Check Point Research

Introduction Cryptographic attacks, even more advanced ones, are often made more difficult to understand than they need to be. Sometimes it’s because the explanation is “too much too soon” — it skips the simple general idea and goes straight to real world attacks with all their messy details. Other times it’s because of too much The post Modern Cryptographic Attacks: A Guide for the Perplexed appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 1st July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The BlackSuit ransomware group has hit South Africa’s National Health Laboratory Service (NHLS), disrupting lab result dissemination amid a Mpox outbreak. The actors have deleted system sections, including backups, forcing manual result The post 1st July – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 24th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The BlackSuit ransomware group has disrupted operations at CDK Global, a significant provider of IT and digital marketing solutions to the automotive industry, targeting their SaaS platforms across the United States and The post 24th June – Threat Intelligence Report appeared first on Check Point Research.

Research by: Antonis Terefos, Bohdan Melnykov Introduction Android, Google’s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources. However, The post Rafel RAT, Android Malware from Espionage to Ransomware Operations appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 17th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES An attack targeting Snowflake customer databases, identified as the work of threat actor UNC5537, has led to significant data theft and extortion. UNC5537 used stolen Snowflake customer credentials, obtained mainly from infostealer The post 17th June – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 10th June, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Pathology services provider Synnovis has experienced a ransomware attack that affected procedures and operations in several major hospitals in London, including the Department of Health and Social Care, NHS Qilin (formerly Agenda) ransomware The post 10th June – Threat Intelligence Report appeared first on Check Point Research.

Research by: Jiri Vinopal Highlights: Introduction Over the past few months, we have been monitoring the increasing abuse of BoxedApp products in the wild. BoxedApp products are commercial packers that provide advanced features such as Virtual Storage (Virtual File System, Virtual Registry), Virtual Processes, and a universal instrumentation system (WIN/NT API hooking). Even though BoxedApp has been commercially The post Inside the Box: Malware’s New Playground appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 3rd June, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES ShinyHunters, a notorious cybercrime gang offered for sale on a cybercrime forum data of Ticketmaster, ticket sales and distribution company, and of Santander bank. The alleged breaches have resulted in the potential exposure The post 3rd June – Threat Intelligence Report appeared first on Check Point Research.

Packers or crypters are widely used to protect malicious software from detection and static analysis. These auxiliary tools, through the use of compression and encryption algorithms, enable cybercriminals to prepare unique samples of malicious software for each campaign or even per victim, which complicates the work of antivirus software. In the case of certain packers, The post Static Unpacking for the Widespread NSIS-based Malicious Packer Family appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 20th May, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES A data breach has exposed 500GB of Indian biometric data, affecting Indian police, military personnel, and other public workers during elections in India. The leak stemmed from unsecured databases managed by ThoughtGreen Technologies The post 27th May – Threat Intelligence Report appeared first on Check Point Research.