APT ANALYSIS
Open in Telegram
Анализ APT с фокусом на моделирование, обнаружение и управление сложными атаками. Предоставление точных данных и решений для прогнозирования угроз с реальным опытом в области безопасности.
Show more1 730
Subscribers
No data24 hours
+47 days
-46030 days
Posts Archive
1 730
♣️Behind Khmer Shadow: Targeted espionage against Cambodian government entities
👁Blog : https://www.acronis.com/en/tru/posts/behind-khmer-shadow-targeted-espionage-against-cambodian-government-entities
♣️Velvet Ant’s Operation Highland: How a China-Nexus Actor Infiltrated an Internal Network Undetected
👁Blog : https://www.sygnia.co/blog/operation-highland-velvet-ant
♣️ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
👁Blog : https://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit
♣️Shai-Hulud Campaign Evolution: Miasma, Hades, and AI Scanner Evasion
👁Blog : https://www.zscaler.com/blogs/security-research/shai-hulud-campaign-evolution-miasma-hades-and-ai-scanner-evasion
♣️Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
👁Blog : https://www.trendmicro.com/en_us/research/26/f/old-winrar-flaw-fuels-attacks-on-ukraine.html
♣️OceanLotus: From external espionage to domestic targeting
👁Blog : https://www.welivesecurity.com/en/eset-research/oceanlotus-external-espionage-domestic-targeting
♣️Silabrat hijackloader trojan malware
👁Blog : https://www.group-ib.com/blog/silabrat-hijackloader-trojan-malware
♣️Interlock and Rhysida within the ransomware ecosystem
👁Blog : https://www.ibm.com/think/x-force/interlock-and-rhysida-within-the-ransonware-ecosystem
♣️Inside OnyxC2: The New Stealer Targeting 210 Apps
👁Blog : https://www.blackfog.com/inside-onyxc2-the-new-stealer-targeting-210-apps
♣️New NPM Supply Chain Campaign Identified : A Multi-Stage Cryptocurrency Malware with More Than 2.7 million Downloads
👁Blog : https://www.cyfirma.com/research/new-npm-supply-chain-campaign-identified-a-multi-stage-cryptocurrency-malware-with-more-than-2-7-million-downloads
♣️Initial Access: REDCap Exploitation and INFINITERED
👁Blog : https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research
♣️FishMonger’s arsenal upgraded: SprySOCKS for Windows
👁Blog : https://www.welivesecurity.com/en/eset-research/fishmongers-arsenal-upgraded-sprysocks-windows
♣️Operation Turb00 — Part 1: Analyzing and Hunting a Vidar Campaign
👁Blog : https://mrtiepolo.medium.com/operation-turb00-analyzing-and-hunting-a-vidar-campaign-b45481d8cd74
♣️Ababil of Minab Exposed: LA Metro SCADA Backups and Israeli Victim Data Left Open on an Iranian Staging Server
👁Blog : https://hunt.io/blog/ababil-of-minab-iranian-hackers-exposed-la-metro-breach-open-directory
♣️Analysis of APT37 NarwhalRAT Leveraging MS-Themed Phishing and Dead-drop C2
👁Blog : https://www.genians.co.kr/en/blog/threat_intelligence/narwhalrat
♣️Phishing Campaign Targets Banks with Fileless Phantom Stealer Malware
👁Blog : https://www.fortra.com/blog/phishing-campaign-targets-banks-fileless-phantom-stealer-malware
♣️Unveiling ErrTraffic: inside a growing ClickFix malware distribution framework
👁Blog : https://www.sekoia.com/blog/unveiling-errtraffic-inside-a-growing-clickfix-malware-distribution-framework
♣️macOS ClickFix Lures Deploy AppleScript Stealer & Persistent RAT
👁Blog : https://www.netskope.com/blog/macos-clickfix-lures-deploy-applescript-stealer-persistent-rat
♣️ClickFix Campaign Generated Via AI Delivers SmartRAT
👁Blog : https://www.zscaler.com/blogs/security-research/clickfix-campaign-generated-ai-delivers-smartrat
