Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem read file error: read notes: is a directory... 2025-8-4 10:0:23 | 阅读: 122 | 收藏 | SentinelLabs - www.sentinelone.com stage stealer python pxa malicious

The Good, the Bad and the Ugly in Cybersecurity – Week 31 read file error: read notes: is a directory... 2025-8-1 13:0:32 | 阅读: 25 | 收藏 | SentinelOne - www.sentinelone.com blizzard hafnium shanghai ransomware diplomatic

Leading the Charge: Frost & Sullivan Recognizes The Next Phase of MDR Powered by Agentic AI read file error: read notes: is a directory... 2025-7-31 13:0:56 | 阅读: 17 | 收藏 | SentinelOne - www.sentinelone.com mdr frost delivering singularity purple

Beyond the Buzz: Is Your Security Platform Delivering AI Value or Just Hype? read file error: read notes: is a directory... 2025-7-30 13:0:36 | 阅读: 18 | 收藏 | SentinelOne - www.sentinelone.com security purple agentic outcomes generative

China’s Covert Capabilities | Silk Spun From Hafnium read file error: read notes: is a directory... 2025-7-30 10:0:31 | 阅读: 27 | 收藏 | SentinelLabs - www.sentinelone.com hafnium shanghai firetech yin indictment

The Good, the Bad and the Ugly in Cybersecurity – Week 30 read file error: read notes: is a directory... 2025-7-25 13:0:44 | 阅读: 27 | 收藏 | SentinelOne - www.sentinelone.com lumma toolshell microsoft phobos 8base

Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability 文章介绍了一个名为“ToolShell”的零日漏洞（CVE-2025-53770），该漏洞允许未经身份验证的远程代码执行，对在 premises SharePoint 服务器构成严重威胁。SentinelOne检测到该漏洞已被实际利用，并提供了一系列防御措施和工具以帮助组织应对这一威胁。... 2025-7-23 00:9:6 | 阅读: 25 | 收藏 | SentinelOne - www.sentinelone.com toolshell security spinstall0 premises

AI’s Double Edge: How AI Expands the Attack Surface & Empowers Defenders 文章探讨了人工智能在云安全中的双刃剑效应：一方面扩展了攻击面并引入新威胁；另一方面提升了威胁检测与漏洞管理能力。云安全团队正积极利用AI加速响应并增强防御机制。... 2025-7-22 19:23:21 | 阅读: 19 | 收藏 | SentinelOne - www.sentinelone.com cloud security threats sagemaker

SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers read file error: read notes: is a directory... 2025-7-21 23:8:3 | 阅读: 29 | 收藏 | SentinelOne - www.sentinelone.com spinstall0 layouts microsoft wave toolshell

The Good, the Bad and the Ugly in Cybersecurity – Week 29 文章报道了网络犯罪领域的最新动态：一名前美军士兵因攻击电信和科技公司被起诉；欧警捣毁针对NAS设备的勒索团伙；执法机构联手打击支持俄罗斯的黑客组织；新型恶意软件Katz Stealer通过多阶段感染链窃取敏感信息；朝鲜骇客继续利用npm恶意软件攻击软件供应链。... 2025-7-18 13:0:41 | 阅读: 21 | 收藏 | SentinelOne - www.sentinelone.com katz stealer aliases xorindex infostealer

Primary Attack Vectors Persist read file error: read notes: is a directory... 2025-7-17 21:19:59 | 阅读: 23 | 收藏 | SentinelOne - www.sentinelone.com cloud security defenders lateral

Endpoint Protection Redefined: Insights from the 2025 Gartner® Magic Quadrant™ for EPP, and How Agentic AI and Platformization Are Shaping the Market read file error: read notes: is a directory... 2025-7-17 16:22:31 | 阅读: 24 | 收藏 | SentinelOne - www.sentinelone.com security singularity cloud quadrant innovation

