APT means “advanced persistent threat”. It refers to one attack at a time:
- Sophisticated using malicious software (malware, spyware) to discreetly enter the information systems of its target (companies, governments).
- Persistent to steal data from its target undetected for a long time.
Behind its implementation are usually states or state-sponsored groups. But also sufficiently organized independent groups, benefiting from substantial resources to orchestrate sophisticated attacks using an ecosystem of qualified technicians.
At SEKOIA.IO, our Threat and Detection Research team regularly deals APT attacks primarily targeting European-based businesses, NGOs, think tanks and European government structures. According to the subjects, she shares her analyzes on our blog on: APT 27 LuckyMouse, TURLA, Calisto (aka COLDRIVER), APT29 Nobelium, Cozy Bear, APT31 (aka Zirconium or Judgment Panda), Roaming Mantis and the Moqhao Malware, APT 38, intrusions set associated with North Korea (Lazarus, Kimsuky, Bluenoroff, Andariel, Reaper), APT 40, Vice Society, CTI, XDR, SOAR, SIEM, SOC, EDR, CERT, STIX, IoC, Data Loss Prevention.
We are a cybersecurity software publisher. We provide SOC and MSSP teams with a turnkey operational security platform (SOC platform). Through our XDR platform, CTI tool and threat intelligence platform, we enable our users to neutralize cyber threats, regardless of the attack surface.