Twitter | Search | |
Check Point Research
Fighting cyber threats one research at a time. News from Check Point’s () Research team.
203
Tweets
92
Following
6,572
Followers
Tweets
Check Point Research Mar 26
We thought we'd seen it all, then we ran across this malware builder that bypasses Smart Screen alert, UAC and your AV solution by using those garden-variety windows shortcuts that litter your desktop. Read more
Reply Retweet Like
Check Point Research Mar 25
Looking to learn about system exploitation, but don't know where to start? This (very) detailed guide covers all the basics. Contains 21 detailed CTF solutions, plenty of theory, and zero times the phrase "exercise left to the reader".
Reply Retweet Like
Check Point Research Mar 24
📈More than 700 new Outlook Web Access servers were exposed to the internet in the last 24 hours - only in the 🇺🇸! In a rush to enable working from home, organizations are exposing their assets online, opening themselves to attacks.
Reply Retweet Like
Check Point Research Mar 17
If you've ever wondered about the secret life of Nigerian spammers, this is definitely the article for you. Read all about one cybercriminal's decade-long quest of bought RATs, stolen credit cards, back-stabbed colleagues and looming paranoia. Read more @
Reply Retweet Like
Check Point Research Mar 12
: Chinese APT group after Mongolian targets. The attackers leveraged weaponized COVID-19 documents to deliver a previously unknown RAT. The irony was not lost on us. 🐼 Read more @
Reply Retweet Like
Check Point Research Mar 11
Replying to @_CPResearch_
New phorpiex C2: tldrbox[.]top thaus[.]top 92.63.197[.]190 Hashes: 45147b119267950eabca2769a1e6963b f96139f47da1fe1a44006c795b0bb672 f110cd9aa4fd8e9b009bf48c92f471a9 0ff9e69970aab46a22275b41f59e85df 542bab6a93e8fbd7141975db19a59853
Reply Retweet Like
Check Point Research Mar 11
Phorpiex malware is back dropping XMRig, Sextortion, and Nemty ransomware. Read about Phorpiex arsenal in our publications:
Reply Retweet Like
Check Point Research Mar 2
Replying to @duzvik
Send us a pull request here. We’ll gladly add it and expand the encyclopedia.
Reply Retweet Like
Check Point Research Mar 2
InviZzzible is a tool we developed for assessing a virtual environment along the lines of our new evasion encyclopedia. It can assist in identifying and fixing potential issues in your VMs in order to increase your detection capabilities.
Reply Retweet Like
Check Point Research Mar 1
Replying to @SwiftOnSecurity
We’re glad to be of service.
Reply Retweet Like
Check Point Research Mar 1
All info (and license) can be found on the projects GitHub page: Let us know if you need anything else. Sharing is caring.
Reply Retweet Like
Check Point Research Mar 1
We launched our new Malware Evasion Encyclopedia, which contains over 50 techniques used by various malwares to detect virtualized and sandboxed environments. We hope this effort would allow for better understanding and analysis of modern attacks.
Reply Retweet Like
Check Point Research Feb 16
We were able to attribute this report to APT-C-23 activity Reusing old techniques: - Backdoors disguised as dating apps - App promotion websites - NameCheap registered domains - Repeating their signature move of mentioning celebrity names in the code (!)
Reply Retweet Like
Check Point Research Feb 13
Replying to @_CPResearch_
2nd stage: 7de3.shandow[.]ru/Drumheads.exe d66825512a443fbe35d21772d10e97b2 3rd stage: xh5.bohakuren[.]ru/ktnqfbhmwZ 2e26d0b795f72697ed6673e869331f9c Final payload 88efc5c1545c73ce4c69439cda24f9f3 Communicates with: 45.153.228[.]70:2012
Reply Retweet Like
Check Point Research Feb 13
New wave of against Austrian and German organizations with CV decoy documents 🕵️‍♀️ Sender: info@XXXX.ru ✍️ Subject: lebenslauf / bewerbung 📄 Attached: 180718_arbeitszeugnisse_aktuell.doc 190720_bewerbung_kaufm_angestellte_.doc Decoy: 7d5620082f0651565cf9036889eb3e53
Reply Retweet Like
Check Point Research Feb 13
How did EternalBlue, the leaked NSA exploit, get to the hands of Chinese sponsored group APT-3 long before the official leak? Tune in to our new CP<R>adio episode to find out.
Reply Retweet Like
Check Point Research Feb 5
Executing code on Philips Hue Smart Hub through the ZigBee protocol, and infiltrating your way into the internal network. Technical details will follow soon.
Reply Retweet Like
Check Point Research Feb 4
[CPR-Zero] CVE-2019-1234 (Azure Stack): Azure Stack Spoofing Vulnerability
Reply Retweet Like
Check Point Research Feb 4
[CPR-Zero] CVE-2019-1372 (Azure App Service): Heap Based Buffer-Overflow in DWASInterop.dll
Reply Retweet Like
Check Point Research Jan 30
Replying to @_CPResearch_
Reply Retweet Like