|
By Gemma Goldstein
Quasar, crafted in the C# programming language, is a publicly accessible and open-source Remote Access Trojan (RAT) designed for Microsoft Windows operating systems (OSs). This creation comes courtesy of the GitHub user MaxXor and resides as a publicly hosted repository on GitHub. While its utility extends to legitimate applications like enabling remote assistance from an organization’s helpdesk technician, Quasar is being exploited by APT actors for cybercrime and cyber espionage endeavors.
|
By Gemma Goldstein
Following Cyberint’s acquisition by Check Point at the end of 2024, we’ve only accelerated across our platform and services. This year-in-review highlights the biggest achievements of 2025, spanning AI innovation, huge advancements in threat intelligence, brand protection, and attack surface management, global coverage and most importantly customer impact.
|
By Gemma Goldstein
Zestix is identified as a criminal threat actor primarily motivated by personal gain. The actor first emerged in September 2025 and operates at an intermediate resource level, functioning as an individual. Zestix has been involved in significant data breaches, notably targeting organizations in the transportation and government sectors.
|
By Gemma Goldstein
CopilotLeaks is a criminal threat actor group known for its data breaches and leaks targeting various sectors in Bolivia and Paraguay. The group operates under multiple aliases, including Megumi, vulnerandolo, and Johan_Liebheart. Their primary motivation is personal gain, and they are characterized as having an intermediate level of sophistication.
|
By Gemma Goldstein
LinkedIn was never designed to be hostile. That’s precisely why it’s become attractive to attackers.
|
By Dean Fenster
Since at least May 2023, a financially motivated cyber-crime network has been operating a phishing campaign primarily abusing Google Ads, and occasionally Microsoft Ads to drive traffic to credential-harvesting websites. This campaign – part of which was named “Payroll Pirates” by SilentPush – has remained active, with periodic updates to tactics and target rotations.
|
By Shmuel Gihon
Originally published: April 2023 Updated: September 2025 Supply chain attacks are a growing and increasingly sophisticated form of cyber threat. They target the complex network of relationships between organizations and their suppliers, vendors, and third-party service providers. These attacks exploit vulnerabilities that emerge due to the interconnected nature of digital supply chains, which often span multiple organizations, systems, and geographies.
|
By Adi Bleih
First published May 8th 2025 Updated Sept 16th 2025 Editor’s Note: This blog builds on our recent analysis of the DragonForce ransomware cartel, which claimed responsibility for a wave of UK retail attacks in April–May 2025. While DragonForce took credit for the extortion and data leak phase, growing evidence suggests that another group—Scattered Spider—may have played a foundational role in enabling those attacks.
|
By Gemma Goldstein
How Cyberint, now a Check Point Company, supports organisations working towards cyber resilience.
|
By Adi Bleih
On September 8, 2025, the JavaScript ecosystem experienced what is now considered the largest supply chain attack in npm history. A sophisticated phishing campaign led to the compromise of a trusted maintainer’s account, resulting in the injection of cryptocurrency-stealing malware into 18+ foundational npm packages. These packages collectively accounted for over 2 billion weekly downloads, affecting millions of applications globally—from personal projects to enterprise-grade systems.
Exposure Management isn’t just a buzzword; it’s the future of cybersecurity. Attackers move fast, exploiting misconfigurations, leaked credentials, and control gaps before patch cycles even start. Traditional tools give you dashboards and alerts, but visibility without action is just noise.
The question isn’t if something goes wrong, it’s whether you can fix it fast enough….. This is why we built Check Point Exposure Management.
|
By Cyberint
Safe Remediation is the process of turning validated exposure insights into coordinated, non-disruptive fixes across security controls ensuring teams can reduce risk quickly without breaking production. More specifically, Safe Remediation includes: Validation before enforcement Remediation without downtime Automated, coordinated action across controls Preemptive blocking of attacker infrastructure Safe-by-design automation Safe Remediation ensures that exposures are fixed quickly, automatically, and without operational risk – turning detection into trusted, validated action.
|
By Cyberint
See how customers can query our MCP server to sift through their threat intelligence and get contextual answers immediately.
