Domestic Kitten: An Iranian Surveillance Operation

September 7, 2018 6:03 am

Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the Middle... Click to Read More

Ransom Warrior Decryption Tool

August 30, 2018 7:28 am

On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers, who... Click to Read More

CeidPageLock: A Chinese RootKit

August 28, 2018 12:36 am

Research by: Israel Gubi Over the last few weeks, we have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit. The rootkit was first discovered by 360 Security Center... Click to Read More

Interactive Mapping of APT-C-23

August 26, 2018 11:54 pm

Research by: Aseel Kayal Last month, we investigated the renewal of a targeted attack against the Palestinian Authority, attributed to the APT-C-23 threat group. Although this campaign was initially discovered in early 2017,... Click to Read More

Ryuk Ransomware: A Targeted Campaign Break-Down

August 20, 2018 3:14 pm

Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds of PC, storage and data centers... Click to Read More

Faxploit: Sending Fax Back to the Dark Ages

August 12, 2018 3:09 pm

Research By: Eyal Itkin and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver... Click to Read More

Man-in-the-Disk: Android Apps Exposed via External Storage

August 12, 2018 1:09 pm

Research By: Slava Makkaveev Recently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to an... Click to Read More

FakesApp: A Vulnerability in WhatsApp

August 7, 2018 4:15 am

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages sent... Click to Read More

Ramnit’s Network of Proxy Servers

August 5, 2018 11:30 am

Research By: Alexey Bukhteyev As you may know, Ramnit is one of the most prominent banking malware families in existence today and lately Check Point Research monitored a new massive campaign of Ramnit, dubbed... Click to Read More

Osiris: An Enhanced Banking Trojan

July 31, 2018 8:54 am

Research By: Yaroslav Harakhavik and Nikita Fokin Following our recent analysis of the Kronos banking Trojan, we discovered that Kronos has also now been enhanced to hide its communication with C&C server using Tor.... Click to Read More