Check Point Research

By: Dikla Barda, Roaman Zaikin & Oded Vanunu  After reviewing the off-chain forensic report, we can now provide additional insights into the Bybit attackmechanism. Security researchers have determined that hackers injected malicious JavaScript directly into Safe’sonline infrastructure hosted on AWS. The code was specifically designed to activate only wheninteracting with Bybit’s contract address, allowing it […]

The post How an Attacker Drained $50M from a DeFi Protocol Through Role Escalation  appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 24h February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research covers the recent ByBit hack, one of the largest thefts in digital asset history, its implications for crypto security, and security recommendations. In this event, hackers gained access to […]

The post 24th February – Threat Intelligence Report appeared first on Check Point Research.

Highlights Introduction While the abuse of vulnerable drivers has been around for a while, those that can terminate arbitrary processes have drawn increasing attention in recent years. As Windows security continues to evolve, it has become more challenging for attackers to execute malicious code without being detected. As a result, the attackers often aim to […]

The post Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign appeared first on Check Point Research.

Research by Dikla Barda, Roman Ziakin and Oded Vanunu On February 21st, Check Point Blockchain Threat Intel System alerted on a critical attack log on the  Ethereum blockchain network. The log indicated that the AI engine identify anomality change with this transaction and categorize it as critical attack in real time. It was indicated that […]

The post The Bybit Incident: When Research Meets Reality appeared first on Check Point Research.

Executive Summary Why We Care about Sandbox Emulation As a discipline, information security involves a vast web of entry vectors, mitigations, and counter-mitigations. Among these, one of the most impactful points of conflict between attackers and defenders is what happens when binaries are subjected to sandbox emulation. Purely static analysis has been understood to be […]

The post The Cat and Mouse Game: Exploiting Statistical Weaknesses in Human Interaction Anti-Evasions appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 17th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES SimonMed Imaging, one of the largest diagnostic imaging companies in the US, has been breached by Medusa ransomware group, resulting in the theft of over 212 GB of sensitive data from its […]

The post 17th February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 10th February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grubhub, the US-based online food ordering and delivery platform, suffered a data breach due to unauthorized access through a compromised third-party service provider’s account. The incident exposed personal details of customers, drivers, […]

The post 10th February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 3rd February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Mizuno USA, giant sports equipment manufacturer, has confirmed a cyber-attack that resulted in the theft of personal information from its network between August and October 2024. The data breach included names, Social […]

The post 3rd February – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 27th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Stark Aerospace, a US-based manufacturer specializing in missile systems and UAVs, contractor of the US Military and the Department of Defense (DoD), has been targeted by the INC ransomware group. The attackers […]

The post 27th January – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 20th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Hotel management platform Otelier has suffered a data breach that resulted in extraction of almost eight terabytes of data. The threat actors compromised company’s Amazon S3 cloud storage, stealing guests’ personal information […]

The post 20th January – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 13th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The International Civil Aviation Organization (ICAO), that is part of the UN, confirmed a compromise of its recruitment database that exposed 42,000 recruitment applications. The data contains records from April 2016 to […]

The post 13th January – Threat Intelligence Report appeared first on Check Point Research.

Key Points Introduction The FunkSec ransomware group first emerged publicly in late 2024, and rapidly gained prominence by publishing over 85 claimed victims—more than any other ransomware group in the month of December. Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs, and little […]

The post FunkSec – Alleged Top Ransomware Group Powered by AI appeared first on Check Point Research.

Research by: Antonis Terefos (@Tera0017) Key Points Introduction As of 2024, approximately 100.4 million people worldwide use macOS, accounting for 15.1% of the global PC market. Of the millions of macOS users, many falsely assume that their systems are inherently secure from malware. This perception stems from macOS’s Unix-based architecture and historically lower market share, making […]

The post Banshee: The Stealer That “Stole Code” From MacOS XProtect appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 6th January, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point elaborated on the US Treasury Department cyber-attack that compromised employee workstations and classified documents. The breach, attributed to a China state-sponsored threat actor, involved unauthorized remote access using a security […]

The post 6th January– Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 30th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Clop ransomware gang exploited a zero-day vulnerability (CVE-2024-50623) in Cleo’s Secure File Transfer products and is extorting 66 companies following alleged data theft. The attackers have given the victims 48 hours […]

The post 30th December – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 23rd December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The State of Rhode Island has issued a notification that RIBridges, the state’s portal for social services, has suffered a cyber attack and data leak. According to the reports, the breach was […]

The post 23rd December – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 16th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Romanian National Cybersecurity Directorate (DNSC) has disclosed a ransomware attack conducted by Lynx ransomware gang on the country’s energy provider Electrica Group, which provides services to more than 3.8M people across […]

The post 16th December – Threat Intelligence Report appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 9th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Romania’s Constitutional Court annulled the first round of its presidential election after declassified intelligence revealed Russian interference favoring right wing candidate Călin Georgescu. The interference involved a sophisticated social media campaign on […]

The post 9th December – Threat Intelligence Report appeared first on Check Point Research.

Executive Summary Introduction Earlier this year, Talos published an update on the ongoing evolution of Akira ransomware-as-a-service (RaaS) that has become one of the more prominent players in the current ransomware landscape. According to this update, for a while in early 2024, Akira affiliates experimented with promoting a new cross-platform variant of the ransomware called […]

The post Inside Akira Ransomware’s Rust Experiment appeared first on Check Point Research.

For the latest discoveries in cyber research for the week of 2nd December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Supply chain software provider Blue Yonder was hit by a ransomware attack, disrupting services for clients like Starbucks and UK grocery chains Morrisons and Sainsbury’s. The incident affected operations such as employee […]

The post 2nd December – Threat Intelligence Report appeared first on Check Point Research.