APT Groups – Brandefense

Agentic AI in Cybersecurity: How Autonomous Agents Are Transforming the SOC

BRANDEFENSE — Sat, 18 Apr 2026 10:40:32 +0000

Agentic AI is reshaping cybersecurity operations by enabling autonomous threat triage, investigations, and rapid containment. Learn how AI-powered SOC teams are defending at machine speed.

The post Agentic AI in Cybersecurity: How Autonomous Agents Are Transforming the SOC appeared first on Brandefense.

From Weeks to Seconds: What AI Actually Changes in the CTI Lifecycle

BRANDEFENSE — Fri, 17 Apr 2026 13:49:34 +0000

Learn how AI-driven CTI platforms eliminate delays, reduce noise, and deliver real-time intelligence to stop threats before they escalate.

The post From Weeks to Seconds: What AI Actually Changes in the CTI Lifecycle appeared first on Brandefense.

GC01 (Golden Chickens): Inside the Arsenal of a Premier E-Crime MaaS Provider

BRANDEFENSE — Thu, 16 Apr 2026 10:00:00 +0000

Golden Chickens (GC01) is a top-tier Malware-as-a-Service provider enabling cybercriminal operations worldwide. Discover its tools, tactics, and impact.

The post GC01 (Golden Chickens): Inside the Arsenal of a Premier E-Crime MaaS Provider appeared first on Brandefense.

BlackTech

BRANDEFENSE — Tue, 14 Apr 2026 13:43:20 +0000

BlackTech is a China-aligned APT group specializing in long-term cyber espionage through network infrastructure compromise, targeting telecom, government, and tech sectors.

The post BlackTech appeared first on Brandefense.

UAC-0194: Inside a Rapidly Evolving NTLM-Exploiting Espionage Operation

BRANDEFENSE — Mon, 13 Apr 2026 13:27:50 +0000

UAC-0194 is a high-risk, Russian-affiliated threat actor leveraging NTLM vulnerabilities for stealthy credential theft and cyber espionage across Eastern Europe.

The post UAC-0194: Inside a Rapidly Evolving NTLM-Exploiting Espionage Operation appeared first on Brandefense.

UAC-0102: Inside a Covert Espionage Operation Targeting Ukraine and Beyond

BRANDEFENSE — Mon, 23 Mar 2026 08:37:00 +0000

UAC-0102 is a stealth-focused cyber espionage group targeting Ukrainian government and infrastructure entities using spearphishing and cloud-based C2 techniques.

The post UAC-0102: Inside a Covert Espionage Operation Targeting Ukraine and Beyond appeared first on Brandefense.

Inside the Operations of Crazy Evil: The Rise of a Global Crypto-Focused Cybercrime Network

BRANDEFENSE — Sun, 22 Mar 2026 11:21:00 +0000

An in-depth analysis of Crazy Evil, a financially motivated cybercrime group targeting Web3, crypto platforms, and digital identities through advanced social engineering and malware campaigns.

The post Inside the Operations of Crazy Evil: The Rise of a Global Crypto-Focused Cybercrime Network appeared first on Brandefense.

1 Million User Records Exposed: A Deep Dive into the Komiko AI App Data Breach

BRANDEFENSE — Sat, 21 Mar 2026 07:12:56 +0000

A massive Komiko AI data breach exposed over 1 million users, including OAuth tokens and session data—creating critical account takeover risks. Here’s what happened and how Brandefense detected it early.

The post 1 Million User Records Exposed: A Deep Dive into the Komiko AI App Data Breach appeared first on Brandefense.

Konni (Vedalia / TA406 / Opal Sleet): North Korea’s Steady Hand in Espionage Operations

BRANDEFENSE — Thu, 19 Mar 2026 06:54:12 +0000

Konni is a North Korea-aligned APT group focused on long-term cyber espionage through spearphishing, credential harvesting, and lightweight malware campaigns.

The post Konni (Vedalia / TA406 / Opal Sleet): North Korea’s Steady Hand in Espionage Operations appeared first on Brandefense.

Warlock Group: The Rise of GOLD SALEM (Storm-2603) in 2025’s Ransomware Landscape

BRANDEFENSE — Wed, 18 Mar 2026 12:41:05 +0000

Warlock Group (GOLD SALEM / Storm-2603) is an emerging ransomware actor exploiting SharePoint ToolShell vulnerabilities to target global enterprises with double extortion tactics.

The post Warlock Group: The Rise of GOLD SALEM (Storm-2603) in 2025’s Ransomware Landscape appeared first on Brandefense.