Introduction Check Point Research discovered evidence of a new campaign by the Iranian threat group APT34 (aka OilRig), against what appears to be a Lebanese target, employing a new backdoor variant we dubbed... Click to Read More
Research By: Alex Ilgayev Introduction Two years ago, Microsoft released a new feature as a part of the Insiders build 18305 – Windows Sandbox. This sandbox has some useful specifications: Integrated part of... Click to Read More
Research by: Aviran Hazum, Bohdan Melnykov, Israel Wernik Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT.... Click to Read More
Research by: Eyal Itkin and Itay Cohen There is a theory which states that if anyone will ever manage to steal and use nation-grade cyber tools, any network would become untrusted, and the... Click to Read More
1.1 Introduction At the end of November, Check Point Research detected a new Office malware builder called APOMacroSploit, which was implicated in multiple malicious emails to more than 80 customers worldwide. In our... Click to Read More
Research by Eran Vaknin, Alon Boxiner In January 2020, we have published a research on TikTok, reporting we have found that a threat actor could reveal personal information saved on the account and... Click to Read More
Research by: Aviran Hazum, Alex Shamshur, Raman Ladutska, Ohad Mana, Israel Wernik Introduction Now more than ever, we rely on our smartphones to keep in touch with our work, our families and the... Click to Read More
Foreword In December 2020, a large-scale cyberattack targeting many organizations – predominantly tech companies, mainly in the United States, but not only there – was discovered to have been going on for several... Click to Read More
Research by: Eyal Itkin Overview The beautiful thing about video games is that there’s something for everyone. You can play as a 19-year-old Canadian redhead trying to climb a difficult mountain; or as an... Click to Read More
Research by: Aviran Hazum, Jonathan Shimonovich Overview: A new vulnerability for the Google Play Core Library was published in late August, which allows Local-Code-Execution (LCE) within the scope of any application that has... Click to Read More
Introduction Check Point Research recently observed a new wave of campaigns against various targets worldwide that utilizes a strain of a 13-year old backdoor Trojan named Bandook. Bandook, which had almost disappeared from... Click to Read More
Introduction Last weekend we issued a ransomware alert about a wave of attacks using a never-seen-before strain dubbed ‘Pay2Key.’ Our investigation suggested the ransomware operators were mostly targeting Israeli companies. The ransomware used... Click to Read More
Introduction Over the past week, an exceptional number of Israeli companies reported ransomware attacks. While some of the attacks were carried out by known ransomware strands like REvil and Ryuk, several large corporations... Click to Read More
Research By: Eyal Itkin and Itay Cohen Introduction Exploits have always been an important and integral part of malicious attacks. They allow attackers to gain capabilities that are not easy to achieve otherwise.... Click to Read More
Research by: Itay Cohen, Eyal Itkin In the past months, our Vulnerability and Malware Research teams joined efforts to focus on the exploits inside the malware and specifically, on the exploit writers themselves.... Click to Read More
