Check Point Blog

Welcome to the Check Point Blog where you will find posts tagged in two categories:

  • Threat Research: Research findings, threat intelligence, and perspectives from Check Point’s research teams
  • Security Insights: Perspectives on current events and the security landscape from Check Point thought leaders


Get started by choosing a category, or read them all!

Sort blog posts by:  

Antivirus Isn’t Dead, But It’s No Panacea

 
It should come as no surprise that antivirus solutions on their own are not equipped to deal with many of the threats we see today. Norton Antivirus stated as much back in 2014 when it famously declared, “Antivirus is dead.” The claim was not an indication that such products would be discontinued, but more an admission that protections need to evolve to keep up with increasingly sophisticated threats. A Norton representative asserted that traditional antivirus detected only 45% of all attacks. Even by 2014 standards, that figure seems optimistic. Today, more conservative estimates put the number at somewhere between 20-40%. Despite antivirus being deployed globally on virtually every ...

Ransomware: Steal Smarter, Not Harder

 
Occasionally, even cybercriminals must revamp their “product lines.” They do this when their bread-and-butter malware stops making money due to new security measures, or if they invent a better way to rip people off. Check Point security researchers have caught criminals in the act ramping up ransomware attacks while scaling back banking Trojans. We believe ransomware, a type of attack in which attackers encrypt a victim’s files then demand the victim pay to decrypt them, has become the attack of choice for those who wish to “steal smarter, not harder.” Check Point security researchers have compiled a list of predictions about the future of ransomware. To see the list, download ...

Signature-based security solutions can leave networks defenseless for months

 
Can you afford five months without protection for your network? In a recent blog post, Avanan wrote that after five months of using a malware sample in their demos to show how malware can bypass traditional security solutions the malware was finally detected by a major enterprise email solution provider. The sample, a Cerber variant, was originally caught by the SandBlast Zero-Day Protection solution. Cerber is a vicious ransomware-as-a-service operation, which we recently exposed in an in-depth report, CerberRing: An In-Depth Exposé on Cerber Ransomware-as-a-Service. It spreads through phishing emails and exploit kits, targeting thousands of users worldwide. Once it infiltrates, Cerber ...

Gartner Recognizes the Importance of Mobile Threat Defense

 
HummingBad. Stagefright. QuadRooter. Mobile malware and vulnerabilities have been making headlines well over the past year, and attacks are becoming a more common way for cybercriminals to steal sensitive data. We believe this trend – one that our research team encounters daily – is illustrated in the Gartner Market Guide for Mobile Threat Defense Solutions.* This rise in the sophistication and volume of mobile malware and continued exposure to unknown vulnerabilities demonstrates how Android and iOS devices simply aren’t secure on their own. The Mobile Threat Defense Market is Growing Rapidly Mobile malware and vulnerabilities aren’t all that different than their cousins ...

On Their Best Behavior: Securing iOS and Android in the Enterprise

 
In today’s business environment, using mobile devices isn’t just a business requirement, it’s an employee expectation. But for some organizations, these devices present security challenges that prevent or limit their ability to support a fully mobile enterprise. It’s not enough that they just deploy or manage iOS and Android devices, they also need to defend them against advanced attacks with confidence. Understand your level of risk A recent survey of security professionals showed 75% of companies allow personal devices to connect to corporate networks. Workers use these same devices to download personal apps and email – exposing business networks to phishing scams and malware ...

Will your virtual data traffic take the detour around firewalls?

 
We’re going to need a new term to talk about “data centers.” I say this because virtualization in public and private form factors means the locations of processors and other resources you use on-demand don’t sit statically in a data center anymore. Virtual resources dart around like bees in a field of clover. When will this affect you? Cisco estimates cloud platforms will process 86 percent of workloads by 2019.  RightScale reports 95 percent of businesses use on average 3 public clouds and 3 private clouds.  These dynamic pools of computing resources are making traditional data centers like fax machines; you still likely have one, but hardly anyone uses it. This changeover ...

August’s Top 10 Most Wanted Malware

 
Today, Check Point revealed that both the number of variants of ransomware and volume of malware attacks were on the rise in August, as the company disclosed the most prevalent malware families attacking organizations’ networks in the period. During August, the number of active ransomware families grew by 12 percent while the number of detected attempted ransomware attacks increased by 30 percent. Two-thirds of all recognized ransomware families climbed the rankings in August, most of them by at least 100 positions. Check Point believes that the growth in ransomware is a symptom of the relative ease of broadly deploying ransomware once a variant is created, and also of the number of ...

In The Wild: App Stores Are No Sanctuary for Mobile Malware

 
Most mobile users rely on Google Play and the Apple App Store for their safety and assume that by downloading only highly-rated apps from these stores keeps them safe from mobile malware. In the past, this might have been a good strategy, but today it doesn’t always work. Breaking the Myth: Google Play The Check Point research team recently detected two instances of new malware on Google Play called “DressCode” and “CallJam.” While these aren’t the first malware to infiltrate Google Play successfully, CallJam demonstrates exactly how malware can deceive cautious users. CallJam masqueraded as an app that provides free items for the game “Clash Royal.” Users were ...

(Ir)responsible Disclosure

 
Computers have become an essential part of our lives, and in some cases, they are even responsible for keeping us alive. Our dependency to use computers for medical treatments such as diagnostic equipment, medical monitors and even life support is greater than ever. Technology has given the medical sector new and inspirational ways to continue to save people’s lives. However, with anything, it’s important to understand the possible risks.   A recent public vulnerability disclosure raised eyebrows and ethical questions around white hackers and how security vendors should best handle sensitive situations. On August 25, MedSec, a cybersecurity research company dedicated to serve ...

CallJam Android Malware Found on Google Play

 
Keeping Android smartphones and tablets safe from malicious apps is a constant battle for enterprises, end users, and for Google. Despite Google’s efforts to prevent cybercriminals from infiltrating Google Play, the Check Point mobile research team has discovered new Android malware there it calls CallJam. CallJam malware includes a premium dialer to generate fraudulent phone calls as well as a rough adnet capable for displaying ads forcibly to its victims. The malware is hidden inside the game “Gems Chest for Clash Royale” which was uploaded to Play in May. Since then, the game has been downloaded between 100,000 and 500,000 times. Check Point notified Google today about the ...