Hacker News
- Attacking Weak RC4-Like Ciphers the Hard Way https://research.checkpoint.com/2022/attacking-very-weak-rc4-like-ciphers-the-hard-way/ 7 comments
- Do you like to read? I can take over your Kindle with an e-book https://research.checkpoint.com/2021/i-can-take-over-your-kindle/ 50 comments
- New Wormable Android Malware Spreads by Creating Auto-Replies in WhatsApp https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/ 17 comments
- Ransomware-ing a DSLR Camera https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ 32 comments
- 50 CVEs in 50 Days: Fuzzing Adobe Reader https://research.checkpoint.com/50-adobe-cves-in-50-days/ 166 comments
- Faxploit: Sending Fax Back to the Dark Ages https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/ 61 comments
Lobsters
- The Story of Jian - How APT31 Stole and Used an Unknown Equation Group 0-Day https://research.checkpoint.com/2021/the-story-of-jian/ 2 comments security
- Researching TEE payment system built into Xiaomi smartphones powered by MediaTek https://research.checkpoint.com/2022/researching-xiaomis-tee/ 2 comments netsec
- Looking for vulnerabilities in MediaTek audio DSP - Check Point Research https://research.checkpoint.com/2021/looking-for-vulnerabilities-in-mediatek-audio-dsp/ 2 comments android
- New Wormable Android Malware Spreads by Creating Auto-Replies to Messages in WhatsApp https://research.checkpoint.com/2021/new-wormable-android-malware-spreads-by-creating-auto-replies-to-messages-in-whatsapp/ 4 comments netsec
- The Story of Jian - How APT31 stole and used an unknown Equation Group 0-Day https://research.checkpoint.com/2021/the-story-of-jian/ 2 comments netsec
- Game On - Finding vulnerabilities in Valve’s "Steam Sockets" https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/ 5 comments netsec
- Exploit Developer Spotlight - The Story of PlayBit https://research.checkpoint.com/2020/graphology-of-an-exploit-playbit/ 5 comments netsec
- Hunting for exploits based on the author's fingerprints https://research.checkpoint.com/2020/graphology-of-an-exploit-volodya/ 3 comments netsec
- CVE-2020-6007: Infiltrating your home network using a malicious ZigBee lightbulb https://research.checkpoint.com/2020/dont-be-silly-its-only-a-lightbulb/ 10 comments netsec
- SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/ 10 comments netsec
- Bugs on the Windshield: Fuzzing the Windows Kernel - Check Point Research https://research.checkpoint.com/2020/bugs-on-the-windshield-fuzzing-the-windows-kernel/ 3 comments netsec
- Looking to learn about system exploitation, but don't know where to start? This (very) detailed guide covers all the basics. Contains 21 detailed CTF solutions, plenty of theory, and zero times the phrase "exercise left to the reader". https://research.checkpoint.com/2020/i-want-to-learn-about-exploitation-where-do-i-start/ 19 comments netsec
- Chinese attack against Mongolia takes advantage of COVID-19 (Coronavirus) to lure victims https://research.checkpoint.com/2020/vicious-panda-the-covid-campaign/ 10 comments netsec
- Tik or Tok? Is TikTok secure enough? - Check Point Research https://research.checkpoint.com/2020/tik-or-tok-is-tiktok-secure-enough/ 78 comments netsec
- Say Cheese - How I Ransomwared Your DSLR Camera https://research.checkpoint.com/say-cheese-ransomware-ing-a-dslr-camera/ 71 comments netsec
- SELECT code_execution FROM * USING SQLite; https://research.checkpoint.com/select-code_execution-from-using-sqlite/ 12 comments netsec
- Reverse RDP, the Hyper-V Connection - CVE-2019-0887 (Kudos to /r/netsec) https://research.checkpoint.com/reverse-rdp-the-hyper-v-connection/ 27 comments netsec
- A primer on cryptographic attacks, explained in a simple way with approachable examples. Learn about Downgrade attacks, Precomputations, Oracles, brand-name SSL vulnerabilities (CRIME, POODLE...) -- and the surprising connections between them. https://research.checkpoint.com/cryptographic-attacks-a-guide-for-the-perplexed/ 20 comments netsec
- Agent Smith: A New Species of Mobile Malware https://research.checkpoint.com/agent-smith-a-new-species-of-mobile-malware/ 4 comments technews
- EA Games Vulnerability - Check Point Research https://research.checkpoint.com/ea-games-vulnerability/ 8 comments netsec
- The NSO WhatsApp Vulnerability - This is How It Happened - Check Point Research https://research.checkpoint.com/the-nso-whatsapp-vulnerability-this-is-how-it-happened/ 26 comments netsec
- Drupal core - Highly critical - Remote Code Execution - SA-CORE-2019-003 https://research.checkpoint.com/uncovering-drupalgeddon-2/ 5 comments sysadmin
- Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research https://research.checkpoint.com/extracting-code-execution-from-winrar/ 45 comments netsec
- Microsoft rejects patching RDP exploit in Mstsc https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ 122 comments sysadmin
- Reverse RDP attack: Code Execution on RDP clients https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients 39 comments netsec
- Epic Games Launcher/Fortnite vulnerability https://research.checkpoint.com/hacking-fortnite/ 20 comments programming
- Hacking Fortnite https://research.checkpoint.com/hacking-fortnite/ 15 comments netsec
- How we discovered over 50 critical vulnerabilities in Adobe Reader in 50 days. https://research.checkpoint.com/50-adobe-cves-in-50-days/ 62 comments netsec
- Targeted ransomware dubbed Ryuk is hitting organizations worldwide, appears related to previous North Korean malware Hermes https://research.checkpoint.com/ryuk-ransomware-targeted-campaign-break/ 24 comments netsec
- RCE over the FAX protocol - DEFCON 26 https://research.checkpoint.com/sending-fax-back-to-the-dark-ages 5 comments netsec
- Man-in-the-Disk: Android Apps Exposed via External Storage https://research.checkpoint.com/androids-man-in-the-disk/ 7 comments netsec
- FakesApp: A vulnerability in WhatsApp https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/ 52 comments netsec
- Revealed: North Korea's AV software, SiliVaccine, contains large chunks of exact match code from Trend Micro's AV. https://research.checkpoint.com/silivaccine-a-look-inside-north-koreas-anti-virus/ 20 comments netsec
- EternalBlue - Everything there is to know https://research.checkpoint.com/eternalblue-everything-know/ 3 comments netsec