Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-05-16Check Point ResearchItay Cohen, Radoslaw Madej
@online{cohen:20230516:dragon:a2ec63b, author = {Itay Cohen and Radoslaw Madej}, title = {{The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant}}, date = {2023-05-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/}, language = {English}, urldate = {2023-06-01} } The Dragon Who Sold his Camaro: Analyzing a Custom Router Implant
Horse Shell
2021-02-22Check Point ResearchEyal Itkin, Itay Cohen
@online{itkin:20210222:story:6f59f06, author = {Eyal Itkin and Itay Cohen}, title = {{The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day}}, date = {2021-02-22}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/the-story-of-jian/}, language = {English}, urldate = {2021-02-25} } The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day
2021-02-22Check Point ResearchEyal Itkin, Itay Cohen
@online{itkin:20210222:story:a3a3da9, author = {Eyal Itkin and Itay Cohen}, title = {{The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day}}, date = {2021-02-22}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/the-story-of-jian}, language = {English}, urldate = {2021-07-22} } The Story of Jian – How APT31 Stole and Used an Unknown Equation Group 0-Day
APT31
2020-12-17Twitter (@megabeets_)Itay Cohen
@online{cohen:20201217:sunburst:7931c48, author = {Itay Cohen}, title = {{Tweet on SUNBURST malware discussing some of its evasion techniques}}, date = {2020-12-17}, organization = {Twitter (@megabeets_)}, url = {https://twitter.com/megabeets_/status/1339308801112027138}, language = {English}, urldate = {2020-12-18} } Tweet on SUNBURST malware discussing some of its evasion techniques
SUNBURST
2020-10-26CheckpointItay Cohen, Eyal Itkin
@online{cohen:20201026:exploit:9ec173c, author = {Itay Cohen and Eyal Itkin}, title = {{Exploit Developer Spotlight: The Story of PlayBit}}, date = {2020-10-26}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2020/graphology-of-an-exploit-playbit/}, language = {English}, urldate = {2020-10-27} } Exploit Developer Spotlight: The Story of PlayBit
Dyre Maze PyLocky Ramnit REvil
2020-10-02Check Point ResearchItay Cohen, Eyal Itkin
@online{cohen:20201002:graphology:af4c7bd, author = {Itay Cohen and Eyal Itkin}, title = {{Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints}}, date = {2020-10-02}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2020/graphology-of-an-exploit-volodya/}, language = {English}, urldate = {2020-10-06} } Graphology of an Exploit – Hunting for exploits by looking for the author’s fingerprints
2019-04-24Check Point ResearchItay Cohen
@online{cohen:20190424:deobfuscating:581c86e, author = {Itay Cohen}, title = {{Deobfuscating APT32 Flow Graphs with Cutter and Radare2}}, date = {2019-04-24}, organization = {Check Point Research}, url = {https://research.checkpoint.com/deobfuscating-apt32-flow-graphs-with-cutter-and-radare2/}, language = {English}, urldate = {2020-05-06} } Deobfuscating APT32 Flow Graphs with Cutter and Radare2
Salgorea
2018-11-30Check PointItay Cohen
@online{cohen:20181130:evolution:045e447, author = {Itay Cohen}, title = {{The Evolution of BackSwap}}, date = {2018-11-30}, organization = {Check Point}, url = {https://research.checkpoint.com/the-evolution-of-backswap/}, language = {English}, urldate = {2020-01-10} } The Evolution of BackSwap
BackSwap
2018-08-20Check PointItay Cohen, Ben Herzog
@online{cohen:20180820:ryuk:5756495, author = {Itay Cohen and Ben Herzog}, title = {{Ryuk Ransomware: A Targeted Campaign Break-Down}}, date = {2018-08-20}, organization = {Check Point}, url = {https://research.checkpoint.com/ryuk-ransomware-targeted-campaign-break/}, language = {English}, urldate = {2019-12-10} } Ryuk Ransomware: A Targeted Campaign Break-Down
Ryuk
2018-05-21MegaBeetsItay Cohen
@online{cohen:20180521:decrypting:37d595c, author = {Itay Cohen}, title = {{Decrypting APT33’s Dropshot Malware with Radare2 and Cutter – Part 1}}, date = {2018-05-21}, organization = {MegaBeets}, url = {https://www.megabeets.net/decrypting-dropshot-with-radare2-and-cutter-part-1/}, language = {English}, urldate = {2019-07-10} } Decrypting APT33’s Dropshot Malware with Radare2 and Cutter – Part 1
DROPSHOT