WireLurker Exposes iOS Security – Jailbreak Not Required

 
Yesterday, Palo Alto Networks published a report regarding “WireLurker,” new malware it describes as one of the most advanced attacks on Mac OS X and iOS devices. It’s the first to affect two operating systems, and introduces on-the-fly repackaging of apps on iOS devices that have and, more importantly, that have not been jailbroken. This is another example of how cybercriminals are moving from the desktop to mobile. And while iPhones are considered more secure by some, WireLurker demonstrates how hackers are using new techniques and security gaps in iOS to infect devices. For the enterprise, the warning is clear: This type of threat ...

At the heart of Zero Day are 1440 minutes. What can happen in one minute?

 
At Check Point, we live in the same business world everyone else does, where we have to operate at the speed of our customers. In our case, though, one mistake impacts a lot more than just our own network. The speed of business and being responsive to customers and stakeholders is a key metric for most organizations. After all, it drives customer satisfaction and repeat business. Zero Day is the popular term to describe the first day an IT department has when reacting to a previously unknown malware threat. With the speed of malware getting faster every day, we felt a better response time would be Zero Second. It’s all about protection. Zero Second doesn’t allow malware even one ...

Plugging the Security Hole in a WordPress Plug-In

 
Check Point researcher, Roi Paz recently discovered a critical vulnerability that would have enabled attackers to steal personal and financial data from thousands of websites and their visitors via the LiveSupporti WordPress plug-in. After being alerted to the situation, LiveSupporti plugged the security hole. LiveSupporti is a software service that enables website visitors to engage in a live chat with representatives (or “agents”) of the site. The cloud-based service promises to increase sales by helping to convert site visitors into customers through text-based live chat. Adding LiveSupporti to a website is just a matter of adding a snippet of code to the website’s ...