Gaining code execution using a malicious SQLite database Research By: Omer Gull tl;dr SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been... Click to Read More
Research By: Dikla Barda, Roman Zaikin and Oded Vanunu According to sources, WhatsApp, the Facebook-owned messaging application has over 1.5 billion users in over 180 countries. The average user checks WhatsApp more... Click to Read More
Research by: Eyal Itkin Overview Earlier this year, we published our research on the Reverse RDP Attack. In our previous blog post, we described how we found numerous critical vulnerabilities in popular Remote... Click to Read More
Introduction Cobalt Group is a financially motivated cyber-crime gang that has been active since at least 2016. The group is mainly interested in carrying out attacks against banks, in an attempt to access... Click to Read More
Research by: Ben Herzog Introduction When some people hear “Cryptography”, they think of their Wifi password, of the little green lock icon next to the address of their favorite website, and of the difficulty... Click to Read More
The first half of 2019 demonstrated that no environment is immune to cyber attacks. We have witnessed threat actors developing new tool sets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’... Click to Read More
Research by: Aviran Hazum, Feixiang He, Inbal Marom, Bogdan Melnykov, Andrey Polkovnichenko Check Point Researchers recently discovered a new variant of mobile malware that quietly infected around 25 million devices, while... Click to Read More
A View into New Nasty Tricks and Actor Activity Research By: Israel Gubi Background Smokeloader is a popular bot and a veteran in its field – being sold on underground cybercriminal markets... Click to Read More
Check Point Research recently came across a large-scale campaign that for years was using Facebook pages to spread malware across mobile and desktop environments, with one target country in mind: Libya. It... Click to Read More
In the last few weeks, Check Point Research has combined forces with CyberInt to identify a chain of vulnerabilities that, once exploited, could have led to the takeover of millions of player... Click to Read More
Research by: Eyal Itkin Introduction At the beginning of 2019, we released Karta, a plugin for the IDA disassembler that identifies open sources in binaries. During our work on the plugin, we stumbled... Click to Read More
Research by: Yaroslav Harakhavik and Aliaksandr Chailytko It’s been over a year since DanaBot was first discovered, and its developers are still working to improve it and find new opportunities to collaborate... Click to Read More
Omri Herscovici During the past 3 years, Check Point Research has invested significant resources into vulnerability research. For every vulnerability we discover, we first notify the vendor and immediately develop new... Click to Read More
Research by: Eran Vaknin and Alon Boxiner The goal of Microsoft Management Console (MMC) is to provide a programming platform for creating and hosting applications that manage Microsoft Windows-based environment, and to... Click to Read More
Research by: Ronen Shustin Introduction About a year ago Check Point Research discovered critical vulnerabilities in a Ukrainian TV streaming platform that, if exploited, could leave service providers exposed to a serious... Click to Read More