Experience Aryakas Unified SASE as a Service Take The Interactive Tour >>
bloguer Ressources Laboratoire de recherche sur les menaces Contactez-nous Connexion client Réservez une démo
aryaka aryaka
img

L’intelligence pour garder une longueur d’avance sur les cybermenaces

Les cybermenaces évoluent rapidement, tout comme Aryaka. Le laboratoire de recherche sur les menaces d’Aryaka, dirigé par Aditya K. Sood, Ph.D., fournit des informations et des recherches sur les menaces afin d’aider les entreprises à détecter, atténuer et se défendre de manière proactive contre les risques émergents.
Dirigé par Aditya K. Sood, Ph.D., le laboratoire de recherche sur les menaces d’Aryaka stimule l’innovation en alimentant la plateforme unifiée SASE as a Service d’Aryaka avec des informations avancées sur les menaces.

Contributors

Aditya K Sood
Aditya K Sood

VP of Security Engineering and AI Strategy

Read Bio >

Varadharajan K
Varadharajan K

Principal Threat Research Engineer

Read Bio >

Explore our latest research below

Blog
Report
Whitepapers
News

Espionnage sans bruit : Comprendre les campagnes durables d’APT36

Partout dans le monde, les infrastructures critiques sont menacées par des « écosystèmes d’espionnage » hautement organisés et parrainés par des États.…

Read Blog

Des fantômes dans le nuage : Les fraudeurs exploitent le stockage dans le nuage de Google pour mener des campagnes trompeuses

Tout a commencé par un chuchotement – quelques courriels sans prétention glissés dans les boîtes de réception un mardi matin…

Read Blog

BatShadow : un acteur vietnamien de la menace étend ses opérations numériques

Par Aditya K Sood | Par Varadharajan K | 25 sept. 2025 Obtenez le nouveau rapport sur les menaces de…

Read Blog

Les Internet Technology Letters de Wiley ont publié une recherche sur l’IA générative pour la chasse aux menaces adaptative.

Récemment, nous avons publié un article de recherche dans Internet Technology Letters de Wiley sur l’importance de l’IA générative (GenAI)…

Read Blog

L’APT Kimsuky de la Corée du Nord : Une menace furtive qui s’adapte à l’évolution du monde numérique

Par Aditya K Sood | Par Varadharajan K | 29 juillet 2025 Dans le paysage hyperconnecté d’aujourd’hui, la notion traditionnelle…

Read Blog

Fortifier votre réseau : Comment le SASE unifié d’Aryaka protège contre les menaces avancées telles que Remcos RAT

Dans le paysage évolutif de la cybersécurité, les menaces telles que Remcos RAT (Remote Access Trojan) sont devenues de plus…

Read Blog

La recherche avancée sur la sécurité de l’IA publiée dans le magazine Communications of the ACM

Nos dernières recherches sur les défis associés aux modèles d’IA malveillants ont été publiées dans le magazine Communications of the…

Read Blog

Remcos sur le fil : Analyse des artefacts du réseau et des structures de commandement C2

Par Varadharajan K | Par Bikash Dash | 02 juin 2025 Vue d’ensemble Remcos est un cheval de Troie d’accès…

Read Blog

Snake Infostealer : Un aperçu de l’exfiltration de données via SMTP

L’exfiltration de données via le protocole SMTP (Simple Mail Transfer Protocol) est une méthode robuste utilisée par les attaquants pour…

Read Blog

Présentation du laboratoire de recherche sur les menaces d’Aryaka

Les menaces de cybersécurité évoluent à un rythme sans précédent, exposant les entreprises à un risque constant. Pour garder une…

Read Blog

SaltTyphoon APT : SASE unifié en tant que service à la rescousse

Vue d’ensemble Des événements tels que SaltTyphoon nous rappellent que les entreprises et les utilisateurs sont exposés à des violations…

Read Blog

Perturber la surface d’attaque avec le SASE unifié en tant que service en dissuadant les communications malveillantes

La cybersécurité résiliente est une approche stratégique qui met l’accent sur la capacité d’une organisation à résister aux cybermenaces et…

Read Blog
report 1

Levée de voile sur les techniques de C&C et de réseau de Transparent Tribe (APT36)

Ciblage du gouvernement et de la défense indiens

View Report
report 2

Escroquerie dans le nuage

Comment les attaquants utilisent le stockage dans le nuage de Google pour lancer des campagnes de fraude en plusieurs étapes

