From sentinelone.com
The State of Cloud Ransomware in 2024
1 1
In this new report, learn how threat actors are leveraging cloud services to target web services with ransomware attackers.
#cti #ioc #cloud #infosec #Ransomware #threatintel #cloudsecurity #cybersecurity #cyberthreatintelligence
20h ago
From sentinelone.com
BlueNoroff Hidden Risk | Threat Actor Targets Macs with Fake Crypto News and Novel Persistence
0 3
SentinelLabs has observed a suspected DPRK threat actor targeting Crypto-related businesses with novel multi-stage malware.
on Sun, 8PM
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 45
0 1
Authorities arrest data thief and disrupt cybercrime infrastructure, North Korean APT targets Macs for crypto, and AWS keys stolen via fake PyPi package.
on Fri, 4PM
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 44
0 0
Police seize Redline and Meta infostealers, fraudsters launch election-themed scams, and DPRK threat actors collaborate with Play ransomware.
on Nov 2
From sentinelone.com
Climbing The Ladder | Kubernetes Privilege Escalation (Part 2)
0 0
Learn how misconfigurations in GKE System Pods could allow attackers to become cluster admin and control an entire Kubernetes cluster.
on Nov 1
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 43
0 0
New data safety measures proposed by CISA, AWS S3 abused by novel NotLockBit malware, and Fortinet zero-day exploited in-the-wild for months.
on Oct 25
From sentinelone.com
macOS NotLockBit | Evolving Ransomware Samples Suggest a Threat Actor Sharpening Its Tools
0 0
An unknown threat actor is developing ransomware to lock files and steal data on macOS, and it's not LockBit.
on Oct 23
From sentinelone.com
0 0
Take a look at the open positions at SentinelOne. We're dedicated to defending enterprises across endpoints, containers, cloud workloads, and IoT devices in a single cybersecurity platform.
on Oct 22
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 42
0 0
Two major DDoS operators indicted, OilRig APT exploits Windows flaw in credential theft, and RomCom RAT variant targets Ukrainian government.
on Oct 18
From sentinelone.com
China’s Influence Ops | Twisting Tales of Volt Typhoon at Home and Abroad
0 0
China's CVERC attempts to attribute Volt Typhoon activities to the U.S., but the fact-free claims reveal much about the PRC's real agenda.
on Oct 18
From sentinelone.com
Quantifying Vulnerability Risk | Identify & Remediate CVEs with Exploit-Driven Prioritization
0 0
Explore the future of vulnerability prioritization in Singularity Vulnerability Management now with EPSS and KEV support.
on Oct 17
From sentinelone.com
Cloud and Container | The Attack & Defend Series
0 0
The first post in our new Cloud & Container | Attack & Defend blog series covers leading security trends in today's cloud adoption landscape.
on Oct 9
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 40
0 0
IRGC actors charged for election interference, fake crypto wallets found in PyPi, and CISA warns against critical Ivanti flaw allowing RCE.
on Oct 5
From sentinelone.com
Kryptina RaaS | From Unsellable Cast-Off to Enterprise Ransomware
0 0
Kryptina's adoption by Mallox affiliates complicates malware tracking as ransomware operators blend different codebases into new variants.
on Sep 23
From sentinelone.com
PinnacleOne ExecBrief | Volt Typhoon’s Winds Pick Up Speed
0 0
This ExecBrief provides executives a guide to defending against China’s Volt Typhoon and explains why the threat isn’t going away anytime soon.
on Sep 23
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 38
0 0
Police crack down on spyware and criminal comms, threat actors spread infostealer on GitHub, and PRC-linked botnet targets U.S. critical sectors.
on Sep 20
From sentinelone.com
macOS Sequoia | What’s New in Privacy and Security for Enterprise?
