Blog News - Úvod 

Update 18.10.2018 14:57:30

 

Datum

Obrázek

Název

Info

Companies

18.10.2018

The Emergence of the New Azorult 3.3

During the last week, Check Point Research spotted a new version of Azorult in the wild being delivered through the RIG exploit kit, as well as other sources. Azorult is a long known information stealer and malware downloader, with this particular version being advertised in an underground forum since October 4. The version number given to it by its authors is 3.3Checkpoint
18.10.2018

Godzilla Loader and the Long Tail of Malware

To most victims, malware is a force of nature. Zeus, Wannacry, Conficker are all vengeful gods, out to punish the common man for clicking the wrong link. Even for a security analyst, it’s easy to fall into the kind of thinking where malicious tools and campaigns emerge out of the ether, forged by an invisible hand. Checkpoint

27.9.2018

The ‘Gazorp’ Dark Web Azorult Builder

On 17th September Check Point Research found a new online builder, dubbed ‘Gazorp’, hosted on the Dark Web. Gazorp is designed for building binaries of the popular malware, Azorult, an infostealer used for stealing user passwords, credit card information, cryptocurrency related data and more.

Checkpoint

20.9.2018

Fake finance apps on Google Play target users from around the world

Fake finance apps on Google Play target users from around the world

Cybercrooks use bogus apps to phish six online banks and a cryptocurrency exchange

Eset

20.9.2018

The Occasional Orator Part 1

The Occasional Orator Part 1

Speaking at conferences can be daunting for presenters but often it is about striking the right balance between content and delivery

Eset

20.9.2018

Bristol airport takes flight screens offline after apparent ransomware attack

Bristol airport takes flight screens offline after apparent ransomware attack

The screens in “key locations” are back up and running again, while the airport paid no ransom to return its systems to working order

Eset

20.9.2018

One in three UK orgs hit by cryptojacking in previous month, survey finds

One in three UK orgs hit by cryptojacking in previous month, survey finds

Conversely, only a little over one-third of IT executives believe that their systems have never been hijacked to surreptitiously mine digital currencies

Eset

14.9.2018

Meet Black Rose Lucy, the Latest Russian MaaS Botnet

An organization needs to have a collaborative hiring process, advised Steve Jobs. Always a group to follow mainstream trends closely, in recent years we’ve seen cyber criminals take greater heed of this advice by increasingly hiring cyber mercenaries and Malware-as-a-Service (MaaS) providers as a way to carry out their malicious activities.

Checkpoint

14.9.2018

Domestic Kitten: An Iranian Surveillance Operation

Chinese strategist Sun Tzu, Italian political philosopher Machiavelli and English philosopher Thomas Hobbes all justified deceit in war as a legitimate form of warfare. Preceding them all, however, were some in the Middle East who had already internalized and implemented this strategy to great effect, and continue to do so today.

Checkpoint

30.8.2018

Ransom Warrior Decryption Tool

On August 8th, a new ransomware, dubbed ‘RansomWarrior’, was found by the Malware Hunter Team. Going by the ransom note shown to its victims, RansomWarrior seems to have been developed by Indian hackers, who...

Checkpoint

28.8.2018

CeidPageLock: A Chinese RootKit

Research by: Israel Gubi Over the last few weeks, we have been observing a rootkit named CEIDPageLock being distributed by the RIG Exploit kit. The rootkit was first discovered by 360 Security Center...

Checkpoint

26.8.2018

Interactive Mapping of APT-C-23

Research by: Aseel Kayal Last month, we investigated the renewal of a targeted attack against the Palestinian Authority, attributed to the APT-C-23 threat group. Although this campaign was initially discovered in early 2017,...

Checkpoint

20.8.2018

Ryuk Ransomware: A Targeted Campaign Break-Down

Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds of PC, storage and data centers...

Checkpoint

16.8.2018

VBEtaly: An Italian Ursnif MalSpam Campaign

Check Point researchers have found another wave of the Ursnif malspam campaign targeting Italy. Only a few details are known so far but what we have found is that the file delivered is a VBE file (encoded VBS) named “SCANSIONE.vbe” and is delivered via ZIP attachments in emails with the subject suggesting different documents in Italian.

Checkpoint

12.8.2018

Faxploit: Sending Fax Back to the Dark Ages

Research By: Eyal Itkin and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver..

Checkpoint

12.8.2018

Man-in-the-Disk: Android Apps Exposed via External Storage

Research By: Slava Makkaveev Recently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to an...

Checkpoint

7.8.2018

FakesApp: A Vulnerability in WhatsApp

Research By: Dikla Barda, Roman Zaikin and Oded Vanunu As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages sent...

Checkpoint

5.8.2018

Ramnit’s Network of Proxy Servers

Research By: Alexey Bukhteyev As you may know, Ramnit is one of the most prominent banking malware families in existence today and lately Check Point Research monitored a new massive campaign of Ramnit, dubbed...

Checkpoint

31.7.2018

Osiris: An Enhanced Banking Trojan

Research By: Yaroslav Harakhavik and Nikita Fokin Following our recent analysis of the Kronos banking Trojan, we discovered that Kronos has also now been enhanced to hide its communication with C&C server using Tor....

Checkpoint

30.7.2018

A Malvertising Campaign of Secrets and Lies

Check Point Research has uncovered a large Malvertising campaign that starts with thousands of compromised WordPress websites, involves multiple parties in the online advertising chain and ends with distributing malicious content, via multiple...

Checkpoint