Check Point Research
@_CPResearch_
Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team. Podcast: https://t.co/Cp128Xv0CM…
ID:990906936148316160
https://research.checkpoint.com 30-04-2018 10:53:18
462 Tweets
21,1K Followers
115 Following
Magnet Goblin, a financially-motivated threat actor:
🕐Quickly leverages 1-day vulnerabilities
🐧Uses a novel Linux version of a malware - NerbianRAT
🎯Targets multiple devices such as Ivanti, Magento, possibly Qlik Sense and Apache ActiveMQ.
👉Read more:
research.checkpoint.com/2024/magnet-go…
Today, we're disclosing an overlooked, wide-impact bug/attack vector affecting the Windows/COM ecosystem, dubbed #MonikerLink . In Outlook, the bug's impact is far and wide: from leaking NTLM creds to RCE. The same issue may exist in other software, too. research.checkpoint.com/2024/the-risks…
Malicious documents with 5-year-old CVEs could be considered useless anymore. In reality, in 2023, they were used by big malware names and targeted lucrative sectors. Check out our report covering this group of maldocs from different perspectives.
research.checkpoint.com/2024/maldocs-o…
#RaspberryRobin continues to rapidly improve itself -- using homebrew exploits for two 1-day LPE vulnerabilities that had no public implementation at the time, among other surprises 👇
research.checkpoint.com/2024/raspberry…
.NET Hooking - Harmonizing Managed Territory CP<r> provides a walk through the .NET hooking using the #Harmony library
🛠️ Common Examples of Implementation
💪 Defeating the #ConfuserEx2 string obfuscation
⚠️ Harmony hooking from the #dnSpyEx context
research.checkpoint.com/2024/net-hooki…
#Rhadamanthys stealer keeps evolving.
In our new blog, hasherezade takes you on a deep dive into version 0.5.0, layer by layer, discovering new features and techniques.
research.checkpoint.com/2023/rhadamant…
Analyzing #LitterDrifter , Gamaredon's most recent USB worm:
🪱 LitterDrifter is VBS worm that propagates over USBs
🇺🇦 Ukraine remains the primary target for Gamaredon
💻Relies on Gamaredon's vast and flexible C2 infrastructure
Read more-->
research.checkpoint.com/2023/malware-s…