PXE Dust: Finding a Vulnerability in Windows Servers Deployment Services

March 6, 2019 6:00 am

Research By: Omer Gull   Introduction Many large organizations use Windows Deployment Services (WDS) to install customized operating systems on new machines in the network. The Windows Deployment Services is usually, by its... Click to Read More

Jmail Breaker: Profiting from Joomla’s Mail Service

March 5, 2019 7:09 am

  Research By: Asaf G. and Adi I. Joomla! is one of the most popular CMS platforms and is used by hundreds of thousands of organizations worldwide. Over the years, many vulnerabilities were... Click to Read More

MacOS Malware Pedia

March 4, 2019 5:59 am

A New InfoStealer Campaign Targets APAC Windows Servers

March 3, 2019 6:16 am

Research by: Arie Olshtein, Moshe Hayun, Arnold Osipov As time goes by, malware writers invent new methods to bypass security products. During our research, we came across an attack targeting Windows servers in... Click to Read More

Extracting a 19 Year Old Code Execution from WinRAR

February 20, 2019 6:00 am

Research by: Nadav Grossman Introduction In this article, we tell the story of how we found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over... Click to Read More

North Korea Turns Against New Targets?!

February 19, 2019 6:00 am

  Introduction Over the past few weeks, we have been monitoring suspicious activity directed against Russian-based companies that exposed a predator-prey relationship that we had not seen before. For the first time we... Click to Read More

Reverse RDP Attack: Code Execution on RDP Clients

February 5, 2019 6:00 am

Research by: Eyal Itkin Overview Used by thousands of IT professionals and security researchers worldwide, the Remote Desktop Protocol (RDP) is usually considered a safe and trustworthy application to connect to remote computers.... Click to Read More

SpeakUp: A New Undetected Backdoor Linux Trojan

February 4, 2019 6:01 am

  Check Point Research has discovered a new campaign exploiting Linux servers to implant a new Backdoor Trojan. Dubbed ‘SpeakUp’, the new Trojan exploits known vulnerabilities in six different Linux distributions. The attack... Click to Read More

Report: 2019 Threat Trends Analysis

January 21, 2019 10:08 pm

  2018 introduced a challenging threat landscape. Threat actors consistently improved their cyber weapons, adopted new methods and adapted their attacks to emerging technologies. And although it may have seemed the past year... Click to Read More

Hacking Fortnite Accounts

January 16, 2019 12:32 am

Research by: Alon Boxiner, Eran Vaknin and Oded Vanunu Played in a virtual world, players of ‘Fortnite’, the massively popular game from game developer Epic Games, are tasked with testing their endurance as... Click to Read More