Katz Stealer | Powerful MaaS On the Prowl for Credentials and Crypto Assets Katz Stealer是一款功能强大的恶意软件即服务工具，通过钓鱼邮件和恶意下载传播。它能够窃取密码、加密货币密钥及聊天记录，并利用多阶段感染链和 evasion 技术躲避检测。... 2025-7-17 13:0:37 | 阅读: 17 | 收藏 | SentinelOne - www.sentinelone.com katz stealer c2 passwords infostealer

The Good, the Bad and the Ugly in Cybersecurity – Week 28 执法机构针对涉嫌参与网络间谍活动的威胁行为者展开行动，包括与丝绸台风（Hafnium）有关的中国公民 Xu Zewei 和与 APT45 有关的朝鲜公民 Song Kum Hyok。同时，英国警方逮捕了涉嫌参与 DragonForce 勒索软件攻击的四名嫌疑人。此外，ZuRu 恶意软件通过伪装成合法应用传播至 macOS 系统，而印度威胁组织 DoNot Team 则利用 LoptikMod RAT 展开针对欧洲机构的间谍活动。... 2025-7-11 13:0:1 | 阅读: 18 | 收藏 | SentinelOne - www.sentinelone.com zuru donot termius khepri european

macOS.ZuRu Resurfaces | Modified Khepri C2 Hides Inside Doctored Termius App macOS.ZuRu是一种通过篡改合法应用程序传播的后门程序，最初通过中毒Baidu搜索结果感染用户。最新变种利用Termius等工具的恶意版本，在运行时下载Khepri C2信标并安装持久化模块以维持长期控制。... 2025-7-10 09:55:29 | 阅读: 23 | 收藏 | SentinelOne - www.sentinelone.com termius zuru c2 khepri localized

The Good, the Bad and the Ugly in Cybersecurity – Week 27 全球执法机构针对朝鲜网络欺诈、加密投资诈骗及俄罗斯网络犯罪生态系统展开行动。朝鲜通过伪装身份的IT员工渗透美国企业，涉及资金超500万美元。同时，五人因洗钱5.4亿美元被捕。美国制裁与俄罗斯关联的Aeza集团。此外，美机构警告伊朗可能对关键基础设施发动网络攻击。朝鲜还利用恶意软件针对Web3公司展开攻击。... 2025-7-4 16:0:56 | 阅读: 26 | 收藏 | SentinelOne - www.sentinelone.com north korean iran dprk trojan

macOS NimDoor | DPRK Threat Actors Target Web3 and Crypto Platforms with Nim-Based Malware 朝鲜黑客利用Nim编译的二进制文件和多个攻击链针对Web3和加密货币公司发起攻击，使用进程注入、wss通信、AppleScript信标，并窃取浏览器、Keychain和Telegram数据。... 2025-7-2 09:55:37 | 阅读: 22 | 收藏 | SentinelLabs - www.sentinelone.com llc nim googie c2

The Good, the Bad and the Ugly in Cybersecurity – Week 26 美国起诉英国籍网络攻击者Kai West涉嫌2500万美元数据盗窃；俄罗斯APT28利用Signal平台针对乌克兰开展恶意软件活动；中国 Salt Typhoon针对加拿大电信公司展开网络间谍活动。... 2025-6-27 17:0:55 | 阅读: 26 | 收藏 | SentinelOne - www.sentinelone.com west canadian salt typhoon apt28

The Good, the Bad and the Ugly in Cybersecurity – Week 25 美国国防部与OpenAI合作开发AI能力以提升网络安全和作战准备；威胁组织利用GitHub分发恶意软件；Google Chrome零日漏洞被用于传播后门程序。... 2025-6-20 13:0:52 | 阅读: 29 | 收藏 | SentinelOne - www.sentinelone.com curse water taxoff pentagon malicious

Inside the SentinelOne + AWS Partnership: Smarter Cloud Security at re:Inforce 2025 SentinelOne与AWS合作开发了20多个云安全服务集成，提升威胁检测和响应能力，并通过AWS市场提供解决方案及加入工作负载迁移计划，帮助客户安全高效地使用云服务。... 2025-6-17 16:39:39 | 阅读: 20 | 收藏 | SentinelOne - www.sentinelone.com security cloud marketplace migration threats