Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-10-30CheckpointCheckpoint Research
@online{research:20231030:30th:8400dfb, author = {Checkpoint Research}, title = {{30TH OCTOBER – THREAT INTELLIGENCE REPORT}}, date = {2023-10-30}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/30th-october-threat-intelligence-report/}, language = {English}, urldate = {2023-11-17} } 30TH OCTOBER – THREAT INTELLIGENCE REPORT
2023-09-20Check Point ResearchCheckpoint Research
@online{research:20230920:behind:b3bd2a2, author = {Checkpoint Research}, title = {{Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components}}, date = {2023-09-20}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/behind-the-scenes-of-bbtok-analyzing-a-bankers-server-side-components/}, language = {English}, urldate = {2023-09-25} } Behind the Scenes of BBTok: Analyzing a Banker’s Server Side Components
BBtok
2023-09-19CheckpointAlexey Bukhteyev, Arie Olshtein
@online{bukhteyev:20230919:unveiling:1ebf179, author = {Alexey Bukhteyev and Arie Olshtein}, title = {{Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos}}, date = {2023-09-19}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/unveiling-the-shadows-the-dark-alliance-between-guloader-and-remcos/}, language = {English}, urldate = {2023-09-20} } Unveiling the Shadows: The Dark Alliance between GuLoader and Remcos
CloudEyE Remcos
2023-08-31Checkpointhasherezade
@online{hasherezade:20230831:from:dbe4160, author = {hasherezade}, title = {{From Hidden Bee to Rhadamanthys - The Evolution of Custom Executable Formats}}, date = {2023-08-31}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/from-hidden-bee-to-rhadamanthys-the-evolution-of-custom-executable-formats/}, language = {English}, urldate = {2023-09-01} } From Hidden Bee to Rhadamanthys - The Evolution of Custom Executable Formats
Hidden Bee Rhadamanthys
2023-08-08CheckpointCheckpoint Research
@online{research:20230808:rhysida:d28daad, author = {Checkpoint Research}, title = {{THE RHYSIDA RANSOMWARE: ACTIVITY ANALYSIS AND TIES TO VICE SOCIETY}}, date = {2023-08-08}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/the-rhysida-ransomware-activity-analysis-and-ties-to-vice-society/}, language = {English}, urldate = {2023-08-10} } THE RHYSIDA RANSOMWARE: ACTIVITY ANALYSIS AND TIES TO VICE SOCIETY
Rhysida
2023-07-03Check Point ResearchCheckpoint Research
@online{research:20230703:chinese:b18e8f3, author = {Checkpoint Research}, title = {{Chinese Threat Actors Targeting Europe in SmugX Campaign}}, date = {2023-07-03}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/chinese-threat-actors-targeting-europe-in-smugx-campaign/}, language = {English}, urldate = {2023-07-08} } Chinese Threat Actors Targeting Europe in SmugX Campaign
PlugX SmugX
2023-06-08Check Point ResearchCheckpoint Research
@online{research:20230608:stealth:5aba5ab, author = {Checkpoint Research}, title = {{Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa}}, date = {2023-06-08}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/stealth-soldier-backdoor-used-in-targeted-espionage-attacks-in-north-africa/}, language = {English}, urldate = {2023-06-09} } Stealth Soldier Backdoor Used in Targeted Espionage Attacks in North Africa
Stealth Soldier
2023-04-18CheckpointShavit Yosef
@online{yosef:20230418:raspberry:61254cb, author = {Shavit Yosef}, title = {{Raspberry Robin: Anti-Evasion How-To & Exploit Analysis}}, date = {2023-04-18}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/raspberry-robin-anti-evasion-how-to-exploit-analysis}, language = {English}, urldate = {2023-04-22} } Raspberry Robin: Anti-Evasion How-To & Exploit Analysis
Raspberry Robin
2023-03-27Check Point ResearchCheckpoint Research
@online{research:20230327:rhadamanthys:813d37c, author = {Checkpoint Research}, title = {{Rhadamanthys: The “Everything Bagel” Infostealer}}, date = {2023-03-27}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/rhadamanthys-the-everything-bagel-infostealer/}, language = {English}, urldate = {2023-04-22} } Rhadamanthys: The “Everything Bagel” Infostealer
Rhadamanthys
2023-02-16Check Point ResearchCheckpoint, Check Point Research
@online{checkpoint:20230216:operation:9eb0b67, author = {Checkpoint and Check Point Research}, title = {{Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia}}, date = {2023-02-16}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2023/operation-silent-watch-desktop-surveillance-in-azerbaijan-and-armenia/}, language = {English}, urldate = {2023-02-17} } Operation Silent Watch: Desktop Surveillance in Azerbaijan and Armenia
OxtaRAT
2023-01-30CheckpointArie Olshtein
