ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM

Labs

Kimsuky Ongoing Campaign Using Tailored Reconnaissance Toolkit 1
Adversary

Kimsuky | Ongoing Campaign Using Tailored Reconnaissance Toolkit
Aleksandar Milenkoski /

North Korean APT group focuses on file reconnaissance and information exfiltration with latest variant of RandomQuery malware.

Read More
LABScon Replay Does This Look Infected 2 APT41
LABScon

LABScon Replay | Does This Look Infected 2 (APT41)
LABScon /

Mandiant researchers Van Ta and Rufus Brown take us on a journey of discovery into the compromise of multiple U.S. Government networks by APT41.

Read More
Malshare 10 Years Of Running A Public Malware Repository 1
LABScon

LABScon Replay | Malshare: 10 Years of Running a Public Malware Repository
LABScon /

Silas Cutler, founder of MalShare, explores some of the challenges and rewards of developing and maintaining a free malware repository for researchers.

Read More
Hypervisor Ransomware Multiple Threat Actor Groups Hop On Leaked Babuk Code To Build ESXi Lockers
Crimeware

Hypervisor Ransomware | Multiple Threat Actor Groups Hop on Leaked Babuk Code to Build ESXi Lockers
Alex Delamotte /

Availability of leaked Babuk source code is fuelling a proliferation of file lockers targeting VMware ESXi.

Read More
Kimsuky Evolves Reconnaissance Capabilities In New Global Campaign 9
Advanced Persistent Threat

Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign
Tom Hegel /

DPRK-linked threat actor deploys previously unseen reconnaissance tool 'ReconShark' in wave of ongoing attacks.

Read More
Transparent Tribe 6
Advanced Persistent Threat

Transparent Tribe (APT36) | Pakistan-Aligned Threat Actor Expands Interest in Indian Education Sector
Aleksandar Milenkoski /

SentinelLabs has been tracking a cluster of malicious documents that stage the Crimson RAT malware distributed by APT36 (Transparent Tribe).

Read More
Dissecting AlienFox The Cloud Spammers Swiss Army Knife 13
Adversary

Dissecting AlienFox | The Cloud Spammer’s Swiss Army Knife
Alex Delamotte /

A sophisticated new toolset is being used to harvest credentials from multiple cloud service providers, including AWS SES and Microsoft Office 365.

Read More
The Life And Times Of Sysinternals 3
LABScon

The Life and Times of SysInternals | How One Developer Changed the Face of Malware Analysis
Juan Andrés Guerrero-Saade /

Mark Russinovich, founder of SysInternals, explores the history and development of one of the security industry's most essential toolkits.

Read More
Operation Tainted Love Chinese APTs Target Telcos In New Attacks 4
Advanced Persistent Threat

Operation Tainted Love | Chinese APTs Target Telcos in New Attacks
Aleksandar Milenkoski /

Cyber espionage actor deploys custom credential theft malware in new campaign targeting the telecoms sector.

Read More
Winter Vivern Uncovering A Wave Of Global Espionage 6
Advanced Persistent Threat

Winter Vivern | Uncovering a Wave of Global Espionage
Tom Hegel /

SentinelLabs uncover a previously unknown set of espionage campaigns conducted by Winter Vivern advanced persistent threat (APT) group.

Read More
1 4 5 6 7 8 23