2024
RESEARCH: DPRK 'IT' Workers
These workers often operate globally, leveraging their positions to further the objectives of the North Korean government and its cyber warfare units..
threat-actors
THREAT ACTOR: APT45 ('Onyx Sleet')
Onyx Sleet, also known by aliases such as Andariel, Plutonium, and Silent Chollima, is a North Korean cyber threat actor involved in cyber espionage and targeting critical sectors, including nuclear technology.
kematian-stealer
RESEARCH: Kematian Stealer
This malware is designed to covertly exfiltrate sensitive data from infected systems.. Great- github is hosting more malware. awesome.
orb-networks
RESEARCH: IoCs are dead. Long Live IoCs.
Orb networks, also known as Operational Relay Box (ORB) networks, are sophisticated proxy networks used by APT groups, particularly Chinese cyber-espionage actors, to obfuscate their activities and evade detection.
rootkit
RESEARCH: Top 3 rootkits for Windows 11
Rootkits are a particularly insidious type of malware designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer.
threat-actors
RESEARCH: Storm-1811
Storm-1811 is a sophisticated and financially motivated cybercriminal group known for its advanced techniques and targeted attacks, including the deployment of Black Basta ransomware..
threat-actors
RESEARCH: Who is SocGholish?
SocGholish is a sophisticated malware family that has been active since at least April 2018. It is primarily known for its drive-by-download method, masquerading as software updates to trick users into..
threat-actors
RESEARCH: Bear Eats TeamViewer..
This breach is significant due to TeamViewer's widespread use in remote access and management, making it a critical target for cyber threats. The breach has been attributed to APT29, a state-sponsored threat actor associated with...
RESEARCH: Zergeca botnet
The Zergeca botnet is significant due to its sophisticated capabilities, which extend beyond typical Distributed Denial of Service (DDoS) attacks to include functionalities such as proxying, scanning, self-upgrading, file transfer, reverse shell, and collecting sensitive device information. This analysis is crucial for law enforcement and cybersecurity professionals to understand the
research
RESEARCH: Top 5 most popular Command and Control (C2) frameworks used by Threat Actors in 2024
Command and Control (C2) frameworks are critical tools used by both threat actors and cybersecurity professionals for managing compromised systems, conducting post-exploitation activities, and simulating adversary behavior..
News
HUMINT
This is AlphaHunt, a brand new site by CSIRT Gadgets that's just getting started. Things will be up and running here shortly, but you can subscribe in the meantime if you'd like to stay up to date and receive emails when new content is published!