♣️Someone's Hands Are on Your Keyboard Then Your Whole Network. Courtesy of ClickFix, Potemkin, RMMProject and EtherRAT
👁Blog : https://www.huntress.com/blog/potemkin-loader-rmmproject-clickfix-attack
♣️AdaptixC2: Fingerprinting an Open-Source C2 Framework at Scale
👁Blog : https://censys.com/blog/adaptixc2-open-source-c2-framework
♣️Honey trap: examine the attacks of the group Hive0117 on accountants of companies in Russia and the CIS countries
👁Blog : https://www.f6.ru/blog/honey-trap-hive0117
♣️From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
👁Blog : https://www.microsoft.com/en-us/security/blog/2026/06/17/postinstall-payload-inside-mastra-npm-supply-chain-compromise
♣️Prinz Eugen ransomware: a deep dive into a new Go-based encryptor
👁Blog : https://www.threatdown.com/blog/prinz-eugen-ransomware-a-deep-dive-into-a-new-go-based-encryptor
♣️From emerging threat to top-tier ransomware-as-a-service: The evolution of INC ransomware
👁Blog : https://www.acronis.com/en/tru/posts/from-emerging-threat-to-top-tier-ransomware-as-a-service-the-evolution-of-inc-ransomware
♣️Lost in relocation: analysis of a new loader distributing CASTLESTEALER
👁Blog : https://www.elastic.co/security-labs/oxloader-malware-loader-infostealer
♣️Killing me gently: Inside Gentlemen’s EDR killer framework
👁Blog : https://www.welivesecurity.com/en/eset-research/killing-me-gently-inside-gentlemens-edr-killer-framework
♣️Fortibleed: Anatomy of the FortiBleed campaign based on the server that the attackers themselves left exposed.
👁Blog : https://zenox.ai/en/fortibleed-anatomy-of-the-fortibleed-campaign-based-on-the-server-that-the-attackers-themselves-left-exposed
♣️GhostShell (MB-0009): Targeting Ukraine’s UAV Operations and Defense Supply Chain
👁Blog : https://blog.synapticsystems.de/ghostshell-mb-0009-targeting-ukraines-uav-operations-and-defense-supply-chain
♣️An Income Tax Assessment Notice Phishing Campaign Delivering Malware
👁Blog : https://www.cyfirma.com/research/an-income-tax-assessment-notice-phishing-campaign-delivering-malware
♣️Inside FortiBleed: Reverse Engineering the CyberStrike Harvester Behind a Global FortiGate Credential Factory
👁Blog : https://arcticwolf.com/resources/blog/inside-fortibleed-reverse-engineering-the-cyberstrike-harvester-behind-a-global-fortigate-credential-factory
♣️Analyzing TAX#TRIDENT: Fake Indian Tax Lures Pivot Across ZIP, VBS, Stego and PHP-Wrapped VBS Delivery
👁Blog : https://www.securonix.com/blog/taxtrident-indian-fax-lures
♣️StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader
👁Blog : https://securelist.com/strikeshark-campaign/120326
♣️From Langflow to Monero: Inside CVE-2026-33017 Cryptominer
👁Blog : https://www.trendmicro.com/en_us/research/26/f/from-langflow-to-monero-inside-cve-2026-33017-cryptominer.html
♣️Tracking UAC-0226 Tooling Evolution: From WinRAR ADS to Reflective GIFTEDCROOK Loading
👁Blog : https://blog.synapticsystems.de/from-winrar-ads-to-reflective-loading-reversing-a-new-uac-0226-giftedcrook-chain
⭐️@APTANALYSIS
1 730
♣️Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
😈Blog : https://www.trendmicro.com/en_us/research/26/e/analyzing-void-dokkaebi-invisibleferret-malware.html
♣️Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
😈Blog : https://unit42.paloaltonetworks.com/tracking-iran-apt-screening-serpens
♣️Behind .payload: In-Depth Technical Analysis of Payload Ransomware
💀Blog : https://darkatlas.io/blog/behind-payload-in-depth-technical-analysis-of-payload-ransomware
♣️Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data
