Domestic Kitten: An Iranian Surveillance Operation

September 7, 2018 6:03 am

  Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the... Click to Read More

Ransom Warrior Decryption Tool

August 30, 2018 7:28 am

  On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers,... Click to Read More

CeidPageLock: A Chinese RootKit

August 28, 2018 12:36 am

Research by: Israel Gubi   Over the last few weeks, we have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit. The rootkit was first discovered by 360 Security... Click to Read More

Interactive Mapping of APT-C-23

August 26, 2018 11:54 pm

Research by: Aseel Kayal   Last month, we investigated the renewal of a targeted attack against the Palestinian Authority, attributed to the APT-C-23 threat group. Although this campaign was initially discovered in early... Click to Read More

Ryuk Ransomware: A Targeted Campaign Break-Down

August 20, 2018 3:14 pm

Research by: Itay Cohen, Ben Herzog Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds... Click to Read More

VBEtaly: An Italian Ursnif MalSpam Campaign

August 16, 2018 1:43 am

  Check Point researchers have found another wave of the Ursnif malspam campaign targeting Italy. Only a few details are known so far but what we have found is that the file delivered... Click to Read More

Faxploit: Sending Fax Back to the Dark Ages

August 12, 2018 3:09 pm

Research By: Eyal Itkin, Yannay Livneh and Yaniv Balmas   Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were... Click to Read More

Man-in-the-Disk: Android Apps Exposed via External Storage

August 12, 2018 1:09 pm

Research By: Slava Makkaveev   Recently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to... Click to Read More

FakesApp: A Vulnerability in WhatsApp

August 7, 2018 4:15 am

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu   As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages... Click to Read More

Ramnit’s Network of Proxy Servers

August 5, 2018 11:30 am

Research By: Alexey Bukhteyev   As you may know, Ramnit is one of the most prominent banking malware families in existence today and lately Check Point Research monitored a new massive campaign of Ramnit,... Click to Read More

Osiris: An Enhanced Banking Trojan

July 31, 2018 8:54 am

Research By: Yaroslav Harakhavik and Nikita Fokin   Following our recent analysis of the Kronos banking Trojan, we discovered that Kronos has also now been enhanced to hide its communication with C&C server using... Click to Read More

A Malvertising Campaign of Secrets and Lies

July 30, 2018 6:00 am

  Check Point Research has uncovered a large Malvertising campaign that starts with thousands of compromised WordPress websites, involves multiple parties in the online advertising chain and ends with distributing malicious content, via... Click to Read More

Emotet: The Tricky Trojan that ‘Git Clones’

July 24, 2018 1:57 am

Research by: Ofer Caspi, Ben Herzog The Emotet Trojan downloader originally debuted in 2014 as a banking Trojan that took an unusual approach to stealing banking credentials; Instead of hooking per-browser functions in... Click to Read More

GlanceLove: Spying Under the Cover of the World Cup

July 12, 2018 6:02 am

  When the whistle of the first match of the 2018 World Cup blew, it didn’t just signal the start of an exciting tournament for football fans worldwide, but also gave the green... Click to Read More

Cyber Attack Trends: 2018 Mid-Year Report

July 12, 2018 6:00 am

  When it comes to the global cyber threat landscape, threats are ever evolving, keeping organizations, as well as the security research community, constantly challenged. In our Cyber Attack Trends: 2018 Mid-Year Report... Click to Read More