Read all Blogs from this Author
CloudSEK researchers have uncovered a sophisticated campaign leveraging typo-squatted “Spectrum” domains to spread a new Atomic macOS Stealer (AMOS) variant. Disguised as a CAPTCHA verification, the attack uses dynamic payloads tailored to the victim's OS—stealing passwords, bypassing macOS security, and executing malware. With Russian-language comments found in the code and flawed delivery logic, the campaign reflects both growing cross-platform ambitions and rushed execution. Dive into how this multi-platform threat operates—and why your organization should stay alert.
CloudSEK’s latest investigation uncovers how APT36 (aka Transparent Tribe) is using VPS provider Contabo to host malicious infrastructure linked to CapraRAT and Crimson RAT. One of their latest tactics? Disguising spyware as the popular messaging app Viber—armed with permissions to record calls, read messages, track location, and more. Read how we traced the infrastructure, identified key Indicators of Compromise, and uncovered the full extent of this Android surveillance campaign.
Read all Whitepapers and reports from this Author
O relatório CloudSEK sobre o cenário de ameaças de 2025 no Oriente Médio revela um forte aumento nos ataques cibernéticos liderados por hacktivistas alinhados ao estado, grupos de ransomware e mercados da dark web. Finanças, governo e telecomunicações emergiram como os principais alvos, com mais de 748 incidentes coordenados e crescentes vazamentos de dados, extorsão e violações específicas do setor. Um relatório conciso e de alto impacto que os líderes devem ler para entender as ameaças em evolução de 2025
Read MoreRead all knowledge base articles from this Author
