SentinelLabs - Page 5 of 7 - Intelligence Redefined

Breaking TA505’s Crypter with an SMT Solver

TA505 threat group use a crypter common to Clop/CryptoMix ransomware and others. We tear it down with a new unpacker utilizing SMT.

Crimeware

Revealing the Trick | A Deep Dive into TrickLoader Obfuscation

TrickBot’s loader has received much less attention than other components of the malware. Jason Reaves shows how to reverse engineer the TrickLoader function.

Advanced Persistent Threat

DPRK Hidden Cobra Update: North Korean Malicious Cyber Activity

New threat intelligence on the ever-expanding toolset of North Korean APT Hidden Cobra (Lazarus) including IoCs for RATs, beacons, persistence and more.

Security & Intelligence

Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting

Read how the Gamaredon group wages a silent cyber war against the Ukraine even when all other domains are denied by the strategic or political framework.

Crimeware

New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware

The ransomware crime spree continues with threat actors increasingly turning to Golang as their language of choice. New entrant Snake is just the latest.

Crimeware

Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets

SentinelLabs developed mock command-and-control panels to allow the institutions to utilize them for testing detections related to “PowerTrick”

Adversary

Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT

The Wind of Time Shakes the Underground | High-Tech Cybercrime & APT | Most Sophisticated & Resourceful Crimeware Group

feature image macos privilege escalation

Security Research

Privilege Escalation | macOS Malware & The Path to Root Part 1

Researchers invest huge amounts of effort to uncover privilege escalations and develop exploits. What can we learn about macOS security from their work?

Security & Intelligence

How AdLoad macOS Malware Continues to Adapt & Evade

AdLoad adware evades Apple’s built-in protections, installs man-in-the-middle proxy & multiple persistence agents to thwart removal. Here’s how to fight it.

Crimeware

How TrickBot Malware Hooking Engine Targets Windows 10 Browsers

Vitali Kremez revealing how TrickBot’s hooking engine targets Chrome, Firefox, Explorer and Edge in Windows 10

The workplace we knew is gone. Enter SentinelOne—the only cybersecurity platform purpose-built for the remote wo… https://t.co/AusHeoEaul2 hours ago
SentinelOne launches in Korea! A market ripe for the next generation of cybersecurity. Together with our strateg… https://t.co/q6ukW4kpLv2 hours ago
Is your #security team struggling due to a lack of resources? Read our #whitepaper to find out 5 quick tips to… https://t.co/eHZigdon2Y3 hours ago
Ransomware Attacks: To Pay or Not To Pay? https://t.co/6ZoqkenIKC #Ransomware #infosec #cybersecurity4 hours ago

0 / 98

Breaking TA505’s Crypter with an SMT Solver

Revealing the Trick | A Deep Dive into TrickLoader Obfuscation

DPRK Hidden Cobra Update: North Korean Malicious Cyber Activity

Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting

New Snake Ransomware Adds Itself to the Increasing Collection of Golang Crimeware

Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets

Anchor Project | The Deadly Planeswalker: How The TrickBot Group United High-Tech Crimeware & APT

Privilege Escalation | macOS Malware & The Path to Root Part 1

How AdLoad macOS Malware Continues to Adapt & Evade

How TrickBot Malware Hooking Engine Targets Windows 10 Browsers

FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts

Greyware’s Anatomy: The “Potentially Unwanted” are Upping Their Game

Building a Custom Malware Analysis Lab Environment

SolarWinds | Understanding & Detecting the SUPERNOVA Webshell Trojan