💀Blog : https://www.fortinet.com/blog/threat-research/phishing-campaign-deploys-javascript-driven-purelogs-variant-to-steal-sensitive-data
♣️RemotePE: The Lazarus RAT that lives in memory
✨Blog : https://blog.fox-it.com/2026/05/22/remotepe-the-lazarus-rat-that-lives-in-memory
♣️Fluffy Wolf tested new products on Russian companies
💀Blog : https://bi.zone/expertise/blog/fluffy-wolf-ispytal-novinki-na-rossiyskikh-kompaniyakh
♣️forge-jsxy: 22 Versions of an Actively Developed npm RAT
🌀Blog : https://safedep.io/malicious-forge-jsxy-npm-rat-evolution
♣️From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
💀Blog : https://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities
♣️The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
😈Blog : https://www.microsoft.com/en-us/security/blog/2026/05/28/the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor
♣️ShinyHunters: Silent Malware as a Service (MaaS)
😈Blog : https://ransom-isac.org/blog/shinyhunters-silent-maas
♣️Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure
😈Blog : https://www.wiz.io/blog/threat-actors-target-crypto-orgs
♣️Universities and energy attacks an unknown group, an active minimum since 2024
😈Blog : https://securelist.ru/unknown-group-targets-maritime-universities/115765
♣️Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan
😈Blog : https://www.seqrite.com/blog/operation-xenofiscal-sidecopy-deploying-persistent-xenorat-targeting-the-mof-afghanistan
♣️Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2
😈Blog : https://www.seqrite.com/blog/operation-dragon-weave-uncovering-a-china-linked-campaign-targeting-czech-republic-and-taiwan-using-azure-cloud-c2
♣️Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attacks in Thousands of Compromised Sites
❌Blog : https://www.silentpush.com/blog/drivesurge
♣️Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
😈Blog : https://safedep.io/microsoftsystem64-binary-payload-analysis
♣️FSB’s matryoshka – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm
🐈⬛Blog 1/3 : https://blog.sekoia.io/fsbs-matryoshka-1-3-gamaredons-gifts-that-keeps-unpacking-gammaphish-and-gammaworm
🐈⬛Blog 2/3 : https://blog.sekoia.io/fsbs-matryoshka-2-3-gamaredons-gifts-that-keeps-unpacking-gammaload
🐈⬛Blog 3/3 : https://blog.sekoia.io/fsbs-matryoshka-3-3-gamaredons-gifts-that-keeps-unpacking-gammasteel
♣️From Fake Purchase Orders to Remote Access: Analyzing the JS.MonoGlyphRAT Threat to US Enterprises
😐Blog : https://any.run/cybersecurity-blog/monoglyphrat-attacks-us-enterprise
♣️Detecting Nimbus Manticore and their sideloading infection chains
👁🗨Blog : https://www.nextron-systems.com/2026/06/01/detecting-nimbus-manticore-and-their-sideloading-infection-chains
♣️MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain
👁Blog : https://bluecyber.hashnode.dev/mustang-panda-x-plugx-analysis-of-the-january-2026-sample-a-multi-layer-execution-chain
♣️PHANTOMPULSE: anatomy of a hijackable blockchain-C2 RAT
🐺Blog : https://www.elastic.co/security-labs/blockchain-c2-phantompulse-rat-sinkhole
♣️TA4922: The Suspected Chinese Crime Group is Going Global
😈Blog : https://www.proofpoint.com/us/blog/threat-insight/ta4922-suspected-chinese-crime-group-going-global
♣️Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO
🔪Blog : https://www.fortinet.com/blog/threat-research/inside-cross-platform-propagation-of-new-gafgyt-variant-c0xmo
♣️Impersonation, Click Hijacking, and TDS: Inside a Malware Distribution Ecosystem
🐱Blog : https://research.checkpoint.com/2026/impersonation-click-hijacking-and-tds-inside-a-malware-distribution-ecosystem
