Check Point Blog

Telegram: The New Channel of Choice for Conducting Cyber Crime

The Dark Web is a hive of illicit activity. From illegal guns and drug dealing to the Ransomware-as-a-Service programs, buyers and sellers can use this medium to trade and exchange both knowledge and products.   The take-down of such Dark Web market places, Hansa Market and Alpha Bay, by various American and European law enforcement…

Read More
Corporate Blog May 8, 2018

Telegram: Cyber Crime’s Channel of Choice

Introduction The Dark Web is a hive of illicit activity. From illegal guns and drug dealing to the Ransomware-as-a-Service programs buyers and sellers can use this medium to trade and exchange both knowledge and products. That is, of course, until the …

Read More
Research May 7, 2018

SiliVaccine: Inside North Korea’s Anti-Virus

By: Mark Lechtik and Michael Kajiloti Revealed: In an exclusive piece of research, Check Point Researchers have carried out a revealing investigation into North Korea’s home-grown anti-virus software, SiliVaccine. One of several interesting factors is …

Read More
Research May 1, 2018

SiliVaccine: A Special Report Into North Korea’s Anti-Virus

Revealed: In an exclusive piece of research, Check Point Researchers have carried out a revealing investigation into North Korea’s home-grown anti-virus software, SiliVaccine.          One of several interesting factors is that a key component of SiliVaccine’s code is a 10-year-old copy of one of Trend Micro’s, a Japanese company, software components.  …

Read More
Corporate Blog

Cryptomining to The Dark Side

Key Findings: A once legitimate video download software site, OSDSoft, has moved into crypto-mining. Around 6000 machines have been infected in just a few months. Distributed by a fraudulent Adobe Flash Player update service, the malware is mining $700 of Monero crypto currency for the perpetrator each day. Check Point researchers have recently discovered a…

Read More
Corporate Blog April 29, 2018

A Crypto Mining Operation Unmasked

Introduction With the emerging threat of miners and the rise of cryptocurrencies that have taken the world by storm lately, Check Point Research has been keeping an eye out for mining campaigns. During our work into Monero miners, we stumbled upon seve…

Read More
Research

MMap Vulnerabilities – Linux Kernel

By: Eyal Itkin As part of our efforts in identifying vulnerabilities in different products, from time to time we also review the Linux Kernel, mainly searching for vulnerabilities in different drivers. In this case, we took a look into drivers trying t…

Read More
Research

The Problem With Two-Factor Authentication

Organizations, large and small, are moving to the cloud en masse. While the cloud offers clear benefits, there are also challenges when it comes to security. In the first post of this cloud security series, we outlined these challenges and explained the risks behind these challenges not being properly addressed.   In this second part…

Read More
Cloud security

NTLM Credentials Theft via PDF Files

Just a few days after it was reported that malicious actors can exploit a vulnerability in MS outlook using OLE to steal a Windows user’s NTLM hashes, the Check Point research team can also reveal that NTLM hash leaks can also be achieved via PDF files…

Read More
Research April 26, 2018

Fifth Generation Phishing Kits Have Arrived

“Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.” – Maimonides (1135-1204).   With online phishing kits being the all-in-one DIY fishing pack for those new to this illicit activity, low-tech scammers are taking Maimonides’ proverb to heart.   Phishing…

Read More
Corporate Blog April 24, 2018