Check Point Blog

Threat Research June 9, 2015

New Data: Volatile Cedar Malware Campaign

      At the end of March, we published a blog post and a whitepaper about a cyber-espionage campaign dubbed “Volatile Cedar.” This campaign has successfully penetrated targets world-wide, using a variety of attack…

Read More
Threat Research May 20, 2015

Storm Kit – Changing the rules of the DDoS attack

Background Distributed denial of service (DDoS) is one of the most commonly used cybercriminal methods. It’s easy, cheap and difficult to trace, and “service providers” can be found throughout the “dark” Web. As a result,…

Read More
Threat Research May 14, 2015

Analysis of the Havij SQL Injection tool

Havij, an automatic SQL Injection tool, is distributed by ITSecTeam, an Iranian security company. The name Havij means “carrot”, which is the tool’s icon. The tool is designed with a user-friendly GUI that makes it…

Read More
Threat Research April 20, 2015

Analyzing the Magento Vulnerability (Updated)

Check Point researchers recently discovered a critical RCE (remote code execution) vulnerability in the Magento web e-commerce platform that can lead to the complete compromise of any Magento-based store, including credit card information as well as…

Read More
Threat Research April 8, 2015

The Curious Incident of the Phish in the Night-Time: a Forensic Case Study

Names have been changed to protect the privacy of the individuals involved.   On the morning of February 26, 2015, Laurie logged on to her Google account at work and discovered that overnight, someone had…

Read More
Threat Research March 31, 2015

Volatile Cedar – Analysis of a Global Cyber Espionage Campaign

Today, we announced the discovery of Volatile Cedar, a persistent attacker group originating possibly in Lebanon with political ties. Beginning in late 2012, the carefully orchestrated attack campaign we call Volatile Cedar has been targeting…

Read More
Threat Research March 26, 2015

Intelligence Report: Equation Group

Executive Summary The Equation Group, active since 2001, is a highly advanced and secretive computer espionage organization. The first report on Equation was published by Kaspersky during their 2015 Security Analyst Summit. The malware used…

Read More
Threat Research March 24, 2015

CuckooDroid – Fighting the Tide of Android Malware

The future is mobile. Few experts doubt this conclusion these days. The accelerating proliferation of smartphones and other devices powered by the Android operating system throughout the world has created a corresponding increase in mobile…

Read More
Threat Research March 19, 2015

Check Point Reveals New RCE Vulnerability in BitDefender Anti-Virus

Check Point’s Malware and Vulnerability Research Group today revealed new research into potential attacks of a crucial component in the Windows operating system, and demonstrated the use of such an attack by revealing a previously…

Read More
Threat Research November 3, 2014

Plugging the Security Hole in a WordPress Plug-In

Check Point researcher, Roi Paz recently discovered a critical vulnerability that would have enabled attackers to steal personal and financial data from thousands of websites and their visitors via the LiveSupporti WordPress plug-in. After being alerted…

Read More