♣️KeyCat Stealer Uncovered: Inside a $40 Multi-Platform Infostealer with Telegram C2 and Active Staging Infrastructure
😈Blog : https://flare.io/learn/resources/blog/keycat-stealer-multi-platform-infostealer
♣️From Malspam to Fileless .NET Loader
😈Blog : https://www.huntress.com/blog/malspam-to-loader-delivery-chain-analysis
♣️ReliaQuest's Agentic AI Uncovers New China-Linked Cluster OP-512
😈Blog : https://reliaquest.com/blog/threat-spotlight-reliaquests-agentic-ai-uncovers-new-china-linked-cluster-op-512
♣️Bait for the commander: we study the attacks of the cyberspy group SiribClone on the Russian military
😶Blog : https://www.f6.ru/blog/siribclone
♣️Operation TaxShadow : Multi-Region Tax Phishing & In-Memory Malware Campaign
😈Blog : https://www.cyfirma.com/research/operation-taxshadow-multi-region-tax-phishing-in-memory-malware-campaign
♣️Don't Fear the Repo: UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency
😈Blog : https://www.proofpoint.com/us/blog/threat-insight/dont-fear-repo-unkdeaddrop-phishing-campaign-targets-developers-steal
♣️AI brands as bait: How threat actors are using the AI hype in social engineering
😈Blog : https://www.microsoft.com/en-us/security/blog/2026/06/08/ai-brands-as-bait-how-threat-actors-are-using-the-ai-hype-in-social-engineering
⭐️@APTANALYSIS
1 730
♣️Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
😈Blog : https://www.trendmicro.com/en_us/research/26/e/analyzing-void-dokkaebi-invisibleferret-malware.html
♣️Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
😈Blog : https://unit42.paloaltonetworks.com/tracking-iran-apt-screening-serpens
♣️Behind .payload: In-Depth Technical Analysis of Payload Ransomware
💀Blog : https://darkatlas.io/blog/behind-payload-in-depth-technical-analysis-of-payload-ransomware
♣️Phishing Campaign Deploys JavaScript-Driven PureLogs Variant to Steal Sensitive Data
💀Blog : https://www.fortinet.com/blog/threat-research/phishing-campaign-deploys-javascript-driven-purelogs-variant-to-steal-sensitive-data
♣️RemotePE: The Lazarus RAT that lives in memory
✨Blog : https://blog.fox-it.com/2026/05/22/remotepe-the-lazarus-rat-that-lives-in-memory
♣️Fluffy Wolf tested new products on Russian companies
💀Blog : https://bi.zone/expertise/blog/fluffy-wolf-ispytal-novinki-na-rossiyskikh-kompaniyakh
♣️forge-jsxy: 22 Versions of an Actively Developed npm RAT
🌀Blog : https://safedep.io/malicious-forge-jsxy-npm-rat-evolution
♣️From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
💀Blog : https://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities
♣️The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
😈Blog : https://www.microsoft.com/en-us/security/blog/2026/05/28/the-gentlemen-ransomware-dissecting-a-self-propagating-go-encryptor
♣️ShinyHunters: Silent Malware as a Service (MaaS)
😈Blog : https://ransom-isac.org/blog/shinyhunters-silent-maas
♣️Commit to Compromise: A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure
😈Blog : https://www.wiz.io/blog/threat-actors-target-crypto-orgs
♣️Universities and energy attacks an unknown group, an active minimum since 2024
Blog : https://securelist.ru/unknown-group-targets-maritime-universities/115765
♣️Operation XENOFISCAL: SideCopy deploying persistent XenoRAT targeting the MoF, Afghanistan
😈Blog : https://www.seqrite.com/blog/operation-xenofiscal-sidecopy-deploying-persistent-xenorat-targeting-the-mof-afghanistan
♣️Operation Dragon Weave : Uncovering a China-Linked Campaign Targeting Czech Republic and Taiwan Using Azure Cloud C2
