SentinelLabs - Page 2 of 2 - Intelligence Redefined

Trickbot Update: Brief Analysis of a Recent Trickbot Payload

In many ways, Trickbot parallels the evolution of contemporary threats (such as #Emotet) via its modular and expandable architecture. We took it for a test

Advanced Persistent Threat

FIN6 “FrameworkPOS”: Point-of-Sale Malware Analysis & Internals

Vitali Kremez diving into the FIN6 “FrameworkPOS”, targeting payment card data from Point-of-Sale (POS) or eCommerce systems.

Cybercrime_ _Banload_ Banking Malware Implements New Techniques for Fraud

Crimeware

RIG Exploit Kit Chain Internals

Vitali Kremez explaining the RIG Exploit Kit and the infection chain internals that led to the Amadey Stealer and Clipboard Hijacker.

Crimeware

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

Gootkit’s final payload contains multiple Node.js scripts. Join Daniel Bunce as he reverse engineers the malware to take a deeper look at what it delivers.

Security Research

macOS Incident Response | Part 3: System Manipulation

How can you detect system manipulations by malware, local or remote attackers on macOS? Find out in the final part of our series on macOS Incident Response.

Security Research

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

Reverse engineering Gootkit reveals tricks for persistence, self-updating and a kill switch. Join us as we continue our deep dive into this banking malware

Security Research

macOS Incident Response | Part 2: User Data, Activity and Behavior

What can we learn about user activity and behavior on a compromised Mac? Learn about the hidden and obfuscated data stores Apple use on the macOS platform.

Security Research

macOS Incident Response | Part 1: Collecting Device, File & System Data

How should you investigate an infected Mac? Has there been lateral movement, data exfiltration, system manipulation? Learn macOS incident response here.

Crimeware

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Gootkit packs plenty of Anti-Analysis features to evade sandboxes, prevent execution in a Virtual Machine, and slow down analysis. Let’s take a dive inside!

Security Research

Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques

Cybercriminals aren’t deterred by legacy AV. Learn how the gang behind “Banload” malware used a new kernel driver to remove popular anti-malware solutions.

Invisible 'Smart' devices and weak credentials allow botnets to grow and attackers to gain entry into networks, but… https://t.co/dKOE4xWPmu6 hours ago
鼠年大吉! From the SentinelOne family to yours, we wish you happiness, health, safety, and peace. Happy Year of the Rat… https://t.co/ZO11JFk8C213 hours ago
EternalBlue & The Lemon_Duck Cryptominer Attack https://t.co/2E4vRMl8hC #BlueKeep #EternalBlue #Cryptominer #Attack… https://t.co/i6l6ttWSFl15 hours ago
macOS Incident Response | Part 1: Collecting Device, File & System Data https://t.co/tEB9Wedsbg #macOS #security… https://t.co/o1UBQflcJS17 hours ago

0 / 30

Trickbot Update: Brief Analysis of a Recent Trickbot Payload

FIN6 “FrameworkPOS”: Point-of-Sale Malware Analysis & Internals

RIG Exploit Kit Chain Internals

Gootkit Banking Trojan | Part 3: Retrieving the Final Payload

macOS Incident Response | Part 3: System Manipulation

Gootkit Banking Trojan | Part 2: Persistence & Other Capabilities

macOS Incident Response | Part 2: User Data, Activity and Behavior

macOS Incident Response | Part 1: Collecting Device, File & System Data

Gootkit Banking Trojan | Deep Dive into Anti-Analysis Features

Cybercrime: Groups Behind “Banload” Banking Malware Implement New Techniques

Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets

Maze Ransomware Update: Extorting and Exposing Victims

Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT

Privilege Escalation | macOS Malware & The Path to Root Part 1