Security 360

Securité 360 is a non-profit threat intelligence project seeking to provide actionnable content to defenders.

A blog

We maintain a blog discussing cybersecurity issues, as well as legal and data confidentiality issues.

An intrusion sets tracker

We set up an intrusion sets tracker used to monitor attackers’ infrastructure on a daily and weekly basis.

Open to contributors

External contributions on the blog or the tracker are very welcome. You can request access to our tracker by writing at or via Twitter.

Our commitment

We are tracking APTs and cybercriminals for you

Our tracker is actively monitoring more than a dozen of cyber threats

A few things we’re great at

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation.Ut enim ad minim veniam, quis nostrud exercitation.


We investigate advanced and cybercriminals threats to better understand their tactics, techniques and procedures and to identify the infrastructures they rely upon.


We produce technical intelligence, including indicators of compromise (hashes, IP address, domain names).


We draft tactical and strategic threat intelligence report to tackle cyber threats, anticipate their strategy and the evolution of their victimology


We create heuristics to track threat actors’ infrastructures and map these infras.

Providing actionnable threat intelligence

What we do

Threat actors’ OPSEC is often deficient. That is why it is often possible to actively monitor the infrastructure they use.

Tracking Cybercriminals

Criminals are often relying on infrastructure-as-a-service during their campaign. We actively watch these services, as well as configurations mistakes these actors may make during their daily operations.

Monitoring States-sponsored actors’ activity

We are tracking several States backed threat actors displaying poor OPSEC.We can therefore produce up to date indicators of compromise.


Our blog is dedicated to threat intelligence posts, dealing with cyber as well as other threats.

Drafting customized reports

Our team may provide customized intelligence reports to non-profit organizations.


Latest News

Unveiling Sharp Panda’s New Loader

Checkpoint recently published a report on Sharp Panda, mentioning an extension of its victimology as well as the utilization of a new dropper to deploy the 5.t framework. To avoid[…]

Read more

Analysis of Sarwent loader: Old ways die hard

A few days ago, I saw a tweet from malware C2 hunter Viriback (kudos for all your great work) mentioning the Sarwent loader. This malware appeared at least in 2018[…]

Read more

Exploring MadMxShell’s Infrastructure: Rapid Pivoting for Actionable Insights

In a great blog post, Xscaler revealed a recent campaign targeting IT professionals via Google maldvertising in order to distribute a new backdoor named « MadMxShell ». In this campaign, the attackers[…]

Read more