Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-05-31Check Point ResearchAlexey Bukhteyev, Raman Ladutska
@online{bukhteyev:20220531:xloader:f9d6f5f, author = {Alexey Bukhteyev and Raman Ladutska}, title = {{XLoader Botnet: Find Me If You Can}}, date = {2022-05-31}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/xloader-botnet-find-me-if-you-can/}, language = {English}, urldate = {2022-05-31} } XLoader Botnet: Find Me If You Can
Xloader
2022-05-19Check PointCheck Point Research
@online{research:20220519:twisted:646cd84, author = {Check Point Research}, title = {{Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes}}, date = {2022-05-19}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/twisted-panda-chinese-apt-espionage-operation-against-russians-state-owned-defense-institutes/}, language = {English}, urldate = {2022-05-25} } Twisted Panda: Chinese APT espionage operation against Russian’s state-owned defense institutes
2022-04-12Check PointCheck Point Research
@online{research:20220412:march:2c56dc6, author = {Check Point Research}, title = {{March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance}}, date = {2022-04-12}, organization = {Check Point}, url = {https://www.checkpoint.com/press/2022/march-2022s-most-wanted-malware-easter-phishing-scams-help-emotet-assert-its-dominance/}, language = {English}, urldate = {2022-04-20} } March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
Alien FluBot Agent Tesla Emotet
2022-03-31Check Point Research
@online{research:20220331:statesponsored:d8ce198, author = {Check Point Research}, title = {{State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage}}, date = {2022-03-31}, url = {https://research.checkpoint.com/2022/state-sponsored-attack-groups-capitalise-on-russia-ukraine-war-for-cyber-espionage/}, language = {English}, urldate = {2022-04-05} } State-sponsored Attack Groups Capitalise on Russia-Ukraine War for Cyber Espionage
Loki RAT El Machete APT Backdoor Dropper Lyceum .NET DNS Backdoor Lyceum .NET TCP Backdoor Lyceum Golang HTTP Backdoor
2022-03-10Check Point Research
@online{research:20220310:leaks:4880b6a, author = {Check Point Research}, title = {{Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of}}, date = {2022-03-10}, url = {https://research.checkpoint.com/2022/leaks-of-conti-ransomware-group-paint-picture-of-a-surprisingly-normal-tech-start-up-sort-of/}, language = {English}, urldate = {2022-03-14} } Leaks of Conti Ransomware Group Paint Picture of a Surprisingly Normal Tech Start-Up… Sort Of
Conti
2022-03-07Check Point ResearchCheck Point
@online{point:20220307:lapsus:007ba79, author = {Check Point}, title = {{Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected}}, date = {2022-03-07}, organization = {Check Point Research}, url = {https://blog.checkpoint.com/2022/03/07/lapsus-ransomware-gang-uses-stolen-source-code-to-disguise-malware-files-as-trustworthy-check-point-customers-remain-protected/}, language = {English}, urldate = {2022-03-25} } Lapsus$ Ransomware gang uses stolen source code to disguise malware files as trustworthy. Check Point customers remain protected
LAPSUS
2022-02-18Check PointCheck Point
@online{point:20220218:evilplayout:1ddf5e3, author = {Check Point}, title = {{EvilPlayout: Attack Against Iran’s State Broadcaster}}, date = {2022-02-18}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/evilplayout-attack-against-irans-state-broadcaster/}, language = {English}, urldate = {2022-03-02} } EvilPlayout: Attack Against Iran’s State Broadcaster
EvilPlayout WinScreeny
2022-02-16Check Point ResearchAliaksandr Trafimchuk, Raman Ladutska
@online{trafimchuk:20220216:modern:a6f60a5, author = {Aliaksandr Trafimchuk and Raman Ladutska}, title = {{A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies}}, date = {2022-02-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies/}, language = {English}, urldate = {2022-02-18} } A Modern Ninja: Evasive Trickbot Attacks Customers of 60 High-Profile Companies
TrickBot
2022-01-24Check Point ResearchDikla Barda, Romain Zaikin, Oded Vanunu
@online{barda:20220124:scammers:df4feaf, author = {Dikla Barda and Romain Zaikin and Oded Vanunu}, title = {{Scammers are creating new fraudulent Crypto Tokens and misconfiguring smart contract’s to steal funds}}, date = {2022-01-24}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2022/scammers-are-creating-new-fraudulent-crypto-tokens-and-misconfiguring-smart-contracts-to-steal-funds/}, language = {English}, urldate = {2022-01-25} } Scammers are creating new fraudulent Crypto Tokens and misconfiguring smart contract’s to steal funds
2022-01-21Twitter (@_CPResearch_)Check Point Research
@online{research:20220121:whitelambert:e5581c9, author = {Check Point Research}, title = {{Tweet on WhiteLambert malware}}, date = {2022-01-21}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_CPResearch_/status/1484502090068242433}, language = {English}, urldate = {2022-01-25} } Tweet on WhiteLambert malware