0 0
Monday September 16th saw Apple release the newest version of its Mac operating system, macOS 15 Sequoia, and SentinelOne was delighted to announce support for this version of macOS on the day of release.
on Sep 18
From sentinelone.com
LABScon Replay | Breaking Firmware Trust From The Other Side: Exploiting Early Boot Phases (Pre-Efi)
0 0
The first public discussion of changes in the UEFI firmware security runtime from an offensive security perspective with Alex Matrosov.
on Sep 13
From sentinelone.com
From Amos to Poseidon | A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024
0 0
Keeping track of the many variants of Atomic Stealer can be a challenge for SOC teams. Our guide breaks down the latest versions.
on Sep 13
From sentinelone.com
Exploring the VirusTotal Dataset | An Analyst's Guide to Effective Threat Research
0 0
We teamed up with VirusTotal to take a deep dive into the platform's extensive query capabilities through both the web and API interfaces.
on Aug 29
From sentinelone.com
LABScon23 Replay | Black Magic - Influence Operations in the Open and At-Scale in Hungary
0 0
As electorates across the US and Europe go to the polls in 2024, this must-see talk on large-scale state influence operations is both timely and relevant.
on Aug 26
From sentinelone.com
Singularity Cloud Native Security | Eliminate False Positives and Focus On What Matters
0 0
Learn how SentinelOne's Offensive Security Engine (OSE) eliminates false positives to allow teams to focus on the truly exploitable issues.
on Aug 15
From sentinelone.com
DeathGrip RaaS | Small-Time Threat Actors Aim High With LockBit & Yashma Builders
0 0
Learn about an emerging ransomware-as-a-service called DeathGrip and their use of LockBit and Yashma/Chaos-based payloads to deliver malware.
on Aug 8
From sentinelone.com
0 0
This ExecBrief focuses on the escalation of sabotage by nation-states and private sector spillovers.
on Aug 7
From sentinelone.com
PinnacleOne ExecBrief | AI’s Potential for Hacking
0 0
This ExecBrief focuses on the commotion around the application of AI to offensive cyber capabilities.
on Aug 6
From sentinelone.com
Going For Gold | Russian Threats to the Olympic Games
0 1
As the 2024 Olympic Games kick off in Paris, learn about the mounting risks posed by Russia through various hostile cyber operations.
on Jul 30
From sentinelone.com
FIN7 Reboot | Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks
0 0
This research explores how FIN7 has adopted automated attack methods and developed defense evasion techniques previously unseen in the wild.
on Jul 26
From sentinelone.com
NullBulge | Threat Actor Masquerades as Hacktivist Group Rebelling Against AI
0 0
Actors are masquerading as hacktivists targeting AI-centric communities with commodity malware and customized LockBit payloads.
on Jul 25
From sentinelone.com
CrowdStrike Global Outage - Threat Actor Activity and Risk Mitigation Strategies
0 0
SentinelOne continues to monitor cybercriminal threat actors attempting to take advantage of the ensuing chaos and concern.
on Jul 22
From sentinelone.com
The Good, the Bad and the Ugly in Cybersecurity - Week 27
0 0
Europol takes down hundreds of Cobalt Strike servers, Brain Cipher operators attack Indonesian data centers, and new CapraRAT code targets Android users.
on Jul 8
From sentinelone.com
CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts
0 0
SentinelLabs has identified four new CapraRAT APKs associated with suspected Pakistan state-aligned actor Transparent Tribe.
on Jul 3
From sentinelone.com
Chamelgang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware
0 0
In collaboration with Recorded Future, SentinelLabs has been tracking two distinct activity clusters targeting government and critical infrastructure sectors globally between 2021 and 2023. We associate one activity cluster with the suspected Chinese APT group ChamelGang (also known as CamoFei),...
on Jun 26
From sentinelone.com
ChamelGang & Friends | Cyberespionage Groups Attacking Critical Infrastructure with Ransomware
0 0
Threat actors in the cyberespionage ecosystem are using ransomware for financial gain, disruption, distraction, misattribution, and the removal of evidence.
