For several very weak RC4 variants, we demonstrate cool and unusual attacks that barely rely on statistics or care about key length, and instead serve as a motivating introduction to basic number theory and permutation groups.
Author Archives for itayc
Research by: Marc Salinas Fernandez Background & Key Findings The spring of 2022 saw a spike in activity of Bumblebee loader, a recent threat that has garnered a lot of attention due to... Click to Read More
Introduction Until last year, hacktivism has primarily been associated with groups like Anonymous – decentralized and unstructured collectives made up of private individuals with a variety of agendas. Anonymous has launched multiple campaigns... Click to Read More
Author: Jiri Vinopal Introduction For a reverse engineer, the ability to directly call a function from the analyzed binary can be a shortcut that bypasses a lot of grief. While in some cases... Click to Read More
Introduction In the past two months, we observed multiple APT groups attempting to leverage the Russia and Ukraine war as a lure for espionage operations. It comes as no surprise that Russian entities... Click to Read More
In the past few months, a new wave of cyberattacks has been flooding Iran. These attacks are far from minor website defacements – the recent wave is hitting national infrastructure and causing major... Click to Read More
Earlier this year, Check Point Research published the story of “Jian” — an exploit used by Chinese threat actor APT31 which was “heavily inspired by” an almost-identical exploit used by the Equation Group,... Click to Read More
What is Log4Shell (CVE-2021-44228)? A Remote Code Execution vulnerability in log4j2, a popular logging framework used in Java applications. What does this mean in practice? It means you can compromise a machine by... Click to Read More
For the latest discoveries in cyber research for the week of 23rd August, please download our Threat Intelligence Bulletin. Top Attacks and Breaches The Hive ransomware gang has encrypted computers of Memorial Health... Click to Read More
Check Point Research reveals that a threat actor named Indra is responsible for the attacks against targets in Iran, as well as against companies in Syria.
In mid-2017, The Shadow Brokers exposed NSA files in a leak known as "Lost In Translation". Recently, researcher uncovered "Nazar", a previously-unknown APT that was mentioned in the leak. We decided to dive into each and every one of the components and share our technical analysis. What we found out, is far from being "advanced".
For the latest discoveries in cyber research for the week of 13th January 2020, please download our Threat Intelligence Bulletin. Top Attacks and Breaches Austria’s foreign ministry has suffered a serious cyber-attack, allegedly... Click to Read More
For the latest discoveries in cyber research for the week of 23rd December 2019, please download our Threat Intelligence Bulletin. Top attacks and breaches An Emotet infection has caused Frankfurt to shut down... Click to Read More
For the latest discoveries in cyber research for the week of 2nd December 2019, please download our Threat Intelligence bulletin. TOP ATTACKS AND BREACHES The Vietnam-linked APT group Ocean Lotus has breached... Click to Read More