Check Point Research

​

The post The Sting of Fake Kling: Facebook Malvertising Lures Victims to Fake AI Generation Website appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 19th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Fashion giant Dior confirmed a data breach that exposed customer information from its Fashion and Accessories line. The leaked data includes names, gender, phone numbers, email addresses, postal addresses, and purchase history […]

The post 19th May – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 12th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The UK’s Legal Aid Agency has suffered a cyberattack. The agency, which operates under the Ministry of Justice to provide billions in legal aid funding, has stated that financial information relating to […]

The post 12th May – Threat Intelligence Report appeared first on Check Point Research.

Key Takeaways Introduction In recent years, cryptocurrency scams have evolved into a highly organized business model known as “Drainer-as-a-Service.” Within this model, developers create specialized set of malicious scripts, smart contracts, and infrastructure enabling other cyber criminals to efficiently steal cryptocurrency from users’ wallets. Attackers simply need to set up a phishing website and embed […]

The post Inferno Drainer Reloaded: Deep Dive into the Return of the Most Sophisticated Crypto Drainer appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 5th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Three major UK retailers – Co-op, Harrods and Marks & Spencer (M&S) – were hit by cyberattacks that disrupted operations and compromised sensitive data. The attacks are believed linked to the Scattered […]

The post 5th May – Threat Intelligence Report appeared first on Check Point Research.

Artificial intelligence is rapidly reshaping the cyber security landscape—but how exactly is it being used, and what risks does it introduce? At Check Point Research, we set out to evaluate the current AI security environment by examining real-world threats, analyzing how researchers and attackers are leveraging AI, and assessing how today’s security tools are evolving […]

The post Exploring the State of AI in Cyber Security: Past, Present, and Future appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 28th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES British retailer Marks & Spencer (M&S) experienced a cyber-attack that caused disruptions to its online order system and in-store contactless payments. The company suspended online orders temporarily, refunded some customers, and reported […]

The post 28th April – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 21st April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Retail giant Ahold Delhaize has suffered a cyber-attack resulting in data theft of customer information from its US business systems. The attack, claimed by ransomware group INC Ransom, impacted Ahold Delhaize USA […]

The post 21st April – Threat Intelligence Report appeared first on Check Point Research.

Key Points Introduction NTLM (New Technology LAN Manager) is a suite of authentication protocols developed by Microsoft to verify user identities and protect the integrity and confidentiality of network communications. NTLM operates through a direct client-server exchange known as the NTLM challenge/response mechanism, in which the server challenges the client to prove its identity without […]

The post CVE-2025-24054, NTLM Exploit in the Wild appeared first on Check Point Research.

Highlights Introduction Starting in January 2025, Check Point Research (CPR) has been tracking a wave of targeted phishing attacks aimed at European governments and diplomats. The Techniques, Tactics and Procedures (TTPs) observed in this campaign align with the WINELOADER campaigns, which were attributed to APT29, a Russia linked threat group. APT29, also commonly referred to as Midnight Blizzard […]

The post Renewed APT29 Phishing Campaign Against European Diplomats appeared first on Check Point Research.

Research by: hasherezade Key Points Introduction Process injection is one of the important techniques used by attackers. We can find its variants implemented in almost every malware. It serves purposes such as: In our previous blog on process injections we explained the foundations of this topic and basic ideas behind detection and prevention. We also proposed a new technique dubbed Thread […]

The post Waiting Thread Hijacking: A Stealthier Version of Thread Execution Hijacking appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 14th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The United States Office of the Comptroller of the Currency (OCC), an independent bureau of the Department of the Treasury, has suffered a significant security breach. Threat actors have gained access to […]

The post 14th April – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 7th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The second-largest bar association in the US, The State Bar of Texas, has experienced a ransomware attack that resulted in unauthorized access to its network, exposing sensitive member information including full names […]

The post 7th April – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 31st March, please download our Threat Intelligence Bulletin.   TOP ATTACKS AND BREACHES New York University (NYU) suffered a cyber-attack which resulted in the exposure of over 3 million applicants’ data, including names, test scores, majors, and zip codes. The hacker redirected NYU’s website […]

The post 31st March – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 24th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Municipalities in four US states experienced cyberattacks that disrupted services for county offices, courts, and schools. Cleveland Municipal Court was hit by Qilin ransomware attack, forcing employees offline and delaying trials, while […]

The post 24th March – Threat Intelligence Report appeared first on Check Point Research.

Key Points VanHelsing RaaS In recent weeks, a new and rapidly expanding ransomware-as-a-service (RaaS) program called VanHelsingRaaS has been making waves in the cybercrime world. Launched on March 7, 2025, this service has already demonstrated its rapid growth and deadly potential, having infected three victims within just two weeks of its introduction. Reputable affiliates can […]

The post VanHelsing, new RaaS in Town appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 17th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research elaborates about the pro-Palestinian hacktivist group “Dark Storm” which claimed the large-scale DDoS attack against X (formerly Twitter). The attack disrupted access to the platform, causing outages for users […]

The post 17th March – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 10th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The City of Mission, Texas, has declared a local state of emergency following a severe cybersecurity incident that threatens to expose protected personal information, health records, and other critical data managed by […]

The post 10th March – Threat Intelligence Report appeared first on Check Point Research.

Key Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American countries. Active since 2018, this Advanced Persistent Threat (APT) group focuses on government institutions, financial organizations, and critical infrastructure. Blind Eagle is known for employing […]

The post Blind Eagle: …And Justice for All appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 3rd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Orange Group has confirmed a cyberattack on its Romanian branch, in which a hacker linked to the HellCat ransomware group stole 6.5GB of data over a month. The breach exposed 380,000 email […]

The post 3rd March – Threat Intelligence Report appeared first on Check Point Research.