• ABOUT
  • CONTACT
  • VISIT SENTINELONE.COM
Back
  • ABOUT
  • CONTACT
  • VISIT SENTINELONE.COM

Gal Kristal

Gal Kristal is a Senior Security Researcher at SentinelOne who specializes in Offensive Security. Previously, he spent five years at Unit 8200, as an officer and team leader of security researchers.
Security Research

Hotcobalt – New Cobalt Strike DoS Vulnerability That Lets You Halt Operations

Gal Kristal / August 4, 2021

CVE-2021-36798 is a vulnerability in Cobalt Strike server that could allow victims to register a fake Beacon and DoS attackers.

Read More
Crimeware

Purple Fox EK | New CVEs, Steganography, and Virtualization Added to Attack Flow

Gal Kristal / October 19, 2020

New research shows that the Purple Fox exploit kit has added new tricks to its attack flow and continues to target vulnerable versions of Internet Explorer.

Read More
Security Research

Living Off Windows Land – A New Native File “downldr”

Gal Kristal / July 2, 2020

A newly discovered LOLBin offers an alternative to certutil for helping adversaries download files from a remote server. Meet desktopimgdownldr.exe.

Read More
Advanced Persistent Threat

The Anatomy of an APT Attack and CobaltStrike Beacon’s Encoded Configuration

Gal Kristal / May 11, 2020

Cybercrime and nation state attacks haven’t come to a stop due to COVID-19. Here we describe a recent APT attack on a global brand prevented by SentinelOne.

Read More

SentinelLabs

In the era of interconnectivity, when markets, geographies, and jurisdictions merge in the melting pot of the digital domain, the perils of the threat ecosystem become unparalleled. Crimeware families achieve an unparalleled level of technical sophistication, APT groups are competing in fully-fledged cyber warfare, while once decentralized and scattered threat actors are forming adamant alliances of operating as elite corporate espionage teams.

Latest Tweet

  • The Centre for Cybersecurity Belgium (CCB) kindly invites you to its online CCB Share & Connect event – previousl… https://t.co/7yoL03kHyp14 days ago
  • New on #SentinelLabs! We have disclosed 10.0 CVSS vulnerabilities on Microsoft’s Azure Defender for IoT allowing u… https://t.co/cEnYqccXrV48 days ago
  • RT @VentureBeat: Five critical vulnerabilities in #Microsoft Azure Defender for #IoT could result in "full network compromise," researchers…48 days ago
  • Join us right now on a live Threat Intel Webinar starting at this moment on #UkraineRussianWar by @TomHegel… https://t.co/qViZm4g0i066 days ago

Recent Posts

  • Putting Things in Context | Timelining Threat Campaigns
    Putting Things in Context | Timelining Threat Campaigns
    May 11, 2022
  • Vulnerabilities in Avast And AVG Put Millions At Risk
    Vulnerabilities in Avast And AVG Put Millions At Risk
    May 5, 2022
  • Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
    Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
    May 2, 2022

Sign Up

Get notified when we post new content.

Thanks! Keep an eye out for new content!

  • Twitter
  • LinkedIn
©2022 SentinelOne, All Rights Reserved.