on Jun 26
From sentinelone.com
Ikaruz Red Team | Hacktivist Group Leverages Ransomware for Attention Not Profit
0 0
Politically-motivated attacks involving ransomware are on the rise as hacktivists aim to increase their impact through easily available tools.
on May 21
From sentinelone.com
macOS Cuckoo Stealer | Ensuring Detection and Defense as New Samples Rapidly Emerge
0 0
Learn about the mechanics of macOS Cuckoo Stealer, discover extended indicators and ensure your organization remains protected.
on May 9
From sentinelone.com
LABScon23 Replay | macOS Components Used in North Korean Crypto-Heists
0 0
Greg Lesnewich takes us on a tour of North Korean APTs targeting macOS and explores techniques for tracking an increasingly active threat cluster.
on May 8
From sentinelone.com
macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown
0 0
Learn about the latest Adload adware variants, written in Go and intended to bypass Apple's recent XProtect updates.
on May 2
From sentinelone.com
Ransomware Evolution | How Cheated Affiliates Are Recycling Victim Data for Profit
0 1
Learn how data leak site operators like RansomHub and Dispossessor are feeding a new extortion cycle as the ransomware ecosystem evolves.
on Apr 24
From sentinelone.com
Microsoft's Dangerous Addiction To Security Revenue
0 0
Explore the implications of Microsoft's latest security breach. Is their focus on revenue undermining cybersecurity?
on Apr 15
From sentinelone.com
AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine
0 0
SentinelLabs has discovered a novel malware variant of AcidRain that could be targeting telecoms networks in Ukraine.
on Mar 21
From sentinelone.com
PinnacleOne Exec Brief | China's AI-Enabled Cyber Capabilities
0 0
In this week’s ExecBrief, we examine how PRC threat actors are using AI to accelerate their cyber operations in ways that will be hard to directly observe.
on Mar 4
From sentinelone.com
February 2024 Cybercrime Update | Commercial Spyware, AI-Driven APTs & Flawed RMMs
0 0
Learn about the latest trends in cybercriminal activity, new actors, novel threats and evolving tools. Here's February's update.
on Mar 2
From sentinelone.com
Doppelgänger | Russia-Aligned Influence Operation Targets Germany
0 0
Doppelgänger, a sophisticated Russia-aligned operation, targets German public opinion with disinformation ahead of elections.
on Mar 1
From sentinelone.com
Unmasking I-Soon | The Leak That Revealed China's Cyber Operations
0 0
The I-Soon leak reveals the maturing nature of China’s cyber espionage and a competitive hacker marketplace driven by government demands.
on Feb 29
From sentinelone.com
SNS Sender | Active Campaigns Unleash Messaging Spam Through the Cloud
0 0
Threat actors leverage cloud services to conduct massive smishing campaign through AWS Simple Notification Service.
on Feb 16
From sentinelone.com
PinnacleOne Alert | Russian Space-Based Nuclear Anti-Satellite Weapon
0 0
Russia’s alleged nuclear space-based anti-satellite weapon presents novel strategic and commercial risks.
on Feb 16
From sentinelone.com
Kryptina RaaS | From Underground Commodity to Open Source Threat
0 0
Source code for Linux RaaS has the potential to proliferate and become a serious threat to cloud environments.
on Feb 14
From sentinelone.com
Report | China’s Cyber Revenge | Why the PRC Fails to Back Its Claims of Western Espionage
0 0
China's claims of hacks and espionage lack the rigorous technical detail seen in western threat intel. Why the asymmetry, and how does it benefit the PRC?
on Feb 12
From sentinelone.com
China’s Cyber Revenge | Why the PRC Fails to Back Its Claims of Western Espionage
0 0
China's claims of hacks and espionage lack the rigorous technical detail seen in western threat intel. Why the asymmetry, and how does it benefit the PRC?
on Feb 12
From sentinelone.com
Backdoor Activator Malware Running Rife Through Torrents of macOS Apps
0 0
A new campaign is spreading macOS malware through infected copies of popular applications and productivity tools.
on Feb 2