View Report
report 3

Un acteur vietnamien de la menace étend ses activités

La nouvelle campagne "BatShade" occupe le devant de la scène

View Report
report 5

De la reconnaissance au contrôle

Le schéma opérationnel de l'APT Kimusky pour le cyber-espionnage

View Report
whitepaper 1

Laboratoire de recherche sur les menaces d’Aryaka

Perturber la surface d’attaque avec le SASE unifié en tant que service en dissuadant les communications malveillantes

Read Whitepaper
the hacker news

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

A VBScript loader prepares the system and silently installs the components needed to run Python-based code. This is where the…

Read News
Sc media

New CRPx0 malware campaign uses OnlyFans lure for crypto theft and ransomware

A complex and stealthy malware campaign dubbed CRPx0 is targeting MacOS and Windows systems, with potential Linux capabilities in development.…

Read News
securityweek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 is a complex, stealthy and persistent malware campaign. It currently targets macOS and Windows systems, and appears to have…

Read News
techradar

Russian hackers target HR departments with vicious new ‘BlackSanta’ malware

Russian hackers have been targeting Human Resources (HR) departments at various organizations around the world with a never-before seen piece…

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

HR departments are being targeted with fake resumes that disable security protection

A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is…

Read News
security week

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and…

Read News
SC Media

BlackSanta ‘EDR-killer’ malware targets HR departments

A specialized “EDR-killer” malware module known as BlackSanta has been discovered operated by a Russian-speaking threat actor that primarily targets…

Read News
hackread

BlackSanta Malware Targets HR Staff with Fake CV Downloads

Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications,…

Read News
infosecurity trl

BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign

A new malware campaign targeting human resources and recruiting staff has seen attackers distribute malicious files disguised as job applications.

Read News
gbhackers

HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware

Threat actors are increasingly targeting human resources (HR) departments by disguising malware as job application documents.

Read News
security boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Russian threat actors have targeted HR employees and recruiters for more than a year with a sophisticated campaign that includes…

Read News
CSO

Resumés with malicious ISO attachments are circulating, says Aryaka

HR staff need to understand that these unfamiliar files execute commands and shouldn’t be opened.

Read News
DarkReading

‘BlackSanta’ EDR Killer Targets HR Workflows

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

Read News
theregister logo

Fake job applications pack malware that kills endpoint detection before stealing data

A Russian-speaking cyber criminal is targeting corporate HR teams with fake CVs that quietly install malware which can disable security…

Read News
bleepingcomputer

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new…

Read News
help net security

HR, recruiters targeted in year-long malware campaign

An attack campaign targeting HR departments and job recruiters has been stealthily compromising systems, Aryaka researchers have discovered.

Read News
Computer weekly

Convergence – The Sequel (And How To Avoid Trade-Offs)

I recently published a blog, post-conversation with Albert Estevez Polo (current leader in “Broadband-Testing name of the year 2026” competition)…

Read News
Computer weekly

Making sense of AI’s role in cyber security

Cyber security companies have jumped on the AI bandwagon. We look at where artificial intelligence is a useful add-on and…

Read News
cyber security news

APT36 Hacker Group Attacking Linux Systems with New Tools to Disturb Services

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux…

Read News
The Hackewr news

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Indian defense sector and government-aligned organizations have been targeted by multiple campaigns that are designed to compromise Windows and Linux…

Read News
SC Media

Report sheds light on multi-pronged APT36 attacks against India

Indian government and defense organizations have been targeted by Pakistan-linked threat group APT36, also known as Transparent Tribe, in multiple…

Read News
security week

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

Transparent Tribe (APT36) is targeting Indian defense and government sectors with GETA, ARES, and Desk RATs in a new wave…

Read News
gbhackers logo

APT36 Targets Linux Systems With New Tools Designed to Disrupt Services

Critical infrastructure worldwide faces mounting threats from sophisticated, state-sponsored “espionage ecosystems.”

Read News
Computer weekly

From promise to proof: making AI security adoption tangible

The Security Think Tank considers what CISOs and buyers need to know to cut through the noise around AI and…

Read News
Cloud 365

Unified SASE e Segurança Integrada Marcam os Desafios Reais dos CISO Portugueses

A visibilidade continua a ser um dos principais problemas dos CISO. Não por falta de ferramentas, mas pela fragmentação dos…

Read News
Computer weekly

From trust to turbulence: Cyber’s road ahead in 2026

As we prepare to close out 2025, the Computer Weekly Security Think Tank panel looks back at the past year,…

Read News
CSO

Suspicious traffic could be testing CDN evasion, says expert

An individual or group is doing new probing of content delivery networks (CDNs), an effort that CSOs, CIOs and network…

Read News
Forbes

New Android Warning As Humanized Password Stealer Confirmed

New Android Warning As Humanized Password Stealer Confirmed

Read News
DarkReading

Vampire Bot Malware Sinks Fangs Into Job Hunters

The campaign is the latest by BatShadow, one of a growing number of cybercrime groups operating out of Vietnam.

