Check Point to Uncover Certifi-gate, A New Android Threat, at Black Hat USA 2015

 
Check Point to Uncover A New Threat to Millions of Android Devices Seizing control of and stealing information from Android devices is nothing new for sophisticated hackers. But what if the vulnerabilities they depend on were being made available by those you trust most to protect your privacy and sensitive data? Join Check Point researchers Ohad Bobrov and Avi Bashan at the Black Hat USA 2015 Briefings to learn about Certifi-gate, a new vulnerability that makes it easy for hackers to take control of virtually any Android device. Our team will share its findings about this new threat, demonstrate how it works, and provide practical tips to help keep your data protected. Black Hat ...

Current Wave of Ransomware

 
Today, ransomware like Cryptolocker is hitting organizations around the globe. At Check Point, we can help prevent these ransomware attacks through a multi-layered approach to security. The current round of ransomware is coming in through two different methods: via malicious ads and via phishing links in e-mail. A common thread amongst both these methods of attack is sites protected by SSL/TLS. Most of the cyber-criminal are using HTTPS encrypted sites to infect computers with ransomware. This means that in order to protect your organization against these types of threats it is vital that HTTPS inspection is enabled on your gateway. Prior to enabling, you should ensure that there is ...

One Click Office Exploit – Introducing the Office Exploit Builder

 
A new threat called “office exploit builder” allows attackers to generate stealth MS Office files (Word & Excel formats) with macros to download and execute malicious code on a victim’s machine.   Cybercriminals are increasingly using this “office exploit builder” and similar exploit builders. As a launching pad for attacks, these methods have proven successful time after time, because they require very few resources from the attacks while keeping their exposure minimal and almost completely undetectable.   Check Point researchers Liad Mizrachi, Dikla Barda & Oded Vanunu have conducted research on the Office Exploit Builder ...

SwiftKey Leaves Samsung Devices Susceptible to Cybercrime

 
A vulnerability in the SwiftKey virtual keyboard pre-installed on the Samsung Galaxy S4 Mini, S4, S5 and S6 could let hackers take complete control of these devices, researchers discovered recently. This is because the keyboard, which is designed to accept and install language updates via HTTP (and not HTTPS) fails to properly validate the file, which could be replaced with a malicious payload using a man-in-the-middle (MitM) attack. Once on the device, the keyboard will execute the file without user interaction, allowing it to infect the device and enabling a hacker to take control. The vulnerability (CVE-2015-2765) is the latest example of how hackers can use a combination of flaws to ...

Some Lessons from the Hacking Team Breach

 
Reactions to the breach at Hacking Team, as described in Steve Ragan’s recent blog post, have ranged from shock that a security company could be so deeply exposed to glee at these surveillance specialists getting a taste of their own medicine.   The data exposed in the breach, as well as the breach itself, are not really shocking. In today’s world, nothing is truly private and no data, whether private or corporate, is completely secure.   An important takeaway for organizations that care about their own cybersecurity is that, due to the proliferation of “cyber weapons” and the ease with which they are acquired, the likelihood of getting breached is rapidly ...

Threat Alert: OPM Tools

 
EXECUTIVE SUMMARY -The breach in the U.S. Office of Personnel Management (OPM) had compromised the personal information of millions of Americans. -There were two attacks by suspected Chinese hackers on personnel data and applications for security clearances. -The massive data breach is now believed to have affected well over 10 million separate users. -This alert lists the tools used in these attacks as well as Check Point coverage for these tools.   DESCRIPTION FBI Alert Summary The FBI has obtained information regarding cyber actors who have compromised and stolen sensitive business information and Personally Identifiable Information (PII). Information obtained from victims ...

Adware or APT – SnapPea Downloader – An Android Malware that implements 12 different exploits

 
On June 4th 2015, Check Point discovered multiple instances of a sophisticated mobile malware campaign. The malware was previously inaccurately categorized as part of simple Adware campaign rather than the relatively advanced threat it actually is. Subsequent research by our mobile security specialists has found that the campaign consists of a set of malicious applications that are being automatically installed on Android devices after being physically connected to PCs that are infected with a version of the back-up application, SnapPea.       The attack, which was discovered by Check Point Mobile Threat Emulation, employs an extra-ordinarily large (12) number ...

Check Point Threat Alert: Hacking Team

 
EXECUTIVE SUMMARY   Hacking Team is an Italian company that provides security services and tools to governments and law enforcement organizations.   The company experienced a data breach on Monday, July 6th, resulting in 400 GB of its documents being leaked.   Source code stolen from Hacking Team has revealed new zero day vulnerabilities in Windows and Adobe Flash.   Check Point has just released two new IPS protections to address these new vulnerabilities.   DESCRIPTION Hacking Team Hacked The cybersecurity firm Hacking Team appears to have itself been the victim of a hack, with documents that purport to show it sold software to ...

Stopping the Next Massive Cyberattack: 5 Steps to Stronger Security

 
The aftershocks of the 2014 breaches are still reverberating across the security landscape, and many organizations are starting to examine their own security programs, wondering how they can avoid becoming the next big breach story. It’s possible to prevent and mitigate future attacks, but that can’t happen relying on technology alone. By recognizing secure operations as their top priority, businesses can build a strong network architecture and security infrastructure to stop malicious activity. There are five preventive steps that can help any organization strengthen their security system and keep their networks safe.     Step 1: Assess Vulnerabilities and ...

Who Really Controls Your Online Store?

 
Check Point researchers Avi Gimpel, Liad Mizrachi and Oded Vanunu recently discovered critical vulnerabilities in the osCommerce platform. These vulnerabilities can lead to a full system compromise, with an outside agent gaining control over the osCommerce administration panel and access to the data of the platform stores’ members and customers. These vulnerabilities affect over 260,000 online shops. About osCommerce osCommerce provides the tools to create your very own online store to sell products and services to customers worldwide. osCommerce manages a thriving community of store owners, developers, and service providers who interact with and assist each other at every stage. ...