Konstantin
@konstantinklinger.bsky.social
Threat Detection & Research at Proofpoint
Reposted by Konstantin
From phishes to hands-on-keyboard commands 🔥 new @proofpoint.bsky.social research from @nickattfield.bsky.social and @konstantinklinger.bsky.social on Indian state-sponsored actor TA397 (Bitter) with a great story on the steps to technical and political attribution www.proofpoint.com/us/blog/thre...
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One | Proofpoint US
This is a two-part blog series, detailing research undertaken in collaboration with Threatray. Part two of this blog series can be found on their website here. Analyst note: Throughout
www.proofpoint.com
June 4, 2025 at 11:09 AM
From phishes to hands-on-keyboard commands 🔥 new @proofpoint.bsky.social research from @nickattfield.bsky.social and @konstantinklinger.bsky.social on Indian state-sponsored actor TA397 (Bitter) with a great story on the steps to technical and political attribution www.proofpoint.com/us/blog/thre...
Reposted by Konstantin
Dropping some joint research today with Threatray on TA397/Bitter 🔍
We dive into the confluence of signals that led us to our attribution of the threat actor 🎯
Shoutout to @konstantinklinger.bsky.social and Threatray for collaborating on this research.
www.proofpoint.com/us/blog/thre...
We dive into the confluence of signals that led us to our attribution of the threat actor 🎯
Shoutout to @konstantinklinger.bsky.social and Threatray for collaborating on this research.
www.proofpoint.com/us/blog/thre...
The Bitter End: Unraveling Eight Years of Espionage Antics—Part One | Proofpoint US
This is a two-part blog series, detailing research undertaken in collaboration with Threatray. Part two of this blog series can be found on their website here. Analyst note: Throughout
www.proofpoint.com
June 4, 2025 at 11:13 AM
Dropping some joint research today with Threatray on TA397/Bitter 🔍
We dive into the confluence of signals that led us to our attribution of the threat actor 🎯
Shoutout to @konstantinklinger.bsky.social and Threatray for collaborating on this research.
www.proofpoint.com/us/blog/thre...
We dive into the confluence of signals that led us to our attribution of the threat actor 🎯
Shoutout to @konstantinklinger.bsky.social and Threatray for collaborating on this research.
www.proofpoint.com/us/blog/thre...
Reposted by Konstantin
If you like to use python and are interested in YARA rule linting:
January 10, 2025 at 9:06 PM
If you like to use python and are interested in YARA rule linting:
Reposted by Konstantin
Dropping some new research on TA397/Bitter 🚨
Hidden in Plain Sight | TA397’s New Attack Chain Delivers Espionage RATs
Report:
www.proofpoint.com/us/blog/thre...
Hidden in Plain Sight | TA397’s New Attack Chain Delivers Espionage RATs
Report:
www.proofpoint.com/us/blog/thre...
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs | Proofpoint US
Key findings Proofpoint observed advanced persistent threat (APT) TA397 targeting a Turkish defense sector organization with a lure about public infrastructure projects in Madagascar. The attack...
www.proofpoint.com
December 17, 2024 at 12:10 PM
Dropping some new research on TA397/Bitter 🚨
Hidden in Plain Sight | TA397’s New Attack Chain Delivers Espionage RATs
Report:
www.proofpoint.com/us/blog/thre...
Hidden in Plain Sight | TA397’s New Attack Chain Delivers Espionage RATs
Report:
www.proofpoint.com/us/blog/thre...
Reposted by Konstantin
Proofpoint has published a report detailing new activity from #TA397 (AKA Bitter), a prominent South Asian advanced persistent threat (APT) group.
The campaign, which took place in November 2024, targeted a defense sector organization in Turkey.
Read the blog: ow.ly/z81o50UshPt.
The campaign, which took place in November 2024, targeted a defense sector organization in Turkey.
Read the blog: ow.ly/z81o50UshPt.
Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs | Proofpoint US
Key findings Proofpoint observed advanced persistent threat (APT) TA397 targeting a Turkish defense sector organization with a lure about public infrastructure projects in Madagascar. The attack...
ow.ly
December 17, 2024 at 6:00 PM
Proofpoint has published a report detailing new activity from #TA397 (AKA Bitter), a prominent South Asian advanced persistent threat (APT) group.
The campaign, which took place in November 2024, targeted a defense sector organization in Turkey.
Read the blog: ow.ly/z81o50UshPt.
The campaign, which took place in November 2024, targeted a defense sector organization in Turkey.
Read the blog: ow.ly/z81o50UshPt.