Experience Aryakas Unified SASE as a Service Take The Interactive Tour >>
blog Recursos Laboratorio de investigación de amenazas Contacta con nosotras Inicio de sesión de cliente Reserve una demostración
aryaka aryaka
img

Inteligencia para adelantarse a las ciberamenazas

Las ciberamenazas evolucionan rápidamente – y Aryaka también. El Laboratorio de Investigación de Amenazas de Aryaka, dirigido por el doctor Aditya K. Sood, ofrece inteligencia e investigación sobre amenazas para ayudar a las empresas a detectar, mitigar y defenderse de forma proactiva de los riesgos emergentes.
Dirigido por Aditya K. Sood, Ph.D., el Laboratorio de Investigación de Amenazas de Aryaka impulsa la innovación alimentando con conocimientos avanzados sobre amenazas la plataforma SASE unificada como servicio de Aryaka.

Contributors

Aditya K Sood
Aditya K Sood

VP of Security Engineering and AI Strategy

Read Bio >

Varadharajan K
Varadharajan K

Principal Threat Research Engineer

Read Bio >

Explore our latest research below

Blog
Report
Whitepapers
News

Espionaje sin ruido: Comprender las campañas duraderas de APT36

Las infraestructuras críticas de todo el mundo están amenazadas por «ecosistemas de espionaje» altamente organizados y patrocinados por el Estado.…

Read Blog

Fantasmas en la nube: Los estafadores explotan el almacenamiento en la nube de Google para campañas engañosas

Todo empezó con un susurro: unos cuantos correos electrónicos sin pretensiones deslizándose en las bandejas de entrada un martes por…

Read Blog

BatShadow: un actor vietnamita de amenazas amplía sus operaciones digitales

Por Aditya K Sood | Por Varadharajan K | 25 de septiembre de 2025 Obtenga el nuevo informe sobre amenazas…

Read Blog

Internet Technology Letters de Wiley publicó una investigación sobre IA generativa para la caza adaptativa de amenazas

Recientemente, publicamos un artículo de investigación en la revista Wiley’s Internet Technology Letters sobre la importancia de la Generative (GenAI)…

Read Blog

La APT Kimsuky de Corea del Norte: Una amenaza sigilosa que se adapta a la evolución del mundo digital

Por Aditya K Sood | Por Varadharajan K | 29 de julio de 2025 En el paisaje hiperconectado actual, la…

Read Blog

Fortificando su red: Cómo el SASE unificado de Aryaka protege contra amenazas avanzadas como Remcos RAT

En el cambiante panorama de la ciberseguridad, amenazas como Remcos RAT (troyano de acceso remoto) se han vuelto cada vez…

Read Blog

La revista Communications of the ACM publica una investigación avanzada sobre la seguridad de la IA

Nuestra última investigación sobre los retos asociados a losmodelosde IA maliciosos se ha publicado en la revista Communications of the…

Read Blog

Remcos en la Red: Análisis de artefactos de red y estructuras de mando C2

Por Varadharajan K | Por Bikash Dash | 02 de junio de 2025 Visión general Remcos es un troyano de…

Read Blog

Snake Infostealer: Una mirada a la exfiltración de datos a través de SMTP

La exfiltración de datos a través del Protocolo Simple de Transferencia de Correo (SMTP) es un método sólido que los…

Read Blog

Presentación del Laboratorio de Investigación de Amenazas Aryaka

Las amenazas a la ciberseguridad evolucionan a un ritmo sin precedentes, poniendo a las organizaciones en riesgo constante. Para adelantarse…

Read Blog

SaltTyphoon APT: SASE unificado como servicio al rescate

Visión general Sucesos como SaltTyphoon son un excelente recordatorio de la susceptibilidad de las empresas y los usuarios a las…

Read Blog

Interrumpir la superficie de ataque con SASE unificado como servicio mediante la disuasión de la comunicación maliciosa

La ciberseguridad resistente es un enfoque estratégico que hace hincapié en la capacidad de una organización para resistir, adaptarse y…

Read Blog
report 1

Desvelando el C&C y la artesanía de red de Transparent Tribe (APT36)

