Blog keyword search

VB2019 paper: Domestic Kitten: an Iranian surveillance program

At VB2019 in London, Check Point researchers Aseel Kayal and Lotem Finkelstein presented a paper detailing an Iranian operation they named 'Domestic Kitten' that used Android apps for targeted surveillance. Today we publish their paper and the video of th…
Domestic Kitten: an Iranian surveillance program Read the paper (HTML) Download the paper (PDF)       In September last year, researchers at Check Point uncovered… https://www.virusbulletin.com/blog/2019/11/vb2019-paper-d/

VB2018 paper and video: Android app deobfuscation using static-dynamic cooperation

Static analysis and dynamic analysis each have their shortcomings as methods for analysing potentially malicious files. Today, we publish a VB2018 paper by Check Point researchers Yoni Moses and Yaniv Mordekhay, in which they describe a method that combin…
Android app deobfuscation using static-dynamic cooperation Read the paper (HTML) Download the paper (PDF)   The two most common methods for analysing potentially malicious… https://www.virusbulletin.com/blog/2019/03/vb2018-paper-and-video-android-app-deobfuscation-using-static-dynamic-cooperation/

VB2018 video: The Big Bang Theory by APT-C-23

Today, we release the video of the VB2018 presentation by Check Point researcher Aseel Kayal, who connected the various dots relating to campaigns by the APT-C-23 threat group.
The APT-C-23 group, which targets users in the Middle East and in particular in the State of Palestine, was named and first reported on by 360 in a Chinese language blog post in… https://www.virusbulletin.com/blog/2018/12/vb2018-video-big-bang-theory-apt-c-23/

VB2017 paper: Nine circles of Cerber

Cerber is one of the major names in the world of ransomware, and last year, Check Point released a decryption service for the malware. Today, we publish a VB2017 paper by Check Point's Stanislav Skuratovich describing how the Cerber decryption tool worked…
Earlier this week, we published the video of a VB2017 presentation on the Spora ransomware. Spora is hardly alone in this prominent threat type though, and one of the other major… https://www.virusbulletin.com/blog/2017/12/vb2017-paper-nine-circles-cerber/

VB2016 paper: Great crypto failures

Crypto is hard, and malware authors often make mistakes. At VB2016, Check Point researchers Yaniv Balmas and Ben Herzog discussed the whys and hows of some of the crypto blunders made by malware authors. Today, we publish their paper and the recording of …
"More malware is using cryptography, and more malware is using better cryptography," said Check Point researcher Yaniv Balmas on stage during VB2016. While the increased use of… https://www.virusbulletin.com/blog/2017/01/vb2016-paper-great-crypto-failures/

VB2016 paper: Defeating sandbox evasion: how to increase successful emulation rate in your virtualized environment

Today, we publish the VB2016 paper and presentation (recording) by Check Point Software researchers Alexander Chailytko and Stanislav Skuratovich, which focuses on the techniques used by malware to detect virtual environments, and provides detailed techni…
In order to analyse a potentially malicious binary, an important first step is to run it in a specialised virtual environment, or sandbox environment, and see what it does – if it… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-defeating-sandbox-evasion-how-increase-successful-emulation-rate-your-virtualized-environment/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.