Read News
IT Brief

BatShade: Vietnamese threat actor expands its digital operations

Aryaka Threat Research Labs has identified a new campaign by the Vietnamese threat actor BatShade, which continues to rely on…

Read News
Security Brief

BatShade: Vietnamese threat actor expands its digital operations

Aryaka Threat Research Labs has identified a new campaign by the Vietnamese threat actor BatShade, which continues to rely on…

Read News
The Hackewr news

BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive…

Read News
The Hackewr news

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO’s real job isn’t just to secure technology—it’s to preserve institutional…

Read News
Bankind Info

Breach Roundup: Vidar Strikes Back

Every week, ISMG rounds up cybersecurity incidents and breaches around the world. This week, the Vidar infostealer is badder than…

Read News
DarkReading

Vidar Infostealer Back With a Vengeance

The pervasive Vidar infostealer has evolved with a suite of new evasion techniques and covert data exfiltration methods, according to…

Read News
SC Media

Adoption of Vidar infostealer on the rise, report finds

More cybercriminals have been utilizing the Vidar information stealer in attacks this year due to the malware’s low barrier of…

Read News
trl silicon

Vidar infostealer gains traction among cybercriminals as ease of use drives adoption

A new report released today by secure access service edge provider Aryaka Networks Inc. is warning of the growing threat…

Read News
DarkReading

How Evolving RATs Are Redefining Enterprise Security Threats

A more unified and behavior-aware approach to detection can significantly improve security outcomes.

Read News
DarkReading

Rubio Impersonator Signals Growing Security Threat From Deepfakes

An impostor who posed as the secretary of state in text and voice communications with diplomats and politicians demonstrates the…

Read News
Computer weekly

Fortifying the future: The pivotal role of CISOs in AI operations

The Security Think Tank considers how CISOs can best plan to facilitate the secure running of AI and Gen AI-based…

Read News
CPO

French Luxury Giant Dior Confirms Data Breach after a Cyber Attack

French luxury giant Dior has confirmed a data breach after experiencing a cyber attack that resulted in unauthorized access to…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Ransomware hits Kettering Health: Experts speak out

Amajor ransomware attack has struck Kettering Health, a nonprofit network operating 14 medical centres and more than 120 outpatient facilities…

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

M&S hackers used employee logins from third-party consulting firm TCS, sources say

New information reveals Scattered Spider, the ransomware group responsible for the Marks & Spencer (M&S) cyberattack, allegedly gained access to…

Read News
Aryaka Threat Research Lab News Coverage - Digital Journal

Perfume and steel: Dior and Nucor in cyberattacks

Luxury fashion giant Dior and steel manufacturing giant Nucor both announced that the companies were dealing with cybersecurity incidents. This…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Coinbase offers USD $20 million bounty after insider data breach

Coinbase, one of the world’s largest cryptocurrency exchanges, has confirmed it suffered a significant data breach orchestrated by cybercriminals who…

Read News
Aryaka Threat Research Lab News Coverage - SecurityBrief United States

Alabama cyberattack exposes state staff credentials, disrupts services

The state of Alabama is investigating a significant cybersecurity incident that has led to the disruption of certain government services…

Read News
Computer weekly

Unspoken risk: Human factors undermine trusted platforms

A leak of information on American military operations caused a major political incident in March 2025.

Read News
itpro logo

What is polymorphic malware?

Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses

Read News
easyprey

Safe AI Implementation

Red models associated with AI technologies highlight real-world vulnerabilities and the importance of proactive security measures.

Read News
itpro logo

Malware-free attacks: The threat to businesses

Malware-free attacks are a growing risk – what can businesses do to mitigate them?

Read News
security news

Kidney dialysis firm DaVita hit by weekend ransomware attack

DaVita, a kidney dialysis company, has experienced a ransomware attack. The organization disclosed the incident in a filing with the…

Read News
helpnetsecurity

Strategic AI readiness for cybersecurity: From hype to reality

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity.