El Gobierno y la defensa indios en el punto de mira

View Report
report 2

Estafa en la nube

Cómo los atacantes utilizan el almacenamiento en la nube de Google para lanzar campañas de fraude en varias fases

View Report
report 3

Un actor vietnamita de amenazas amplía sus operaciones

La nueva campaña "BatShade" toma protagonismo

View Report
report 5

Del reconocimiento al control

El plan operativo del APT Kimusky para el ciberespionaje

View Report
whitepaper 1

Laboratorio de investigación de amenazas Aryaka

Interrumpir la superficie de ataque con SASE unificado como servicio mediante la disuasión de la comunicación maliciosa

Read Whitepaper
techradar

Russian hackers target HR departments with vicious new ‘BlackSanta’ malware

Russian hackers have been targeting Human Resources (HR) departments at various organizations around the world with a never-before seen piece…

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

HR departments are being targeted with fake resumes that disable security protection

A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is…

Read News
security week

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and…

Read News
SC Media

BlackSanta ‘EDR-killer’ malware targets HR departments

A specialized “EDR-killer” malware module known as BlackSanta has been discovered operated by a Russian-speaking threat actor that primarily targets…

Read News
hackread

BlackSanta Malware Targets HR Staff with Fake CV Downloads

Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications,…

Read News
infosecurity trl

BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign

A new malware campaign targeting human resources and recruiting staff has seen attackers distribute malicious files disguised as job applications.

Read News
gbhackers

HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware

Threat actors are increasingly targeting human resources (HR) departments by disguising malware as job application documents.

Read News
security boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Russian threat actors have targeted HR employees and recruiters for more than a year with a sophisticated campaign that includes…

Read News
CSO

Resumés with malicious ISO attachments are circulating, says Aryaka

HR staff need to understand that these unfamiliar files execute commands and shouldn’t be opened.

Read News
DarkReading

‘BlackSanta’ EDR Killer Targets HR Workflows

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

Read News
theregister logo

Fake job applications pack malware that kills endpoint detection before stealing data

A Russian-speaking cyber criminal is targeting corporate HR teams with fake CVs that quietly install malware which can disable security…

Read News
bleepingcomputer

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new…

Read News
help net security

HR, recruiters targeted in year-long malware campaign

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered.

Read News
Computer weekly

Convergence – The Sequel (And How To Avoid Trade-Offs)

I recently published a blog, post-conversation with Albert Estevez Polo (current leader in “Broadband-Testing name of the year 2026” competition)…

Read News
Computer weekly

Making sense of AI’s role in cyber security

Cyber security companies have jumped on the AI bandwagon. We look at where artificial intelligence is a useful add-on and…

Read News
cyber security news

APT36 Hacker Group Attacking Linux Systems with New Tools to Disturb Services

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux…

Read News
The Hackewr news

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux…

Read News
SC Media

Report sheds light on multi-pronged APT36 attacks against India

Indian government and defense organizations have been targeted by Pakistan-linked threat group APT36, also known as Transparent Tribe, in multiple…

Read News
security week

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

Transparent Tribe (APT36) is targeting Indian defense and government sectors with GETA, ARES, and Desk RATs in a new wave…

Read News
gbhackers logo

APT36 Targets Linux Systems With New Tools Designed to Disrupt Services

Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored “espionage ecosystems.”

Read News
Computer weekly

From promise to proof: making AI security adoption tangible

The Security Think Tank considers what CISOs and buyers need to know to cut through the noise around AI and…

Read News
Cloud 365

Unified SASE e Segurança Integrada Marcam os Desafios Reais dos CISO Portugueses

A visibilidade continua a ser um dos principais problemas dos CISO. Não por falta de ferramentas, mas pela fragmentação dos…

Read News
Computer weekly

From trust to turbulence: Cyber’s road ahead in 2026

As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year,…

Read News
CSO

Suspicious traffic could be testing CDN evasion, says expert

An individual or group is doing new probing of content delivery networks (CDNs), an effort that CSOs, CIOs and network…

Read News
Forbes

New Android Warning As Humanized Password Stealer Confirmed

New Android Warning As Humanized Password Stealer Confirmed

Read News
DarkReading

Vampire Bot Malware Sinks Fangs Into Job Hunters

The campaign is the latest by BatShadow, one of a growing number of cybercrime groups operating out of Vietnam.

