Threat Research

    Knife Cutting the Edge: Disclosing a China-Nexus Gateway-Monitoring AitM Framework

    Knife Cutting the Edge details DKnife, a China-nexus, Linux-based adversary-in-the-middle (AitM) gateway framework active since at least 2019 that compromises routers and edge devices to inspect and manipulate network traffic and deliver malware....
    2/9/2026  0
    Read More »

    State-Sponsored Tactics: How Gamaredon and ShadowPad Operate and Rotate Their Infrastructure

    Researchers have analyzed the infrastructure tactics of two state-sponsored groups: Gamaredon (linked to Russia) and RedFoxtrot/ShadowPad (linked to China). Gamaredon targets Ukrainian, Western, African, and NATO entities, using low-frequency DNS techniques, rapidly changing IPs, and a reusable TLS certificate for its .ru domains, making takedown difficult....
    4/10/2025  0
    Read More »
    Looking for Something?
    Threat Research Categories:
    Tags

    Privacy & Security StatementTerms & Conditions
    Copyright © 2026 by Gurucul - All rights reserved.