Threat Research Archives - Arctic Wolf /resources/tag/threat-research/ The Leaders in Security Operations Tue, 24 Mar 2026 20:36:39 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 /wp-content/uploads/2019/11/aw-favicon-rebrand-150x150.png Threat Research Archives - Arctic Wolf /resources/tag/threat-research/ 32 32 The AI Malware Surge: Behavior, Attribution, and Defensive Readiness /resources/blog/the-ai-malware-surge-behavior-attribution-and-defensive-readiness/ Tue, 24 Mar 2026 12:59:08 +0000 /?p=130535 ... The AI Malware Surge: Behavior, Attribution, and Defensive Readiness]]> SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh /resources/blog/sloppylemming-deploys-burrowshell-and-rust-based-rat-to-target-pakistan-and-bangladesh/ Mon, 02 Mar 2026 11:00:50 +0000 /?p=129755 ... SloppyLemming Deploys BurrowShell and Rust-Based RAT to Target Pakistan and Bangladesh]]> Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine /resources/blog/romcom-utilizing-socgholish-to-deliver-mythic-agent-to-usa-companies-supporting-ukraine/ Tue, 25 Nov 2025 10:58:01 +0000 /?p=128662 ... Russian RomCom Utilizing SocGholish to Deliver Mythic Agent to U.S. Companies Supporting Ukraine]]> UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities /resources/blog/unc6384-weaponizes-zdi-can-25373-vulnerability-to-deploy-plugx/ Thu, 30 Oct 2025 15:59:04 +0000 /?p=128194 ... UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities]]> Brazilian Caminho Loader Employs LSB Steganography and Fileless Execution to Deliver Multiple Malware Families Across South America, Africa, and Eastern Europe /resources/blog/brazilian-caminho-loader-employs-lsb-steganography-to-deliver-multiple-malware-families/ Tue, 21 Oct 2025 20:55:16 +0000 /?p=128072 ... Brazilian Caminho Loader Employs LSB Steganography and Fileless Execution to Deliver Multiple Malware Families Across South America, Africa, and Eastern Europe]]> Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less /resources/blog/smash-and-grab-aggressive-akira-campaign-targets-sonicwall-vpns/ Fri, 26 Sep 2025 19:31:09 +0000 /?p=127731 ... Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less]]> GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe /resources/blog/gpugate-malware-malicious-github-desktop-implants-use-hardware-specific-decryption-abuse-google-ads-target-western-europe/ Fri, 05 Sep 2025 19:46:38 +0000 /?p=127274 ... GPUGate Malware: Malicious GitHub Desktop Implants Use Hardware-Specific Decryption, Abuse Google Ads to Target Western Europe]]> Threat Actor Profile: Interlock Ransomware /resources/blog/threat-actor-profile-interlock-ransomware/ Fri, 15 Aug 2025 15:02:28 +0000 /?p=127039 ... Threat Actor Profile: Interlock Ransomware]]> Dropping Elephant APT Group Targets Turkish Defense Industry With New Campaign and Capabilities: LOLBAS, VLC Player, and Encrypted Shellcode /resources/blog/dropping-elephant-apt-group-targets-turkish-defense-industry/ Wed, 23 Jul 2025 17:14:42 +0000 /?p=126644 ... Dropping Elephant APT Group Targets Turkish Defense Industry With New Campaign and Capabilities: LOLBAS, VLC Player, and Encrypted Shellcode]]> Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC /resources/blog/greedy-sponge-targets-mexico-with-allakore-rat-and-systembc/ Sat, 19 Jul 2025 00:55:59 +0000 /?p=126553 ... Greedy Sponge Targets Mexico with AllaKore RAT and SystemBC]]>