Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-22Check PointCheck Point Research
@online{research:20220922:7:f4a6cdb, author = {Check Point Research}, title = {{7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs}}, date = {2022-09-22}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/never-truly-left-7-years-of-scarlet-mimics-mobile-surveillance-campaign-targeting-uyghurs/}, language = {English}, urldate = {2022-09-26} } 7 Years of Scarlet Mimic’s Mobile Surveillance Campaign Targeting Uyghurs
MobileOrder
2022-09-21Check PointJiří Vinopal
@online{vinopal:20220921:native:e68056c, author = {Jiří Vinopal}, title = {{Native function and Assembly Code Invocation}}, date = {2022-09-21}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation/}, language = {English}, urldate = {2022-09-26} } Native function and Assembly Code Invocation
MiniDuke
2022-09-06Check PointCheck Point Research
@online{research:20220906:dangeroussavanna:5bec8b7, author = {Check Point Research}, title = {{DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa}}, date = {2022-09-06}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/dangeroussavanna-two-year-long-campaign-targets-financial-institutions-in-french-speaking-africa/}, language = {English}, urldate = {2022-09-07} } DangerousSavanna: Two-year long campaign targets financial institutions in French-speaking Africa
AsyncRAT Meterpreter PoshC2 DangerousSavanna
2022-08-29Check PointMoshe Marelus
@online{marelus:20220829:check:4b8b83f, author = {Moshe Marelus}, title = {{Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications}}, date = {2022-08-29}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/check-point-research-detects-crypto-miner-malware-disguised-as-google-translate-desktop-and-other-legitimate-applications}, language = {English}, urldate = {2022-08-31} } Check Point Research detects Crypto Miner malware disguised as Google translate desktop and other legitimate applications
Nitrokod
2022-07-13Check PointCheck Point Research
@online{research:20220713:hit:79199ac, author = {Check Point Research}, title = {{A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets}}, date = {2022-07-13}, organization = {Check Point}, url = {https://blog.checkpoint.com/2022/07/13/a-hit-is-made-suspected-india-based-sidewinder-apt-successfully-cyber-attacks-pakistan-military-focused-targets/}, language = {English}, urldate = {2022-07-15} } A Hit is made: Suspected India-based Sidewinder APT successfully cyber attacks Pakistan military focused targets
Unidentified 093 (Sidewinder)
2022-06-28Twitter (@_CPResearch_)Check Point Research
@online{research:20220628:malware:896fb41, author = {Check Point Research}, title = {{Tweet on malware used against Steel Industry in Iran}}, date = {2022-06-28}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_cpresearch_/status/1541753913732366338}, language = {English}, urldate = {2022-07-25} } Tweet on malware used against Steel Industry in Iran
Meteor Predatory Sparrow
2022-05-31Check Point ResearchAlexey Bukhteyev, Raman Ladutska
@online{bukhteyev:20220531:xloader:f9d6f5f, author = {Alexey Bukhteyev and Raman Ladutska}, title = {{XLoader Botnet: Find Me If You Can}}, date = {2022-05-31}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/xloader-botnet-find-me-if-you-can/}, language = {English}, urldate = {2022-05-31} } XLoader Botnet: Find Me If You Can
Xloader
2022-05-19Check PointCheck Point Research
@online{research:20220519:twisted:646cd84, author = {Check Point Research}, title = {{Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes}}, date = {2022-05-19}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/twisted-panda-chinese-apt-espionage-operation-against-russians-state-owned-defense-institutes/}, language = {English}, urldate = {2022-05-25} } Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes
2022-04-12Check PointCheck Point Research
@online{research:20220412:march:2c56dc6, author = {Check Point Research}, title = {{March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance}}, date = {2022-04-12}, organization = {Check Point}, url = {https://www.checkpoint.com/press/2022/march-2022s-most-wanted-malware-easter-phishing-scams-help-emotet-assert-its-dominance/}, language = {English}, urldate = {2022-04-20} } March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
Alien FluBot Agent Tesla Emotet
2022-03-31Check Point Research
@online{research:20220331:statesponsored:d8ce198, author = {Check Point Research}, title = {{State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage}}, date = {2022-03-31}, url = {https://research.checkpoint.com/2022/state-sponsored-attack-groups-capitalise-on-russia-ukraine-war-for-cyber-espionage/}, language = {English}, urldate = {2022-04-05} } State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage
Loki RAT El Machete APT Backdoor Dropper Lyceum .NET DNS Backdoor Lyceum .NET TCP Backdoor Lyceum Golang HTTP Backdoor
2022-03-10Check Point Research
@online{research:20220310:leaks:4880b6a, author = {Check Point Research}, title = {{Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of}}, date = {2022-03-10}, url = {https://research.checkpoint.com/2022/leaks-of-conti-ransomware-group-paint-picture-of-a-surprisingly-normal-tech-start-up-sort-of/}, language = {English}, urldate = {2022-03-14} } Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of
Conti
2022-03-07Check Point ResearchCheck Point
@online{point:20220307:lapsus:007ba79, author = {Check Point}, title = {{Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected}}, date = {2022-03-07}, organization = {Check Point Research}, url = {https://blog.checkpoint.com/2022/03/07/lapsus-ransomware-gang-uses-stolen-source-code-to-disguise-malware-files-as-trustworthy-check-point-customers-remain-protected/}, language = {English}, urldate = {2022-03-25} } Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected
LAPSUS
2022-02-18Check PointCheck Point
@online{point:20220218:evilplayout:1ddf5e3, author = {Check Point}, title = {{EvilPlayout: Attack Against Iran’s State Broadcaster}}, date = {2022-02-18}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/evilplayout-attack-against-irans-state-broadcaster/}, language = {English}, urldate = {2022-03-02} } EvilPlayout: Attack Against Iran’s State Broadcaster
EvilPlayout WinScreeny
2022-02-16Check Point ResearchAliaksandr Trafimchuk, Raman Ladutska
@online{trafimchuk:20220216:modern:a6f60a5, author = {Aliaksandr Trafimchuk and Raman Ladutska}, title = {{A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies}}, date = {2022-02-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/}, language = {English}, urldate = {2022-02-18} } A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies
TrickBot
2022-01-24Check Point ResearchDikla Barda, Romain Zaikin, Oded Vanunu
@online{barda:20220124:scammers:df4feaf, author = {Dikla Barda and Romain Zaikin and Oded Vanunu}, title = {{Scammers are creating new fraudulent Crypto Tokens and misconfiguring smart contract’s to steal funds}}, date = {2022-01-24}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/scammers-are-creating-new-fraudulent-crypto-tokens-and-misconfiguring-smart-contracts-to-steal-funds/}, language = {English}, urldate = {2022-01-25} } Scammers are creating new fraudulent Crypto Tokens and misconfiguring smart contract’s to steal funds
2022-01-21Twitter (@_CPResearch_)Check Point Research
@online{research:20220121:whitelambert:e5581c9, author = {Check Point Research}, title = {{Tweet on WhiteLambert malware}}, date = {2022-01-21}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_CPResearch_/status/1484502090068242433}, language = {English}, urldate = {2022-01-25} } Tweet on WhiteLambert malware
Lambert
2022-01-11Check PointCheck Point Research
@online{research:20220111:apt35:c5e9ff3, author = {Check Point Research}, title = {{APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit}}, date = {2022-01-11}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit/}, language = {English}, urldate = {2022-01-18} } APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit
2022-01-05Check PointGolan Cohen
@online{cohen:20220105:can:6a1ef46, author = {Golan Cohen}, title = {{Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk}}, date = {2022-01-05}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/}, language = {English}, urldate = {2022-01-18} } Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
Zloader
2021-12-16Check Point ResearchAlexey Bukhteyev
@online{bukhteyev:20211216:phorpiex:cef1b8e, author = {Alexey Bukhteyev}, title = {{Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions}}, date = {2021-12-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/phorpiex-botnet-is-back-with-a-new-twizt-hijacking-hundreds-of-crypto-transactions/}, language = {English}, urldate = {2021-12-17} } Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions
Phorpiex
2021-12-08Check Point ResearchRaman Ladutska, Aliaksandr Trafimchuk, David Driker, Yali Magiel
@online{ladutska:20211208:when:16ee92b, author = {Raman Ladutska and Aliaksandr Trafimchuk and David Driker and Yali Magiel}, title = {{When old friends meet again: why Emotet chose Trickbot for rebirth}}, date = {2021-12-08}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/when-old-friends-meet-again-why-emotet-chose-trickbot-for-rebirth/}, language = {English}, urldate = {2022-02-18} } When old friends meet again: why Emotet chose Trickbot for rebirth
Emotet TrickBot