😈Blog : https://www.seqrite.com/blog/operation-dragon-weave-uncovering-a-china-linked-campaign-targeting-czech-republic-and-taiwan-using-azure-cloud-c2
♣️Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attacks in Thousands of Compromised Sites
❌Blog : https://www.silentpush.com/blog/drivesurge
♣️Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
😈Blog : https://safedep.io/microsoftsystem64-binary-payload-analysis
♣️FSB’s matryoshka – Gamaredon’s gifts that keeps unpacking – GammaPhish and GammaWorm
🐈⬛Blog 1/3 : https://blog.sekoia.io/fsbs-matryoshka-1-3-gamaredons-gifts-that-keeps-unpacking-gammaphish-and-gammaworm
🐈⬛Blog 2/3 : https://blog.sekoia.io/fsbs-matryoshka-2-3-gamaredons-gifts-that-keeps-unpacking-gammaload
🐈⬛Blog 3/3 : https://blog.sekoia.io/fsbs-matryoshka-3-3-gamaredons-gifts-that-keeps-unpacking-gammasteel
♣️From Fake Purchase Orders to Remote Access: Analyzing the JS.MonoGlyphRAT Threat to US Enterprises
😐Blog : https://any.run/cybersecurity-blog/monoglyphrat-attacks-us-enterprise
♣️Detecting Nimbus Manticore and their sideloading infection chains
👁🗨Blog : https://www.nextron-systems.com/2026/06/01/detecting-nimbus-manticore-and-their-sideloading-infection-chains
♣️MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain
👁Blog : https://bluecyber.hashnode.dev/mustang-panda-x-plugx-analysis-of-the-january-2026-sample-a-multi-layer-execution-chain
♣️PHANTOMPULSE: anatomy of a hijackable blockchain-C2 RAT
🐺Blog : https://www.elastic.co/security-labs/blockchain-c2-phantompulse-rat-sinkhole
♣️TA4922: The Suspected Chinese Crime
1 730
👿 sellers and buyers of underground markets
🤬You must have a premium or known account to join.
🤬Fake accounts cannot join.
😂Underground market accounts will be verified quickly.
https://t.me/+58XWHpQvOhRkODhk
1 730
💀Monthly collection
♣️Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
💀Blog : https://www.trendmicro.com/en_us/research/26/e/banana-rat.html
♣️Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows
💀Blog : https://www.bitdefender.com/en-us/blog/labs/microsofts-mshta-legacy-malware-windows
♣️Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit
💀Blog : https://socket.dev/blog/coruna-respawned-compromised-art-template-npm-package
♣️Gamaredon’s infection chain: Spoofed emails, GammaDrop and GammaLoad
💀Blog : https://harfanglab.io/insidethelab/gamaredon-gammadrop-gammaload
⭐️@APTANALYSIS
1 730
🌟Stealer & Ransom Analysis Collection
♣️Phantom Stealer Analysis: Inside the Two-Layer Attack Chain Hidden Behind a Windows DLL
⚫Blog : https://darkatlas.io/blog/phantom-stealer-analysis-inside-the-two-layer-attack-chain-hidden-behind-a-windows-dll
♣️Amatera Stealer 4.0.2 Beta: What's New in This Variant
⚫Blog : https://www.esentire.com/blog/amatera-stealer-4-0-2-beta-whats-new-in-this-variant
♣️crpx0 Ransomware Operations | Double Extortion, Crypto Theft, and Network Footprint
⚫Blog : https://www.aryaka.com/docs/reports/crpx0-ransomware-operations-report.pdf
⭐️@APTANALYSIS
1 730
♣️INJ3CTOR3’s Self-Healing FreePBX Toll Fraud Campaign
👶Blog : https://cyble.com/blog/jomangy-inj3ctor3s-self-healing-freepbx-toll-fraud-campaign
⭐️@APTANALYSIS
1 730
♣️UAC-0244 / UAC-0247: Malware Targeting FPV drone operators
🖤Blog : https://blog.synapticsystems.de/uac-0247-malware-targeting-fpv-operators
♣️UAC-0184: From HTA to a Signed Network Stack
🖤Blog : https://blog.synapticsystems.de/uac-0184-from-hta-to-a-signed-network-stack
⭐️@APTANALYSIS
1 730
Repost from Threat Market
🌟Полный пакет программного обеспечения для управления файлами cookie {новое обновление} будет доступен в ближайшее время.
