read More
1 16 17 18 19 20 23