Lambert
2022-01-11Check PointCheck Point Research
@online{research:20220111:apt35:c5e9ff3, author = {Check Point Research}, title = {{APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit}}, date = {2022-01-11}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit/}, language = {English}, urldate = {2022-01-18} } APT35 exploits Log4j vulnerability to distribute new modular PowerShell toolkit
2022-01-05Check PointGolan Cohen
@online{cohen:20220105:can:6a1ef46, author = {Golan Cohen}, title = {{Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk}}, date = {2022-01-05}, organization = {Check Point}, url = {https://research.checkpoint.com/2022/can-you-trust-a-files-digital-signature-new-zloader-campaign-exploits-microsofts-signature-verification-putting-users-at-risk/}, language = {English}, urldate = {2022-01-18} } Can You Trust a File’s Digital Signature? New Zloader Campaign exploits Microsoft’s Signature Verification putting users at risk
Zloader
2021-12-16Check Point ResearchAlexey Bukhteyev
@online{bukhteyev:20211216:phorpiex:cef1b8e, author = {Alexey Bukhteyev}, title = {{Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions}}, date = {2021-12-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/phorpiex-botnet-is-back-with-a-new-twizt-hijacking-hundreds-of-crypto-transactions/}, language = {English}, urldate = {2021-12-17} } Phorpiex botnet is back with a new Twizt: Hijacking Hundreds of crypto transactions
Phorpiex
2021-12-08Check Point ResearchRaman Ladutska, Aliaksandr Trafimchuk, David Driker, Yali Magiel
@online{ladutska:20211208:when:16ee92b, author = {Raman Ladutska and Aliaksandr Trafimchuk and David Driker and Yali Magiel}, title = {{When old friends meet again: why Emotet chose Trickbot for rebirth}}, date = {2021-12-08}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/when-old-friends-meet-again-why-emotet-chose-trickbot-for-rebirth/}, language = {English}, urldate = {2022-02-18} } When old friends meet again: why Emotet chose Trickbot for rebirth
Emotet TrickBot
2021-12-01Check PointShmuel Cohen
@online{cohen:20211201:smishing:3fa90c0, author = {Shmuel Cohen}, title = {{Smishing Botnets Going Viral in Iran}}, date = {2021-12-01}, organization = {Check Point}, url = {https://research.checkpoint.com/2021/smishing-botnets-going-viral-in-iran/}, language = {English}, urldate = {2021-12-06} } Smishing Botnets Going Viral in Iran
2021-11-16Twitter (@_CPResearch_)Check Point Research
@online{research:20211116:32bit:f9aff89, author = {Check Point Research}, title = {{Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group}}, date = {2021-11-16}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_CPResearch_/status/1460643735952318474}, language = {English}, urldate = {2021-11-19} } Tweet on 32bit version of CVE-2021-1732 exploited by BITTER group
2021-11-15Check Point ResearchCheck Point Research
@online{research:20211115:uncovering:b8d5b9b, author = {Check Point Research}, title = {{Uncovering MosesStaff techniques: Ideology over Money}}, date = {2021-11-15}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/mosesstaff-targeting-israeli-companies/}, language = {English}, urldate = {2021-11-17} } Uncovering MosesStaff techniques: Ideology over Money
DCSrv MosesStaff
2021-11-03Check Point ResearchArie Olshtein, Abedalla Hadra
@online{olshtein:20211103:mekotio:19a7e5a, author = {Arie Olshtein and Abedalla Hadra}, title = {{Mekotio Banker Returns with Improved Stealth and Ancient Encryption}}, date = {2021-11-03}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/mekotio-banker-returns-with-improved-stealth-and-ancient-encryption/}, language = {English}, urldate = {2021-11-03} } Mekotio Banker Returns with Improved Stealth and Ancient Encryption
Mekotio
2021-10-12Twitter (@_CPResearch_)Check Point Research
@online{research:20211012:of:80a5962, author = {Check Point Research}, title = {{Tweet of re-emergence phorpiex with a new "Twizt" module}}, date = {2021-10-12}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_CPResearch_/status/1447852018794643457}, language = {English}, urldate = {2021-11-08} } Tweet of re-emergence phorpiex with a new "Twizt" module
Phorpiex
2021-09-29Check PointIsrael Wernik, Bohdan Melnykov
@online{wernik:20210929:pixstealer:5422c32, author = {Israel Wernik and Bohdan Melnykov}, title = {{PixStealer: a new wave of Android banking Trojans abusing Accessibility Services}}, date = {2021-09-29}, organization = {Check Point}, url = {https://research.checkpoint.com/2021/pixstealer-a-new-wave-of-android-banking-trojans-abusing-accessibility-services/}, language = {English}, urldate = {2021-12-06} } PixStealer: a new wave of Android banking Trojans abusing Accessibility Services