Check Point Research

For the latest discoveries in cyber research for the week of 17th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research elaborates about the pro-Palestinian hacktivist group “Dark Storm” which claimed the large-scale DDoS attack against X (formerly Twitter). The attack disrupted access to the platform, causing outages for users […]

The post 17th March – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 10th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The City of Mission, Texas, has declared a local state of emergency following a severe cybersecurity incident that threatens to expose protected personal information, health records, and other critical data managed by […]

The post 10th March – Threat Intelligence Report appeared first on Check Point Research.

Key Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American countries. Active since 2018, this Advanced Persistent Threat (APT) group focuses on government institutions, financial organizations, and critical infrastructure. Blind Eagle is known for employing […]

The post Blind Eagle: …And Justice for All appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 3rd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Orange Group has confirmed a cyberattack on its Romanian branch, in which a hacker linked to the HellCat ransomware group stole 6.5GB of data over a month. The breach exposed 380,000 email […]

The post 3rd March – Threat Intelligence Report appeared first on Check Point Research.

Research by: Itay Cohen (@megabeets_) Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact. However, in recent years, we have observed a significant shift in the nature of these activities. Groups that appear to […]

The post Modern Approach to Attributing Hacktivist Groups appeared first on Check Point Research.

By: Dikla Barda, Roaman Zaikin & Oded Vanunu  After reviewing the off-chain forensic report, we can now provide additional insights into the Bybit attackmechanism. Security researchers have determined that hackers injected malicious JavaScript directly into Safe’sonline infrastructure hosted on AWS. The code was specifically designed to activate only wheninteracting with Bybit’s contract address, allowing it […]

The post How an Attacker Drained $50M from a DeFi Protocol Through Role Escalation  appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 24h February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research covers the recent ByBit hack, one of the largest thefts in digital asset history, its implications for crypto security, and security recommendations. In this event, hackers gained access to […]

The post 24th February – Threat Intelligence Report appeared first on Check Point Research.

Highlights Introduction While the abuse of vulnerable drivers has been around for a while, those that can terminate arbitrary processes have drawn increasing attention in recent years. As Windows security continues to evolve, it has become more challenging for attackers to execute malicious code without being detected. As a result, the attackers often aim to […]

The post Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign appeared first on Check Point Research.

Research by Dikla Barda, Roman Ziakin and Oded Vanunu On February 21st, Check Point Blockchain Threat Intel System alerted on a critical attack log on the  Ethereum blockchain network. The log indicated that the AI engine identify anomality change with this transaction and categorize it as critical attack in real time. It was indicated that […]

The post The Bybit Incident: When Research Meets Reality appeared first on Check Point Research.

Executive Summary Why We Care about Sandbox Emulation As a discipline, information security involves a vast web of entry vectors, mitigations, and counter-mitigations. Among these, one of the most impactful points of conflict between attackers and defenders is what happens when binaries are subjected to sandbox emulation. Purely static analysis has been understood to be […]

The post The Cat and Mouse Game: Exploiting Statistical Weaknesses in Human Interaction Anti-Evasions appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 17th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES SimonMed Imaging, one of the largest diagnostic imaging companies in the US, has been breached by Medusa ransomware group, resulting in the theft of over 212 GB of sensitive data from its […]

The post 17th February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grubhub, the US-based online food ordering and delivery platform, suffered a data breach due to unauthorized access through a compromised third-party service provider’s account. The incident exposed personal details of customers, drivers, […]

The post 10th February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 3rd February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Mizuno USA, giant sports equipment manufacturer, has confirmed a cyber-attack that resulted in the theft of personal information from its network between August and October 2024. The data breach included names, Social […]

The post 3rd February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 27th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Stark Aerospace, a US-based manufacturer specializing in missile systems and UAVs, contractor of the US Military and the Department of Defense (DoD), has been targeted by the INC ransomware group. The attackers […]

The post 27th January – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 20th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Hotel management platform Otelier has suffered a data breach that resulted in extraction of almost eight terabytes of data. The threat actors compromised company’s Amazon S3 cloud storage, stealing guests’ personal information […]

The post 20th January – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 13th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The International Civil Aviation Organization (ICAO), that is part of the UN, confirmed a compromise of its recruitment database that exposed 42,000 recruitment applications. The data contains records from April 2016 to […]

The post 13th January – Threat Intelligence Report appeared first on Check Point Research.

Key Points Introduction The FunkSec ransomware group first emerged publicly in late 2024, and rapidly gained prominence by publishing over 85 claimed victims—more than any other ransomware group in the month of December. Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs, and little […]

The post FunkSec – Alleged Top Ransomware Group Powered by AI appeared first on Check Point Research.

Research by: Antonis Terefos (@Tera0017) Key Points Introduction As of 2024, approximately 100.4 million people worldwide use macOS, accounting for 15.1% of the global PC market. Of the millions of macOS users, many falsely assume that their systems are inherently secure from malware. This perception stems from macOS’s Unix-based architecture and historically lower market share, making […]

The post Banshee: The Stealer That “Stole Code” From MacOS XProtect appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 6th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point elaborated on the US Treasury Department cyber-attack that compromised employee workstations and classified documents. The breach, attributed to a China state-sponsored threat actor, involved unauthorized remote access using a security […]

The post 6th January– Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 30th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Clop ransomware gang exploited a zero-day vulnerability (CVE-2024-50623) in Cleo’s Secure File Transfer products and is extorting 66 companies following alleged data theft. The attackers have given the victims 48 hours […]

The post 30th December – Threat Intelligence Report appeared first on Check Point Research.