Research by: Yaroslav Harakhavik and Aliaksandr Chailytko It’s been over a year since DanaBot was first discovered, and its developers are still working to improve it and find new opportunities to collaborate... Click to Read More
Omri Herscovici During the past 3 years, Check Point Research has invested significant resources into vulnerability research. For every vulnerability we discover, we first notify the vendor and immediately develop new... Click to Read More
Research by: Eran Vaknin and Alon Boxiner The goal of Microsoft Management Console (MMC) is to provide a programming platform for creating and hosting applications that manage Microsoft Windows-based environment, and to... Click to Read More
Research by: Ronen Shustin Introduction About a year ago Check Point Research discovered critical vulnerabilities in a Ukrainian TV streaming platform that, if exploited, could leave service providers exposed to a serious... Click to Read More
Research by: Ben Herzog It’s possible to write any program in any programming language; that’s what Turing completeness means. Therefore, it’s possible to write malware in any language, too. But in both... Click to Read More
Earlier today the Financial Times published that there is a critical vulnerability in the popular WhatsApp messaging application and that it is actively being used to inject spyware into victims phones. According... Click to Read More
Check Point researchers have carried out an investigative research that allows for a rare opportunity of coming face to face with real-life threat actors. In this case, these threat actors are an... Click to Read More
Research by: Alexey Bukheyev and Aliaksandr Chailytko ISPsystem panel is a well-known software with a user-friendly web interface for managing web-servers, dedicated servers, VPS (Virtual Private Servers) and billing. ISPsystem software products... Click to Read More
Research by: Itay Cohen The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The... Click to Read More
Introduction Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a... Click to Read More
Research by: Avigayil Mechtinger, Andrey Polkovnichenko and Bogdan Melnykov Summary: Checkpoint’s researchers, with the help of Craig Silverman at BuzzFeed, have uncovered a series of applications conducting fraudulent activities against Ad Agencies.... Click to Read More
The Iranian APT, MuddyWater, has been active since at least 2017. Most recently though, a new campaign, targeting Belarus, Turkey and Ukraine, has emerged that caught the attention of Check Point researchers.... Click to Read More
Research by: Slava Makkaveev Smartphones usually come with pre-installed apps, some of which are useful and some that never get used at all. What a user does not expect, however, is for... Click to Read More
Research by; Yaara Shriki and Roman Zaikin To celebrate this year’s April Fool’s Day, some of you may have noticed that Google added an interactive snake game inside its Google Maps application... Click to Read More
Research by: Eyal Itkin Introduction “Karta” (Russian for “map”) is a source code assisted binary matching plugin for IDA. The plugin was developed to match symbols for an open source library in... Click to Read More