Richard Clayton

26 POSTS 0 COMMENTS

Anatomy of the Jaff Ransomware Campaign

Last month, Check Point researchers were able to spot the distribution of Jaff Ransomware by the Necurs Botnet. The ransomware was spread using malicious...

BROKERS IN THE SHADOWS: Analyzing vulnerabilities and attacks spawned by the...

Background Rarely does the release of an exploit have such a large impact across the world. With the recent leak of the NSA exploit methods,...

April’s Most Wanted Malware: Exploit Kit Attacks Continue, While Slammer Worm...

Check Point’s latest Global Threat Impact Index detected a continued increase in the number of organizations being targeted with Exploit Kits, as Rig EK...

Check Point Reveals Global WannaCry Ransomware Infection Map at CPX Europe...

Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection...

WannaCry – New Kill-Switch, New Sinkhole

Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In...

WannaCry – Paid Time Off?

Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing...

Global Outbreak of WannaCry

On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that...

JAFF – A New Ransomware is in town, and it’s widely...

Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only...

DiamondFox modular malware – a one-stop shop

Check Point researchers have conducted a thorough investigation of the DiamondFox malware-as-a-service in collaboration with Terbium Labs, a Dark Web Data Intelligence company. The...

Update – OSX/Dok Campaign

Our ongoing investigation of the OSX/DOK campaign has led us to detect several new variants of this malware. These new variants have the same functionality...