Product News

Sekoia’s new identity: Designed for clarity

Sekoia has partnered with branding agency Bruno to develop a new brand identity and digital experience that reflects who we really are.
June 24, 2026
Sekoia Team
Read more
ALL
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Latest blogs
Product News
June 23, 2026

Sekoia’s new identity: Designed for clarity

Sekoia has partnered with branding agency Bruno to develop a new brand identity and digital experience that reflects who we really are.

By
Sekoia Team
View more
Threat Research & Intelligence
TDR
June 11, 2026

APT28, an evolution of tradecraft

Sekoia TDR looks back at how APT28's arsenal has evolved over two decades, from its signature X-Agent implants to disposable modules, edge-device infrastructure and the first LLM-driven malware.

By
Amaury-Jacques GARCON
By
Threat Detection & Research Team
View more
Threat Research & Intelligence
TDR
June 16, 2026

Unveiling ErrTraffic: inside a growing ClickFix malware distribution framework

This report details the ErrTraffic threat and its associated ecosystem, highlighting three specific campaigns and their operators' arsenal.

By
Jérémy SCION
By
Quentin BOURGUE
By
Threat Detection & Research Team
View more
Threat Research & Intelligence
TDR
June 4, 2026

FSB’s matryoshka #3/3 - Gamaredon’s gifts that keeps unpacking - GammaSteel

Discover part 3 of our FSB Matryoshka investigation. We deep dive into Gamaredon's Gammasteel info-stealer, its data exfiltration TTPs, and indicators.

By
Amaury-Jacques GARCON
By
Threat Detection & Research Team
View more
Threat Research & Intelligence
TDR
June 3, 2026

FSB’s matryoshka #2/3 - Gamaredon’s gifts that keeps unpacking - GammaLoad

In part 2 of our FSB Matryoshka series, we analyze Gamaredon's Gammaload malware variant, dissecting its technical updates and deployment mechanisms.

By
Amaury-Jacques GARCON
By
Threat Detection & Research Team
View more
Threat Research & Intelligence
TDR
June 1, 2026

FSB’s matryoshka #1/3 - Gamaredon’s gifts that keeps unpacking - GammaPhish and GammaWorm

Part 1 of our FSB Matryoshka series. Discover the context behind Gamaredon's cyberespionage campaigns, introducing GammaPhish and GammaWorm operations.

By
Amaury-Jacques GARCON
By
Threat Detection & Research Team
View more
SOC Insights & Other News
April 23, 2026

Strategic autonomy: Where you get to choose

Stop being locked into "black box" ecosystems. Discover how Sekoia’s vendor-agnostic platform ensures data sovereignty, GDPR compliance, and technological independence.

By
Arnaud DECHOUX
View more
Threat Research & Intelligence
TDR
April 16, 2026

From APT28 to RePythonNET: automating .NET malware analysis

This blogpost covers the tooling and methodology we use at TDR to reverse engineer .NET malware. In our daily work, we encounter a wide range of malware, sophisticated or not, and a significant portion of it is written in .NET. Yet, the…

By
Threat Detection & Research Team
View more
Threat Research & Intelligence
TDR
April 7, 2026

EvilTokens: an AI-augmented Phishing-as-a-Service for automating BEC fraud - Part 2

Explore how EvilTokens uses AI-driven features to automate and scale BEC workflows. Uncover the PhaaS operations on Telegram.

By
Quentin BOURGUE
By
Threat Detection & Research Team
View more
Product News
March 31, 2026

Meet Sekoia Reveal: Turn fragmented asset data into unified SOC context

Security teams do not struggle with a lack of data. They struggle with a lack of context.

By
David GREENWOOD
View more
Threat Research & Intelligence
TDR
March 30, 2026

New widespread EvilTokens kit: device code phishing as-a-service - Part 1

Uncover the new sophisticated EvilTokens device code phishing as-a-service, with AI-augmented features facilitating BEC fraud

By
Quentin BOURGUE
By
Threat Detection & Research Team
View more
SOC Insights & Other News
March 13, 2026

UEBA in the Real World: Catching Intrusions That Don’t Look Like Intrusions

Traditional SOC rules miss attacks using valid accounts and MFA fatigue. Learn real-world cases where UEBA detects stealthy lateral movement, OAuth abuse, and cloud console misuse.

By
David GREENWOOD
View more
Threat Research & Intelligence
TDR
March 24, 2026

Silver Fox: The Only Tax Audit Where the Fine Print Installs Malware

Track the 2025-2026 shift of China-based Silver Fox from financial crime to APT espionage. Discover how they exploit tax-themed phishing and RMM tools to target South Asian entities.

By
Pierre LE BOURHIS
By
Coline CHAVANE
View more
SOC Insights & Other News
March 6, 2026

Shadow IT: The Initial Access You Didn’t Log

Shadow IT isn’t just governance debt, it’s an attacker’s beachhead. This post explores real intrusions where forgotten assets, rogue tenants, exposed cloud storage, and abandoned domains enabled initial access, and why closing visibility gaps is now

By
David GREENWOOD
View more
SOC Insights & Other News
March 2, 2026

Sekoia achieves SOC2 compliance

Sekoia achieves SOC 2 Type 1 compliance across its infrastructure, reinforcing its commitment to data security and trust.

By
Maxime ARANDEL
View more
Threat Research & Intelligence
TDR
February 12, 2026

OysterLoader Unmasked: The Multi-Stage Evasion Loader

Unmasking OysterLoader's evasion: from API hammering to custom LZMA. Explore the 4-stage infection chain and its ties to Rhysida ransomware.

By
Pierre LE BOURHIS
View more

Threat Detection & Research team

Sekoia Threat Detection & Research team, commonly known as the TDR team, is the driving force behind the Sekoia SOC platform, delivering exclusive threat intelligence.

Meet TDR team

Read latest TDR articles