|
By Cyberint
CTEM, introduced by Gartner, was designed to address a critical gap in traditional vulnerability management: the broken flow between detection and remediation. While reports and alerts pile up, exposures often remain unresolved, leaving organizations at risk. CTEM organizes this process into five stages—Scoping, Discovery, Prioritization, Validation, and Mobilization—bringing structure to chaos. Technically, it’s a framework because Gartner never mandated a single solution to deliver all stages. Most vendors only cover one or two.
|
By Cyberint
When Attack Surface Management (ASM) stops at discovery, teams drown in alerts, CVE lists, and noise. What’s exposed isn’t the same as what’s actively being weaponized—and without prioritization or built-in remediation, risk piles up fast. Exposure Management (EM) closes that gap. It merges threat intelligence, vulnerability context, and safe-by-design remediation into one continuous loop. Instead of “scan → report → wait,” EM delivers.
|
By Cyberint
This is not only important for Cyberint's bottom line, but also crucial to demonstrate to investors that we are spending responsibly. One of the problems that CFOs encounter frequently is product sprawl. Where teams are using separate solutions for different purposes, each with their own price tag. Many of these point solutions aren’t better than a consolidated product; if they were using one, the information shared would make the tool more valuable. Despite this product sprawl occurs. The same is true for cybersecurity products.
- April 2026 (1)
- January 2026 (2)
- December 2025 (7)
- November 2025 (2)
- September 2025 (4)
- July 2025 (6)
- June 2025 (2)
- May 2025 (6)
- April 2025 (4)
- March 2025 (2)
- February 2025 (5)
- January 2025 (4)
- December 2024 (8)
- November 2024 (6)
- October 2024 (5)
- September 2024 (6)
- August 2024 (5)
- July 2024 (5)
- June 2024 (6)
- May 2024 (9)
- April 2024 (7)
- March 2024 (3)
- February 2024 (8)
- January 2024 (9)
- December 2023 (6)
- November 2023 (9)
- October 2023 (14)
- September 2023 (11)
- August 2023 (9)
- July 2023 (9)
- June 2023 (8)
- May 2023 (7)
- April 2023 (9)
- March 2023 (8)
- February 2023 (5)
- December 2022 (3)
- November 2022 (4)
- October 2022 (5)
- September 2022 (6)
- August 2022 (5)
- July 2022 (4)
- June 2022 (3)
- May 2022 (4)
- April 2022 (4)
- March 2022 (8)
- February 2022 (6)
- January 2022 (2)
- December 2021 (7)
- November 2021 (4)
- October 2021 (2)
- September 2021 (3)
- August 2021 (4)
- July 2021 (7)
- June 2021 (3)
- May 2021 (6)
- April 2021 (5)
- March 2021 (4)
- February 2021 (5)
- January 2021 (12)
- December 2020 (6)
- November 2020 (2)
- October 2020 (4)
- July 2020 (1)
- May 2020 (1)
- April 2020 (2)
- March 2020 (3)
- January 2020 (1)
- December 2019 (2)
- September 2019 (1)
- May 2019 (1)
- March 2019 (1)
- November 2018 (1)
- January 2018 (3)
- May 2014 (2)
Best-in-class managed intelligence suite. We help you identify emerging threats, verify your security posture, and respond effectively to reduce their impact.
CyberInt's Managed Detection and Response services span globally and include some of the top finance, retail and telecommunication organizations. Allowing our customers to combat and respond to advanced cyber threats that would normally go unnoticed by standard security controls, while protecting their brand, digital assets and customers.
Solutions:
- Threat Intelligence: Real-time monitoring of threats in the deep, dark and open web such as phishing and malware campaigns, brute-force and credential stuffing threats, data leakage, including personal identifiable information (PII), and fraudulent activity.
- Digital Risk: Digital footprint discovery and ongoing monitoring of organizations’ cloud and external facing assets. Ensuring visibility into assets with severity-based prioritization of issues to address, highlighting related threats, vulnerabilities, and weaknesses.
- Threat Hunting: Driven by Cyberint proprietary intelligence and custom detections service provides continuous hunt for threats across the IT and infrastructure. Leveraging 3rd party EDR-agnostic technology and SOAR, we deploy proprietary automated playbooks to contain and mitigate threats within minutes.
- Cybersecurity Assessment: Testing applications and infrastructure’s resilience to cyberattacks, to identify weaknesses and loopholes in your security posture.
Intelligence-driven Detection & Response. Leveraging threat intelligence suite, threat hunting and threat mitigation and response services.