Check Point Blog

Welcome to the Check Point Blog where you will find posts tagged in two categories:

  • Threat Research: Research findings, threat intelligence, and perspectives from Check Point’s research teams
  • Security Insights: Perspectives on current events and the security landscape from Check Point thought leaders


Get started by choosing a category, or read them all!

Sort blog posts by:  

FalseGuide misleads users on GooglePlay

 
Is someone trying to build a botnet on Google Play? Check Point mobile threat researchers detected a new strain of malware on Google Play, Google’s official app store. The malware, dubbed “FalseGuide,” was hidden in more than 40 guide apps for games, the oldest of which was uploaded to Google Play on February 14, 2017. Several of the apps managed to reach more than 50,000 installs, and the total number of infected devices is estimated to reach up to 600,000 devices. Check Point notified Google about the malware, and it was swiftly removed from the app store. At the beginning of April, two new malicious apps were uploaded to Google Play containing this malware, and Check Point ...

Introducing SandBlast Mobile: comprehensive mobile threat protection

 
Just how susceptible are mobile devices to attacks in enterprise environments? It’s safe to say that mobile cyberattacks beset every business. For 12 months, Check Point analyzed data from 850 companies around the world, and discovered some surprising insights: 100% of the organizations had at least one mobile malware attack The average number of mobile malware attacks was 54 89% of the companies experienced at least one man-in-the-middle attack 75% had an average of 35 jailbroken or rooted devices, a state that leaves devices completely vulnerable to attacks, since the process strips away all built-in security provided by iOS and Android It takes only one breached ...

Check Point Infinity – The Security Architecture of the Future – Today

 
Infinity is boundless.  Unfortunately so are your IT demands and security expectations.  The explosion of new technologies promising simplification, untold efficiencies and cost savings are only creating uncertainty, complexity and risk. There needs to be a force to unify and harness the promise of these new technologies for the benefit of business operations and customers.  Welcome to the future of cyber security, Check Point Infinity.  Check Point Infinity is the first ever consolidated, security architecture across networks, cloud and mobile providing the highest level of threat prevention.  The days of ineffective, disparate, point product security constructs are ...

When you look at files from your cloud, are they looking back at you?

 
When your users look at files served from your cloud platform, files that have tracking pixels could be looking back — revealing more than you should to outsiders about users and infrastructure. Security researchers are finding tracking pixels implicated in attacks on enterprises. So, if your IT workloads are on a cloud platform, you should add pixel tracking to your list of cloud security issues. Here is how pixel tracking works and how attackers are co-opting this marketing tool to compromise security at enterprises. Tracking pixels – also called web beacons, tracking beacons, and web bugs – are useful marketing tools. Digital-marketing experts use tracking pixels to measure ...

March’s ‘Most Wanted’ Malware List: Exploit Kits Rise Again in Popularity

 
Old malware rarely dies:  it just lies dormant for a while.  This was one of the key findings of the Check Point Research Team’s latest Global Threat Impact Index, which saw a surge in the usage of Exploit Kits during March, following a steady decline in usage since a high point in May 2016. Exploit Kits are designed to discover and exploit vulnerabilities on machines in order to download and execute further malicious code.  The leading variants were Angler and Nuclear, and their demise saw Exploit Kits fall out of the leading malware used to launch attacks on organizations worldwide. However, in March, the Rig Exploit Kit shot up the rankings, being the second most prevalent ...

The Unbearable Lightness of Operating Web-Based Attacks: How easy it is to steal money from IE 8.0-11.0 users

 
Looking back at the past year, there is no doubt that the malware-as-a-service industry, which sells and trades malware samples, attack tools, and a variety of services, is thriving. It means that cyber criminals with low technical skills can easily purchase attack tools from more advanced hackers, vastly increasing the number of potential attackers, attacks, and victims. Cerber, a ransomware-as-a-service operation, was one of the most dominant and profitable ransomware variants of 2016. Last December, a new DDoS (Distributed Denial of Service) collaborative effort dubbed Sledgehammer made headlines due to its unique operation mode. Participants were asked to attack targeted political ...

Survey: Enterprise security pros doubtful they can prevent mobile breaches

 
At least once a week – usually after pounding on my iPhone to access a business document, texting a family member, and calling a colleague on another continent, all in a matter of minutes – I’m reminded how complete the shift to mobile computing has been. It’s hard imagining what it was like working without our trusted smartphones and tablets. Mobile devices are indeed critical to getting work done in 2017. They are also treasure troves of personal and business data. And there are threat actors out there who want to get their hands on that data. We learned long ago to secure our PCs from cyberattacks, but it’s puzzling why most businesses still fail to secure employees’ ...

CRN Gives Check Point’s Star Partner Program 5 Stars

 
For the school kids in our neighborhood, getting a gold star from the teacher is a pretty big deal. Despite providing the world’s toughest cyber security, we’re still big kids at heart when it comes to receiving great recognition for stellar performance. This is why we are pretty stoked that CRN’s Partner Program Guide has bestowed their prestigious 5-Star award winning program rating on Check Point’s Star Partner Program. In fact, this is the first year that Check Point applied for the program and immediately received the 5 Star rating. Computer Reseller News (CRN)’s annual partner program guide is the industry’s ultimate source for information about IT vendors’ ...

Stranger things: Securing your network in the upside down world of SDx

 
The smash hit Netflix series ‘Stranger Things’ centers around the mysterious disappearance of residents of Hawkins, Indiana. Those who vanish find themselves in a frightening, parallel nether-world called the ‘Upside Down’, where things are not exactly as they seem. For some organizations, moving from physical hardware-based networks to SDx public or private clouds can feel similarly alien. While the familiar, conventional network construct still exists, the security infrastructure has disappeared since there’s no physical infrastructure to get to grips with. So what do they do next? What makes SDx strange? As we know, SDx stands for software-defined infrastructure. That ...

The latest findings on Chrysaor (Pegasus for Android) are even more stealthy

 
Earlier this week Google published a research about a new sophisticated spyware tool for Android, believed to be related to the Pegasus malware for iOS, which was discovered in August 2016. As Google wrote in their blog, the malware was most likely created by the authors of Pegasus – the NSO group, and shares many common features as Pegasus. What’s the big news? Chrysaor is a fully developed spy tool for Android devices, and can allow attackers to surveil their targets’ every move. Chrysaor has implemented elaborate modules to listen in on conversations, take screenshots and surveil the device’s surroundings, steal sensitive data and read SMS messages. This malware presents a ...