“Recommended” for Security Effectiveness and Value 5 Years in a Row by NSS Labs

 
The Next Generation Firewall (NGFW) is the cornerstone of any effective network security strategy. However as the threat landscape continues to evolve and grow in sophistication, NGFW solutions should prove effective at protecting against new and unknown threats as well as continue safeguarding against previously known threats. But that begs the question: how do customers determine which NGFW is recommended for security effectiveness against new and existing threats while delivering exceptional value? NSS Labs provides a transparent evaluation of NGFW products to help customers narrow down their choices. A recognized leader in independent security product testing, NSS Labs conducts ...

The Mobile World is an Amazing Place – Mobile World Congress 2016

 
Mobile World Congress may be in the rearview mirror, but it's still top of mind. The week was filled with flashy device unveilings, exciting new accessories, lots of talk about advances in Internet-connected technologies, festive late-night parties, and even a surprise guest appearance by Facebook CEO Mark Zuckerberg. The event in Barcelona exposed how far mobile technology continues to develop so rapidly. Virtually every aspect of our lives has gone mobile, and we will continue to be more connected to the people and things around us. And with ultra-fast 5G just around the corner, all of these devices and all of our data will be moving faster than ever. Those who take advantage of ...

Check Point and IBM: A Collaborative Approach to Information Security

 
Security is hard. Internal and external customers demand continuous availability, and the business often initiates plans without consulting security teams. This often leaves the security practitioner in the challenging position of having to slow business initiatives or insert security controls after network, application or system designs are complete. To help address this issue, Check Point and IBM are deepening their nearly two-decades’ long relationship. The companies have identified four integration areas designed to simplify security integration and improve the reliability and effectiveness of advanced threat protections.   The four integration areas are: Analytics ...

Adwind – Malware-as-a-Service Reincarnation

 
Executive Summary Adwind Remote Access Tool, known by various names due to its many reincarnations, is a backdoor fully implemented in Java and therefore cross-platform. It is a highly popular tool used in both massive spam campaigns and targeted attacks against financial institutions worldwide. In all versions (Frutas, Adwind, AlienSpy, UNRECOM and JSocket), it has been available for purchase based on registration on an official website – a concept known as malware-as-a-service. As a backdoor, Adwind RAT does not infect computers and spread independently, but relies on the user, who must double-click the .JAR attachment or open the file. Currently, the malware is distributed ...

Check Point Threat Alert: Locky Ransomware

 
Locky is a new type of ransomware which encrypts the victim’s files and then demands a ransom to be paid in bitcoins in order to decrypt these files. The main infection method is spam emails with an attached Word document that contains a malicious macro. The malicious macro runs a script which downloads the malware’s executable file, installs it on the victim’s computer, scans for files on the system and encrypts them. Description A new ransomware, Locky, has recently emerged. This ransomware encrypts the files on an infected computer and demands a payment in the form of bitcoins in order to decrypt the files. The ransomware attack is being spread by spam emails ...

Join Check Point at Mobile World Congress 2016

 
Everything today really is mobile. From the smartphones in our pockets to the infrastructure that powers our connected lives, mobile technology makes our world faster, smarter, and even a little bit more fun. But all of these advances are exposing all of us to new risks, and cyber attacks against mobile are on the rise and getting more sophisticated. So it's exciting for me and my team from Check Point to be first-time exhibitors at Mobile World Congress where we'll be sharing our vision for keeping the Internet of everything safe. We've experienced a tremendous year of growth in our mobile security business, demonstrating our leadership in the global effort to thwart cyber crime. ...

In the Wild: Mobile Security Observations from the Check Point Research Team

 
Time goes by fast, and mobile malware develops faster still. In the past few weeks, our mobile security team encounters several instances of innovative new malware. Whether these are complex chains of action or new methods of communication with C&C servers, it’s clear that mobile cyber threats advance quickly. The Check Point Mobile Threat Prevention research team constantly investigates new malware to stay ahead of threats. Here are some new stories our team thinks are worth a further look. HummingBad keeps on humming Researchers have found new instances of malware that closely resemble our recent discovery of HummingBad. The new variant, which is part of the LIBSKIN malware ...

Smoking Is Bad For You

 
We recently spotted what seemed to be another spam campaign, yet a deeper investigation revealed something more sinister. In this case, the chain of infection usually begins with a file named: “iodex.php”. A simple google search for inurl:“iodex.php” returned the following results: Other files, including “lagins.php”, “foq.php” and “cigarettesdd.php” were spotted as well. The cigarette motif is distinctive – both the headlines presented on Google and the content of the webpages relate to the topic. The infected webpages also contain links referring to other related websites. However, as you can see the domain names – in this case, clinicmateos.com ...

The Return of the Brazilian Banker Trojan

 
Brazil. It is known as the land of carnivals, beaches, coconuts - and vicious phishing campaigns. These campaigns have long been considered a national threat; on average, a Brazilian organization receives over 1000 phishing attacks per month. Check Point research team often uses various Brazilian phishing malwares as part of our research training program. In one instance, we gave our trainees a rather old malware, a Trojan commonly known as the “Banker”, which was first spotted in 2009. Banker is not technically complex but serves as a good example for “OSINT”-based research. The results were quite surprising. Our research shows that while the malware has adapted over the ...

Millions of AirDroid Users Exposed to Severe Vulnerability

 
Check Point alerted AirDroid that its Android device manager app is vulnerable to phone data hijacking and malicious code execution by remote attackers.     A new vulnerability in the AirDroid App was revealed by Check Point. This vulnerability affects the 50 million AirDroid users around the globe. AirDroid is a device manager app which allows users to access their Android devices through their computers. Using the newly revealed vulnerability, an attacker can steal data from unsuspecting users. This is made possible by the following procedure: an attacker sends an SMS or its equivalent which contain a malicious payload to his victim, masqueraded as a legitimate contact. ...