🇷🇺Channel : @ThreatMarket
1 730
Repost from Threat Market
🦇 SPECIAL CARGO IS COMING
😈We're about to host something extraordinary!
👁The ultimate, hand-picked collection of Red Team and Offensive Security courses is on its way. From zero to hero, for all skill levels (beginner to advanced). If you want to shine in the world of Offensive Security, this is the opportunity you've been waiting for!
🟥 An educational bomb-complete and flawless.
🤤 Coming soon to Threat Market . . .
😅@ThreatMarket
1 730
Repost from Threat Market
🖤THREAT MARKET Website
Здесь продаются логи, инструменты для работы с данными, доступы и всё, что обращается в тени подпольных рынков - без имён и без следов.
😈Site : https://threatmarket.ru
👹Bot : @ThreatMarketBot
1 730
💀Hot headlines over the past week
♣️How ClickFix Opens the Door to Stealthy StealC Information Stealer
💿Blog : https://www.levelblue.com/blogs/spiderlabs-blog/how-clickfix-opens-the-door-to-stealthy-stealc-information-stealer
♣️Odyssey Stealer: Inside a macOS Crypto-Stealing Operation
⏳Blog : https://censys.com/blog/odyssey-stealer-macos-crypto-stealing-operation
♣️Lotus Blossom (G0030) and the Notepad++ Supply-Chain Espionage Campaign
🟥Blog : https://dti.domaintools.com/research/lotus-blossom-and-the-notepad-supply-chain-espionage-campaign
♣️LummaStealer Is Getting a Second Life Alongside CastleLoader
🌎Blog : https://www.bitdefender.com/en-us/blog/labs/lummastealer-second-life-castleloader
♣️LockBit strikes with new 5.0 version, targeting Windows, Linux and ESXI systems
🔮Blog : https://www.acronis.com/en/tru/posts/lockbit-strikes-with-new-50-version-targeting-windows-linux-and-esxi-systems
⭐️@APTANALYSIS
1 730
♣️Tenant from Hell: Prometei's Unauthorized Stay in Your Windows Server
🖥Blog : https://www.esentire.com/blog/tenant-from-hell-prometeis-unauthorized-stay-in-your-windows-server
⭐️@APTANALYSIS
1 730
♣️Inside Gunra RaaS: From Affiliate Recruitment on the Dark Web to Full Technical Dissection of their Locker
🍎Blog : https://www.cloudsek.com/blog/inside-gunra-raas-from-affiliate-recruitment-on-the-dark-web-to-full-technical-dissection-of-their-locker
⭐️@APTANALYSIS
1 730
♣️Detecting Russian Threats to Critical Energy Infrastructure
🔬Blog : https://www.truesec.com/hub/blog/detecting-russian-threats-to-critical-energy-infrastructure
⭐️@APTANALYSIS
Available now! Telegram Research 2025 — the year's key insights 