Read News
sc media

Fate of DNA data raises privacy, identity issues in 23andMe bankruptcy

News of the troubled DNA testing services company 23andMe filing for Chapter 11 bankruptcy protection set off a spirited debate…

Read News
enterprise security tech

23andMe Bankruptcy Sparks Urgent DNA Data Privacy Reckoning

In what could become a defining moment for consumer privacy in the digital age, 23andMe — the once high-flying genetics…

Read News
dark reading

23andMe Bankruptcy Filing May Put Sensitive Data at Risk

Genetic testing company 23andMe quietly filed for bankruptcy over the weekend, and now security experts are worried about the fate…

Read News
sc media uk

DeepSeek AI: The Hidden Perils of Data Privacy and Security

DeepSeek AI is a cautionary tale that underscores the need for greater security, transparency and accountability in the AI ecosystem.

Read News
csi

DeepSeek – A Deep Dive Reveals More Than One Red Flag

Like many advanced AI-driven tools, the Chinese DeepSeek AI application offers incredible innovation. Still, it raises significant data privacy concerns…

Read News
betanews

How GenAI adoption introduces network and security challenges [Q&A]

Enterprises are increasingly using GenAI to transform their organization. As they move ahead, they’re evaluating their preparedness from a business,…

Read News
security brief

Experts warn of security risks as DeepSeek limits new sign-ups

Cybersecurity experts have raised concerns over potential security risks in DeepSeek’s artificial intelligence platform after the Chinese AI startup announced…

Read News
Blog

Espionnage sans bruit : Comprendre les campagnes durables d’APT36

Read Blog

Des fantômes dans le nuage : Les fraudeurs exploitent le stockage dans le nuage de Google pour mener des campagnes trompeuses

Read Blog

BatShadow : un acteur vietnamien de la menace étend ses opérations numériques

Read Blog

Les Internet Technology Letters de Wiley ont publié une recherche sur l’IA générative pour la chasse aux menaces adaptative.

Read Blog

L’APT Kimsuky de la Corée du Nord : Une menace furtive qui s’adapte à l’évolution du monde numérique

Read Blog

Fortifier votre réseau : Comment le SASE unifié d’Aryaka protège contre les menaces avancées telles que Remcos RAT

Read Blog

La recherche avancée sur la sécurité de l’IA publiée dans le magazine Communications of the ACM

Read Blog

Remcos sur le fil : Analyse des artefacts du réseau et des structures de commandement C2

Read Blog

Snake Infostealer : Un aperçu de l’exfiltration de données via SMTP

Read Blog

Présentation du laboratoire de recherche sur les menaces d’Aryaka

Read Blog

SaltTyphoon APT : SASE unifié en tant que service à la rescousse

Read Blog

Perturber la surface d’attaque avec le SASE unifié en tant que service en dissuadant les communications malveillantes

Read Blog
Reports

Levée de voile sur les techniques de C&C et de réseau de Transparent Tribe (APT36)

Ciblage du gouvernement et de la défense indiens

View Report

Escroquerie dans le nuage

Comment les attaquants utilisent le stockage dans le nuage de Google pour lancer des campagnes de fraude en plusieurs étapes

View Report

Un acteur vietnamien de la menace étend ses activités

La nouvelle campagne "BatShade" occupe le devant de la scène

View Report

De la reconnaissance au contrôle

Le schéma opérationnel de l'APT Kimusky pour le cyber-espionnage

View Report
Whitepapers

Laboratoire de recherche sur les menaces d’Aryaka

Perturber la surface d’attaque avec le SASE unifié en tant que service en dissuadant les communications malveillantes

Read Whitepaper
News
the hacker news

ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories

Read News
Sc media

New CRPx0 malware campaign uses OnlyFans lure for crypto theft and ransomware

Read News
securityweek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

Read News
techradar

Russian hackers target HR departments with vicious new ‘BlackSanta’ malware

Read News
Aryaka Threat Research Lab News Coverage - Cybernews

HR departments are being targeted with fake resumes that disable security protection

Read News
security week

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

Read News
SC Media

BlackSanta ‘EDR-killer’ malware targets HR departments

Read News
hackread

BlackSanta Malware Targets HR Staff with Fake CV Downloads

Read News
infosecurity trl

BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign

Read News
gbhackers

HR Departments Targeted by Multi-Layered BlackSanta EDR Killer Malware

Read News
security boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Read News
CSO

Resumés with malicious ISO attachments are circulating, says Aryaka

Read News