SELECT code_execution FROM * USING SQLite;

August 10, 2019 2:00 pm

Gaining code execution using a malicious SQLite database Research By: Omer Gull tl;dr SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been... Click to Read More

Black Hat 2019 – WhatsApp Protocol Decryption for Chat Manipulation and More

August 7, 2019 5:05 pm

  Research By: Dikla Barda, Roman Zaikin and Oded Vanunu According to sources, WhatsApp, the Facebook-owned messaging application has over 1.5 billion users in over 180 countries. The average user checks WhatsApp more... Click to Read More

Reverse RDP Attack: The Hyper-V Connection

August 7, 2019 4:00 pm

Research by: Eyal Itkin Overview Earlier this year, we published our research on the Reverse RDP Attack. In our previous blog post, we described how we found numerous critical vulnerabilities in popular Remote... Click to Read More

Cobalt Group Returns To Kazakhstan

July 31, 2019 7:14 am

Introduction Cobalt Group is a financially motivated cyber-crime gang that has been active since at least 2016. The group is mainly interested in carrying out attacks against banks, in an attempt to access... Click to Read More

Cryptographic Attacks: A Guide for the Perplexed

July 29, 2019 6:35 am

Research by: Ben Herzog Introduction When some people hear “Cryptography”, they think of their Wifi password, of the little green lock icon next to the address of their favorite website, and of the difficulty... Click to Read More

CYBER ATTACK TRENDS: 2019 MID-YEAR REPORT

July 25, 2019 5:00 am

The first half of 2019 demonstrated that no environment is immune to cyber attacks. We have witnessed threat actors developing new tool sets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’... Click to Read More

Agent Smith: A New Species of Mobile Malware

July 10, 2019 5:58 am

  Research by: Aviran Hazum, Feixiang He, Inbal Marom, Bogdan Melnykov, Andrey Polkovnichenko   Check Point Researchers recently discovered a new variant of mobile malware that quietly infected around 25 million devices, while... Click to Read More

The 2019 Resurgence of Smokeloader

July 9, 2019 6:19 am

A View into New Nasty Tricks and Actor Activity Research By: Israel Gubi   Background Smokeloader is a popular bot and a veteran in its field – being sold on underground cybercriminal markets... Click to Read More

Operation Tripoli

July 1, 2019 2:37 am

  Check Point Research recently came across a large-scale campaign that for years was using Facebook pages to spread malware across mobile and desktop environments, with one target country in mind: Libya. It... Click to Read More

EA Games Vulnerability

June 26, 2019 6:03 am

  In the last few weeks, Check Point Research has combined forces with CyberInt to identify a chain of vulnerabilities that, once exploited, could have led to the takeover of millions of player... Click to Read More

Thumbs Up: Using Machine Learning to Improve IDA’s Analysis

June 24, 2019 5:57 am

Research by: Eyal Itkin   Introduction At the beginning of 2019, we released Karta, a plugin for the IDA disassembler that identifies open sources in binaries. During our work on the plugin, we stumbled... Click to Read More

DanaBot Demands a Ransom Payment

June 20, 2019 3:34 am

Research by: Yaroslav Harakhavik  and Aliaksandr Chailytko   It’s been over a year since DanaBot was first discovered, and its developers are still working to improve it and find new opportunities to collaborate... Click to Read More

CPR-Zero: The Check Point Research Vulnerability Repository

June 19, 2019 5:59 am

  Omri Herscovici   During the past 3 years, Check Point Research has invested significant resources into vulnerability research. For every vulnerability we discover, we first notify the vendor and immediately develop new... Click to Read More

Microsoft Management Console (MMC) Vulnerabilities

June 11, 2019 1:37 pm

Research by: Eran Vaknin and Alon Boxiner   The goal of Microsoft Management Console (MMC) is to provide a programming platform for creating and hosting applications that manage Microsoft Windows-based environment, and to... Click to Read More

We Decide What You See: Remote Code Execution on a Major IPTV Platform

June 5, 2019 5:44 am

Research by: Ronen Shustin   Introduction About a year ago Check Point Research discovered critical vulnerabilities in a Ukrainian TV streaming platform that, if exploited, could leave service providers exposed to a serious... Click to Read More