@online{olshtein:20230130:following:e442fcc, author = {Arie Olshtein}, title = {{Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware}}, date = {2023-01-30}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2023/following-the-scent-of-trickgate-6-year-old-packer-used-to-deploy-the-most-wanted-malware/}, language = {English}, urldate = {2023-01-31} } Following the Scent of TrickGate: 6-Year-Old Packer Used to Deploy the Most Wanted Malware
Agent Tesla Azorult Buer Cerber Cobalt Strike Emotet Formbook HawkEye Keylogger Loki Password Stealer (PWS) Maze NetWire RC Remcos REvil TrickBot
2022-12-12CheckpointJiří Vinopal
@online{vinopal:20221212:pulling:7b5315a, author = {Jiří Vinopal}, title = {{Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper}}, date = {2022-12-12}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2022/pulling-the-curtains-on-azov-ransomware-not-a-skidsware-but-polymorphic-wiper/}, language = {English}, urldate = {2022-12-13} } Pulling the Curtains on Azov Ransomware: Not a Skidsware but Polymorphic Wiper
Azov Wiper
2022-11-02Twitter (@_CPResearch_)Checkpoint Research
@online{research:20221102:azov:9f43496, author = {Checkpoint Research}, title = {{Tweet on Azov Wiper}}, date = {2022-11-02}, organization = {Twitter (@_CPResearch_)}, url = {https://twitter.com/_CPResearch_/status/1587837524604465153}, language = {English}, urldate = {2022-11-09} } Tweet on Azov Wiper
Azov Wiper
2022-05-10CheckpointCheckpoint
@online{checkpoint:20220510:infostealer:33aee4a, author = {Checkpoint}, title = {{Info-stealer Campaign targets German Car Dealerships and Manufacturers}}, date = {2022-05-10}, organization = {Checkpoint}, url = {https://blog.checkpoint.com/2022/05/10/a-german-car-attack-on-german-vehicle-businesses/}, language = {English}, urldate = {2022-05-13} } Info-stealer Campaign targets German Car Dealerships and Manufacturers
Azorult BitRAT Raccoon
2022-04-07CheckpointAlex Shamshur, Raman Ladutska
@online{shamshur:20220407:google:fbc0f89, author = {Alex Shamshur and Raman Ladutska}, title = {{Google is on guard: sharks shall not pass!}}, date = {2022-04-07}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2022/google-is-on-guard-sharks-shall-not-pass/}, language = {English}, urldate = {2022-04-08} } Google is on guard: sharks shall not pass!
SharkBot
2022-02-24CheckpointMoshe Marelus
@online{marelus:20220224:new:dc2f291, author = {Moshe Marelus}, title = {{New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft’s Official Store}}, date = {2022-02-24}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2022/new-malware-capable-of-controlling-social-media-accounts-infects-5000-machines-and-is-actively-being-distributed-via-gaming-applications-on-microsofts-official-store/}, language = {English}, urldate = {2022-03-01} } New Malware Capable of Controlling Social Media Accounts Infects 5,000+ Machines and is actively being Distributed via Gaming Applications on Microsoft’s Official Store
2021-12-27Checkpoint Research
@online{research:20211227:deep:c94d67d, author = {Checkpoint Research}, title = {{A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard}}, date = {2021-12-27}, url = {https://research.checkpoint.com/2021/a-deep-dive-into-doublefeature-equation-groups-post-exploitation-dashboard/}, language = {English}, urldate = {2022-01-05} } A Deep Dive into DoubleFeature, Equation Group’s Post-Exploitation Dashboard
Equationgroup (Sorting) Fanny MISTYVEAL PeddleCheap
2021-10-20CheckpointCheckpoint
@online{checkpoint:20211020:check:8188213, author = {Checkpoint}, title = {{Check Point response to MysterySnail vulnerability}}, date = {2021-10-20}, organization = {Checkpoint}, url = {https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk175885}, language = {English}, urldate = {2023-11-27} } Check Point response to MysterySnail vulnerability
MysterySnail
2021-08-14Check Point ResearchCheckpoint Research
@online{research:20210814:indra:aa5bbe8, author = {Checkpoint Research}, title = {{Indra — Hackers Behind Recent Attacks on Iran}}, date = {2021-08-14}, organization = {Check Point Research}, url = {https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/}, language = {English}, urldate = {2021-08-16} } Indra — Hackers Behind Recent Attacks on Iran
Meteor Predatory Sparrow
2021-04-08CheckpointCheck Point Research
@online{research:20210408:irans:127f349, author = {Check Point Research}, title = {{Iran’s APT34 Returns with an Updated Arsenal}}, date = {2021-04-08}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2021/irans-apt34-returns-with-an-updated-arsenal/}, language = {English}, urldate = {2021-04-09} } Iran’s APT34 Returns with an Updated Arsenal
DNSpionage SideTwist TONEDEAF