Read News
IT Brief

BatShade: Vietnamese threat actor expands its digital operations

Aryaka Threat Research Labs has identified a new campaign by the Vietnamese threat actor BatShade, which continues to rely on…

Read News
Security Brief

BatShade: Vietnamese threat actor expands its digital operations

Aryaka Threat Research Labs has identified a new campaign by the Vietnamese threat actor BatShade, which continues to rely on…

Read News
The Hackewr news

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive…

Read News
The Hackewr news

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO’s real job isn’t just to secure technology—it’s to preserve institutional…

Read News
Bankind Info

Breach Roundup: Vidar Strikes Back

Every week, ISMG rounds up cybersecurity incidents and breaches around the world. This week, the Vidar infostealer is badder than…

Read News
DarkReading

Vidar Infostealer Back With a Vengeance

The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to…

Read News
SC Media

Adoption of Vidar infostealer on the rise, report finds

More cybercriminals have been utilizing the Vidar information stealer in attacks this year due to the malware’s low barrier of…

Read News
trl silicon

Vidar infostealer gains traction among cybercriminals as ease of use drives adoption

A new report released today by secure access service edge provider Aryaka Networks Inc. is warning of the growing threat…

Read News
DarkReading

How Evolving RATs Are Redefining Enterprise Security Threats

A more unified and behavior-aware approach to detection can significantly improve security outcomes.

Read News
DarkReading

Rubio Impersonator Signals Growing Security Threat From Deepfakes

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the…

Read News
Computer weekly

Fortifying the future: The pivotal role of CISOs in AI operations

The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based…

Read News
CPO

French Luxury Giant Dior Confirms Data Breach after a Cyber Attack

French luxury giant Dior has confirmed a data breach after experiencing a cyber attack that resulted in unauthorized access to…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Ransomware hits Kettering Health: Experts speak out

Amajor ransomware attack has struck Kettering Health, a nonprofit network operating 14 medical centres and more than 120 outpatient facilities…

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

M&S hackers used employee logins from third-party consulting firm TCS, sources say

New information reveals Scattered Spider, the ransomware group responsible for the Marks & Spencer (M&S) cyberattack, allegedly gained access to…

Read News
Aryaka Threat Research Lab News Coverage - Digital Journal

Perfume and steel: Dior and Nucor in cyberattacks

Luxury fashion giant Dior and steel manufacturing giant Nucor both announced that the companies were dealing with cybersecurity incidents. This…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Coinbase offers USD $20 million bounty after insider data breach

Coinbase, one of the world’s largest cryptocurrency exchanges, has confirmed it suffered a significant data breach orchestrated by cybercriminals who…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Alabama cyberattack exposes state staff credentials, disrupts services

The state of Alabama is investigating a significant cybersecurity incident that has led to the disruption of certain government services…

Read News
Computer weekly

Unspoken risk: Human factors undermine trusted platforms

A leak of information on American military operations caused a major political incident in March 2025.

Read News
itpro logo

What is polymorphic malware?

Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses

Read News
easyprey

Safe AI Implementation

Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures.

Read News
itpro logo

Malware-free attacks: The threat to businesses

Malware-free attacks are a growing risk – what can businesses do to mitigate them?

Read News
security news

Kidney dialysis firm DaVita hit by weekend ransomware attack

DaVita, a kidney dialysis company, has experienced a ransomware attack. The organization disclosed the incident in a filing with the…

Read News
helpnetsecurity

Strategic AI readiness for cybersecurity: From hype to reality

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity.

