Check Point Research
Coverage of Check Point Research in the Nexus archive.
- Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
An Iranian hacking group affiliated with Iran's Ministry of Intelligence and Security (MOIS) is using a new modular command-and-control framework called Cavern (Cav3rn) to target Israeli organizations. Check Point Research has attributed this activity to a threat cluster, primarily focusing on IT providers and government sectors.
- Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments
An unknown threat actor is using fake reviews, AI narrators, and VirusTotal comments to promote malicious software through phishing pages, GitHub, and SourceForge projects, according to Check Point Research.
- Don't pay Vect a ransom - your data's likely already wiped out
The ransomware Vect, associated with recent Trivy and LiteLLM supply-chain attacks, is actually a wiper that destroys files larger than 128KB. Check Point Research warns that paying the ransom is ineffective, as data recovery is impossible for victims.