Check Point Research

For the latest discoveries in cyber research for the week of 11th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The FBI and CISA issued a joint statement detailing a major Chinese cyber-espionage campaign targeting U.S. telecommunications infrastructure, led by the APT group Salt Typhoon. This operation compromised networks to steal call The post 18th November – Threat Intelligence Report appeared first on Check Point Research.

Key Findings: Introduction On October 30th, the FBI, the US Department of Treasury, and the Israeli National Cybersecurity Directorate (INCD) released a joint Cybersecurity Advisory regarding recent activities of the Iranian cyber group Emennet Pasargad. The group recently operated under the name Aria Sepehr Ayandehsazan (ASA) and is affiliated with the Iranian Islamic Revolutionary Guard Corps (IRGC). The post Malware Spotlight:  A Deep-Dive Analysis of WezRat appeared first on Check Point Research.

Key findings: Introduction WIRTE is a Middle Eastern Advanced Persistent Threat (APT) group active since at least 2018. The group is primarily known for engaging in politically motivated cyber-espionage, focusing on intelligence gathering likely linked to regional geopolitical conflicts. WIRTE is believed to be a subgroup connected to Gaza Cybergang, a cluster affiliated with Hamas. Since late 2023, Check The post Hamas-affiliated Threat Actor WIRTE Continues its Middle East Operations and Moves to Disruptive Activity appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 11th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Memorial Hospital and Manor in Bainbridge, Georgia, has been a victim of a ransomware attack that resulted in the loss of access to its electronic health record system. The Embargo ransomware gang The post 11th November – Threat Intelligence Report appeared first on Check Point Research.

Key findings While we finalized this blog post, a technical analysis of this activity was published by fellow researchers from Cisco Talos. While it overlaps with our findings to some extent, our report provides additional extended information about the activity. Introduction Since July 2024, Check Point Research (CPR) has been tracking an extensive and ongoing phishing campaign The post CopyRh(ight)adamantys Campaign: Rhadamantys Exploits Intellectual Property Infringement Baits appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 4th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Free, the second-largest telecom company in France, has been hit by a cyberattack resulting in unauthorized access to personal data associated with certain subscriber accounts. The incident surfaced following an attempted sale The post 4th November – Threat Intelligence Report appeared first on Check Point Research.

Introduction APT36, also known as Transparent Tribe, is a Pakistan-based threat actor notorious for persistently targeting Indian government organizations, diplomatic personnel, and military facilities. APT36 has conducted numerous cyber-espionage campaigns against Windows, Linux, and Android systems. In recent campaigns, APT36 utilized a particularly insidious Windows RAT known as ElizaRAT. First discovered in 2023, ElizaRAT has significantly The post Cloudy With a Chance of RATs: Unveiling APT36 and the Evolution of ElizaRAT appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 28th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grupo Aeroportuario del Centro Norte (OMA), operator of 13 airports across Mexico, was hacked by the RansomHub ransomware gang, who threatened to leak 3TB of stolen data unless a ransom is paid. The post 28th October – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 21st October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Boston Children’s Health Physicians, part of the Boston Children’s Hospital network, suffered a data breach in September, exposing sensitive patient information, including Social Security numbers, medical records, and health insurance details. The The post 21st October – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 14th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Nonprofit healthcare organization Axis Health System has been hit by a ransomware attack by the Rhysida gang, leading to the theft of sensitive data, including mental health and substance abuse records. Rhysida The post 14th October – Threat Intelligence Report appeared first on Check Point Research.