Read News
sc media

Fate of DNA data raises privacy, identity issues in 23andMe bankruptcy

News of the troubled DNA testing services company 23andMe filing for Chapter 11 bankruptcy protection set off a spirited debate…

Read News
enterprise security tech

23andMe Bankruptcy Sparks Urgent DNA Data Privacy Reckoning

In what could become a defining moment for consumer privacy in the digital age, 23andMe — the once high-flying genetics…

Read News
dark reading

23andMe Bankruptcy Filing May Put Sensitive Data at Risk

Genetic testing company 23andMe quietly filed for bankruptcy over the weekend, and now security experts are worried about the fate…

Read News
sc media uk

DeepSeek AI: The Hidden Perils of Data Privacy and Security

DeepSeek AI is a cautionary tale that underscores the need for greater security, transparency and accountability in the AI ecosystem.

Read News
csi

DeepSeek – A Deep Dive Reveals More Than One Red Flag

Like many advanced AI-driven tools, the Chinese DeepSeek AI application offers incredible innovation. Still, it raises significant data privacy concerns…

Read News
betanews

How GenAI adoption introduces network and security challenges [Q&A]

Enterprises are increasingly using GenAI to transform their organization. As they move ahead, they’re evaluating their preparedness from a business,…

Read News
security brief

Experts warn of security risks as DeepSeek limits new sign-ups

Cybersecurity experts have raised concerns over potential security risks in DeepSeek’s artificial intelligence platform after the Chinese AI startup announced…

Read News
Blog

Espionaje sin ruido: Comprender las campañas duraderas de APT36

Read Blog

Fantasmas en la nube: Los estafadores explotan el almacenamiento en la nube de Google para campañas engañosas

Read Blog

BatShadow: un actor vietnamita de amenazas amplía sus operaciones digitales

Read Blog

Internet Technology Letters de Wiley publicó una investigación sobre IA generativa para la caza adaptativa de amenazas

Read Blog

La APT Kimsuky de Corea del Norte: Una amenaza sigilosa que se adapta a la evolución del mundo digital

Read Blog

Fortificando su red: Cómo el SASE unificado de Aryaka protege contra amenazas avanzadas como Remcos RAT

Read Blog

La revista Communications of the ACM publica una investigación avanzada sobre la seguridad de la IA

Read Blog

Remcos en la Red: Análisis de artefactos de red y estructuras de mando C2

Read Blog

Snake Infostealer: Una mirada a la exfiltración de datos a través de SMTP

Read Blog

Presentación del Laboratorio de Investigación de Amenazas Aryaka

Read Blog

SaltTyphoon APT: SASE unificado como servicio al rescate

Read Blog

Interrumpir la superficie de ataque con SASE unificado como servicio mediante la disuasión de la comunicación maliciosa

Read Blog
Reports

Desvelando el C&C y la artesanía de red de Transparent Tribe (APT36)

El Gobierno y la defensa indios en el punto de mira

View Report

Estafa en la nube

Cómo los atacantes utilizan el almacenamiento en la nube de Google para lanzar campañas de fraude en varias fases

View Report

Un actor vietnamita de amenazas amplía sus operaciones

La nueva campaña "BatShade" toma protagonismo

View Report

Del reconocimiento al control

El plan operativo del APT Kimusky para el ciberespionaje

View Report
Whitepapers

Laboratorio de investigación de amenazas Aryaka

Interrumpir la superficie de ataque con SASE unificado como servicio mediante la disuasión de la comunicación maliciosa

Read Whitepaper
News
techradar

Russian hackers target HR departments with vicious new ‘BlackSanta’ malware

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

HR departments are being targeted with fake resumes that disable security protection

Read News
security week

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

Read News
SC Media

BlackSanta ‘EDR-killer’ malware targets HR departments

Read News
hackread

BlackSanta Malware Targets HR Staff with Fake CV Downloads

Read News
infosecurity trl

BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign

Read News
gbhackers

HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware

Read News
security boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Read News
CSO

Resumés with malicious ISO attachments are circulating, says Aryaka

Read News
DarkReading

‘BlackSanta’ EDR Killer Targets HR Workflows

Read News
theregister logo

Fake job applications pack malware that kills endpoint detection before stealing data

Read News
bleepingcomputer

New ‘BlackSanta’ EDR killer spotted targeting HR departments

Read News