サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
体力トレーニング
research.checkpoint.com
Introduction In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on
The Dragon Who Sold His Camaro: Analyzing Custom Router Implant Research by: Itay Cohen, Radoslaw Madej, and the Threat Intelligence Team Over the past few months, Check Point Research has closely monitored a series of targeted attacks aimed at European foreign affairs entities. These campaigns have been linked to a Chinese state-sponsored APT group we track as Camaro Dragon, which shares similari
SharpPanda: Chinese APT Group Targets Southeast Asian Government With Previously Unknown Backdoor Introduction Check Point Research identified an ongoing surveillance operation targeting a Southeast Asian government. The attackers use spear-phishing to gain initial access and leverage old Microsoft Office vulnerabilities together with the chain of in-memory loaders to attempt and install a previou
Keeping the gate locked on your IoT devices: Vulnerabilities found on Amazon’s Alexa Research By: Dikla Barda, Roman Zaikin , Yaara Shriki Introduction & Motivation “Please lower the temperature of the AC, it’s getting humid in here,” said Eric to Alexa, who turned the AC to a cooler temperature in the living room. No, Alexa is not Eric’s partner, wife or friend. Alexa is his virtual assistant and
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers Research by: Sagi Tzadik Introduction DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are many solutions and implementations of DNS s
Introduction Recently Check Point Research discovered new evidence of an ongoing cyber espionage operation against several national government entities in the Asia Pacific (APAC) region. This operation, which we were able to attribute to the Naikon APT group, used a new backdoor named Aria-body, in order to take control of the victims’ networks. In 2015, an extensive report by ThreatConnect and De
Gaining code execution using a malicious SQLite database Research By: Omer Gull tl;dr SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the lens of WebSQL and browser exploitation. We believe that this is just the tip of the iceberg. In our long term research, we experimented with the exploitation of memory corruption
Research by: Nadav Grossman Introduction In this article, we tell the story of how we found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer. The exploit works by just extracting an archive, and puts over 500 million users at risk. This vulnerability has existed for over 19 years(!) and forced WinRAR to completely drop support for the v
Check Point Research has discovered a new campaign exploiting Linux servers to implant a new Backdoor Trojan. Dubbed ‘SpeakUp’, the new Trojan exploits known vulnerabilities in six different Linux distributions. The attack targets worldwide servers including AWS hosted machines. Check Point researchers have spotted a new campaign exploiting Linux servers to implant a new Backdoor which evades all
Research By: Yoav Alon, Netanel Ben-Simon Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the number from the year before (see table below). The probable reason for this is the increased popularity of automatic vulnerability finding tools, also known as “fuzzers”. The mere
Research by: Oded Vanunu, Dikla Barda and Roman Zaikin DJI is the world’s leader in the civilian drone and aerial imaging technology industry. Besides from consumers, though, it has also taken a large share of the corporate market, with customers coming from the critical infrastructure, manufacturing, agricultural, construction, emergency-management sectors and more. With so many customers worldwi
Research By: Eyal Itkin, Yannay Livneh and Yaniv Balmas Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver a physical message from a sender to a receiver. Technology wise, however, that was a long time ago. Today we are light years away from those dark days. In its place we have email, chat mess
Check Point Research has uncovered a large Malvertising campaign that starts with thousands of compromised WordPress websites, involves multiple parties in the online advertising chain and ends with distributing malicious content, via multiple Exploit Kits, to online users everywhere. Before explaining the details of this research, and for those who are not familiar with how the online advertising
Research By: Mark Lechtik and Michael Kajiloti Revealed: In an exclusive piece of research, Check Point Researchers have carried out a revealing investigation into North Korea’s home-grown anti-virus software, SiliVaccine. One of several interesting factors is that a key component of SiliVaccine’s code is a 10-year-old copy of one of Trend Micro’s, a Japanese company, software components. Backgrou
Research By: Eyal Shalev, Rotem Reiss and Eran Vaknin Abstract Two weeks ago, a highly critical (25/25 NIST rank) vulnerability, nicknamed Drupalgeddon 2 (SA-CORE-2018-002 / CVE-2018-7600), was disclosed by the Drupal security team. This vulnerability allowed an unauthenticated attacker to perform remote code execution on default or common Drupal installations. Drupal is an open-source content man
Key Points: A massive Botnet is forming to create a cyber-storm that could take down the internet. An estimated million organizations have already been scanned with an unknown amount actually infected. The Botnet is recruiting IoT devices such as IP Wireless Cameras to carry out the attack. New cyber-storm clouds are gathering. Check Point Researchers have discovered a brand new Botnet, dubbed ‘Io
このページを最初にブックマークしてみませんか?
『Home - Check Point Research』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く