Malware Against the C Monoculture

May 20, 2019 3:33 am

Research by: Ben Herzog   It’s possible to write any program in any programming language; that’s what Turing completeness means. Therefore, it’s possible to write malware in any language, too. But in both... Click to Read More

The NSO WhatsApp Vulnerability – This is How It Happened

May 14, 2019 10:57 am

  Earlier today the Financial Times published that there is a critical vulnerability in the popular WhatsApp messaging application and that it is actively being used to inject spyware into victims phones. According... Click to Read More

PlaNETWORK: Face to Face with Cyber Crime

May 9, 2019 6:00 am

  Check Point researchers have carried out an investigative research that allows for a rare opportunity of coming face to face with real-life threat actors. In this case, these threat actors are an... Click to Read More

Vulnerabilities in ISPsystem

May 1, 2019 3:14 am

  Research by: Alexey Bukheyev and Aliaksandr Chailytko ISPsystem panel is a well-known software with a user-friendly web interface for managing web-servers, dedicated servers, VPS (Virtual Private Servers) and billing. ISPsystem software products... Click to Read More

Deobfuscating APT32 Flow Graphs with Cutter and Radare2

April 24, 2019 12:12 am

Research by: Itay Cohen The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The... Click to Read More

FINTEAM: Trojanized TeamViewer Against Government Targets

April 22, 2019 6:00 am

Introduction Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a... Click to Read More

PreAMo: A Clicker Campaign found on Google Play

April 19, 2019 10:12 am

Research by: Avigayil Mechtinger, Andrey Polkovnichenko and Bogdan Melnykov   Summary: Checkpoint’s researchers, with the help of Craig Silverman at BuzzFeed, have uncovered a series of applications conducting fraudulent activities against Ad Agencies.... Click to Read More

The Muddy Waters of APT Attacks

April 10, 2019 6:00 am

  The Iranian APT, MuddyWater, has been active since at least 2017. Most recently though, a new campaign, targeting Belarus, Turkey and Ukraine, has emerged that caught the attention of Check Point researchers.... Click to Read More

Vulnerability in Xiaomi Pre-Installed Security App

April 4, 2019 6:00 am

Research by: Slava Makkaveev   Smartphones usually come with pre-installed apps, some of which are useful and some that never get used at all. What a user does not expect, however, is for... Click to Read More

Reverse Engineering the April Fools Snake Game For Fun (and No Profit)

April 3, 2019 1:35 pm

Research by; Yaara Shriki and Roman Zaikin   To celebrate this year’s April Fool’s Day, some of you may have noticed that Google added an interactive snake game inside its Google Maps application... Click to Read More