One Step Ahead

 
What are forward-looking CSOs doing to stay beyond the reach of cybercriminals? Recently, I was in New York City, where I was fortunate enough to have tickets to one of the hottest shows on Broadway: Hamilton. I was fascinated by how precarious the fate of our independence was had it not been for the forward-looking and -acting Alexander Hamilton. If he were around today in the world of cybersecurity, I’m pretty sure he’d be looking at CPU-level sandboxing and identifying innovative ways to out-wile the latest attack strategies that target new, disruptive technologies. We’ve all heard it before: Preparation is everything. But when it comes to security, it’s not enough. ...

ThreatCloud IntelliStore Marketplace – A new actionable approach to Threat Intelligence

 
Cyber threats have significantly increased in number and in complexity. With malware evolving constantly, we require a steady stream of information on emerging threats to optimize our security systems in place. There are several vendors that provide threat intelligence , but none that offer a platform with customizable and actionable intelligence, including specialized feeds by industries, geographies, and malware types. As a customer, it is an overwhelming task to seek out and coordinate all the vendors necessary for a comprehensive solution. Instead, several organizations have incomplete threat data, leaving them incredibly vulnerable to attack. However, receiving comprehensive data is ...

Digging for Groundhogs: Holes in Your Linux Server

 
In July 2015, Check Point’s Incident Response team was contacted by a customer after they noticed strange file system activities occurring in one of their Linux based DNS BIND servers. This strange behavior consisted of a large number of peculiar files being written into sensitive system directories.   A thorough analysis of the infected system by our Incident Response and Malware Research teams quickly revealed that the server was indeed compromised. The source of this compromise was traced to an SSH brute force attack that took place earlier the same month. The attacking IP addresses originated from very distinctive network ranges mostly associated with Chinese Internet ...

Our Mission To Cure The Healthcare Security Epidemic

 
The healthcare industry has taken a major beating in terms of cyber security attacks. In the past two years, there has been a myriad of breaches, compromising the personal health information (PHI) of millions. According to the Identity Theft Resource Center, 42.5 percent of all data breaches were in the healthcare industry. The Center also reports that 91 percent of all healthcare companies reported that they had at least one data breach over the last two years.   Despite the efforts of HIPAA regulations to enforce the privacy of patients’ information and the security of their medical records, many studies have shown a surge in data breach cases. Specifically, one study in the ...

Check Point: a Leader In Mobile Data Protection Solutions for 9 Years Running

 
As enterprise workforces become increasingly mobile, it’s critical organizations secure mobile data on laptops, smartphones and tablets from advanced attacks. Without the right protection, these devices can give cybercriminals easy access to valuable content and critical information. Check Point is proud to be named a leader for the 9th consecutive year in the 2015 Gartner Magic Quadrant for Mobile Data Protection (MDP). We believe our continued placement in the Leaders quadrant reflects our commitment to provide innovative solutions that secure devices, protect corporate data, and battle a mobile threat environment that changes every day. Gartner states, “Leaders have products ...

The Future Of Financial Cybersecurity

 
October is Cybersecurity Awareness Month, and it starts with large attacks against two prominent financial organizations – An Experian breach, which affected 15 million T-Mobile customers; and Scottrade, which compromised the information of approximately 4.6 million customers. The reality is that there are still huge gaps in companies’ security programs in financial institutions, and unless it gets under control, there will be bigger problems ahead that will affect everyone.   As Experian reported, “Based on Experian’s investigation to date, the unauthorized access was an isolated incident over a limited period of time. It included access to a server that contained ...

Israeli Public Sector Targeted by Zeus Trojan Hidden in a Word Document

 
Two months ago, a malicious Rich Text Format (RTF) document came to the attention of Check Point Threat Intelligence & Research via a worried high-profile client in the public sector. The file had been sent to many employees, several of whom opened the file; as a result, their machines became infected. Check Point took actions to prevent this document from further infecting the customer’s network, and also analyzed the file to better understand the attack. The result was a discovery of a larger-scale campaign that has been targeting Israeli public and private organizations for some time.   The Investigation As the team conducted research it quickly became apparent that ...

Managing the Sheer Complexity of Data Center Security

 
The modern IT system is one of the most complex entities in the business landscape. Every device, server and component tied to the network must be managed and monitored. That’s a significant job for any IT department, but things can become especially complicated when it comes to enterprise data centers. Intricate and dynamic, the construction and maintenance of a data center environment must ensure essential business operations. In today’s breach-plagued landscape, that environment must also be secure. Unfortunately, this presents a challenge for many teams.   Consider the data center’s job. It needs to support the real and virtual services that carry out daily operations. ...

A Solution for the Evolving Threat Landscape

 
The threat landscape has severely changed over the last few years, and organizations have to constantly keep up with sophisticated threats and advanced tactics of cybercriminals. With multiple tools at hackers’ disposal, new threat variants are released every day. According to Check Point’s 2015 Security Report, organizations were hit with 106 new forms of malware every hour. This wave of cybercrime has left businesses to face a range of new threats using tactical approaches, but these tools often lack integration or common management. This creates challenges for organizations and gives hackers an opportunity to leverage gaps and evade detection. As threats continue to evolve and ...

iOS Core Application Design Flaw May Expose Apple ID Credentials

 
Check Point alerted Apple to a privacy issue in iOS core applications that may expose a user’s credentials even though the user performed a sign out. The fix is now available through the iOS 9 release. Introduction iOS is a mobile operating system created and developed by Apple and distributed exclusively for Apple hardware. It is the operating system that presently powers many of the company's mobile devices, including the iPhone, iPad, and iPod touch. The operating system offers users a very convenient way to manage your device with an Apple ID. Your Apple ID is your user name for everything you do with Apple: shop the iTunes Store, enable iCloud on all your devices, buy ...