Posts Written ByGal Kristal

Gal Kristal

Gal Kristal is a Senior Security Researcher at SentinelOne who specializes in Offensive Security. Previously, he spent five years at Unit 8200, as an officer and team leader of security researchers.

Security Research

Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations

CVE-2021-36798 is a vulnerability in Cobalt Strike server that could allow victims to register a fake Beacon and DoS attackers.

Crimeware

Purple Fox EK | New CVEs, Steganography, and Virtualization Added to Attack Flow

New research shows that the Purple Fox exploit kit has added new tricks to its attack flow and continues to target vulnerable versions of Internet Explorer.

Security Research

Living Off Windows Land – A New Native File “downldr”

A newly discovered LOLBin offers an alternative to certutil for helping adversaries download files from a remote server. Meet desktopimgdownldr.exe.

Advanced Persistent Threat

The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration

Cybercrime and nation state attacks haven’t come to a stop due to COVID-19. Here we describe a recent APT attack on a global brand prevented by SentinelOne.

0 / 147

Posts Written ByGal Kristal

Gal Kristal

Detecting macOS.GMERA Malware Through Behavioral Inspection

RIG Exploit Kit Chain Internals