We Decide What You See: Remote Code Execution on a Major IPTV Platform

June 5, 2019 5:44 am

Research by: Ronen Shustin   Introduction About a year ago Check Point Research discovered critical vulnerabilities in a Ukrainian TV streaming platform that, if exploited, could leave service providers exposed to a serious... Click to Read More

Malware Against the C Monoculture

May 20, 2019 3:33 am

Research by: Ben Herzog   It’s possible to write any program in any programming language; that’s what Turing completeness means. Therefore, it’s possible to write malware in any language, too. But in both... Click to Read More

The NSO WhatsApp Vulnerability – This is How It Happened

May 14, 2019 10:57 am

  Earlier today the Financial Times published that there is a critical vulnerability in the popular WhatsApp messaging application and that it is actively being used to inject spyware into victims phones. According... Click to Read More

PlaNETWORK: Face to Face with Cyber Crime

May 9, 2019 6:00 am

  Check Point researchers have carried out an investigative research that allows for a rare opportunity of coming face to face with real-life threat actors. In this case, these threat actors are an... Click to Read More

Vulnerabilities in ISPsystem

May 1, 2019 3:14 am

  Research by: Alexey Bukheyev and Aliaksandr Chailytko ISPsystem panel is a well-known software with a user-friendly web interface for managing web-servers, dedicated servers, VPS (Virtual Private Servers) and billing. ISPsystem software products... Click to Read More

Deobfuscating APT32 Flow Graphs with Cutter and Radare2

April 24, 2019 12:12 am

Research by: Itay Cohen The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The... Click to Read More

FINTEAM: Trojanized TeamViewer Against Government Targets

April 22, 2019 6:00 am

Introduction Recently, Check Point researchers spotted a targeted attack against officials within government finance authorities and representatives in several embassies in Europe. The attack, which starts with a malicious attachment disguised as a... Click to Read More

PreAMo: A Clicker Campaign found on Google Play

April 19, 2019 10:12 am

Research by: Avigayil Mechtinger, Andrey Polkovnichenko and Bogdan Melnykov   Summary: Checkpoint’s researchers, with the help of Craig Silverman at BuzzFeed, have uncovered a series of applications conducting fraudulent activities against Ad Agencies.... Click to Read More

The Muddy Waters of APT Attacks

April 10, 2019 6:00 am

  The Iranian APT, MuddyWater, has been active since at least 2017. Most recently though, a new campaign, targeting Belarus, Turkey and Ukraine, has emerged that caught the attention of Check Point researchers.... Click to Read More

Vulnerability in Xiaomi Pre-Installed Security App

April 4, 2019 6:00 am

Research by: Slava Makkaveev   Smartphones usually come with pre-installed apps, some of which are useful and some that never get used at all. What a user does not expect, however, is for... Click to Read More