Life After QuadRooter: Measuring The Impact

 
Following Check Point’s disclosure of QuadRooter at Black Hat USA on August 7, the free QuadRooter scanner app was downloaded over half a million times. The results of the scans Check Point collected show that almost two thirds of scanned devices were affected. These reports also offer a unique opportunity to analyze a large sample of in-use devices to see how the Android community is affected by and responds to new vulnerabilities. Learn the technical details of QuadRooter: Download our report today. Methodology The scanner app was designed to detect QuadRooter vulnerabilities in different ways. It used code analysis of potential exploit techniques to detect CVE-2016-2504 and ...

Pixel Tracking: A Hacker’s Tool

 
What is pixel tracking? It’s challenging to justify the effectiveness of an email campaign if you can’t measure its success. So, what do you do? You use pixel tracking, a seemingly innocent sales tool that helps sales and marketing teams track their campaigns. Tracking pixels are embedded into emails and load when the recipient opens the email. The sender can receive information about when and who opens the email, how many links are clicked, what platform the receiver uses, and the status of the message. The same concept is used for attachment and link tracking as well. However, this data collection is performed usually without the recipients’ knowledge or consent. Most ...

Email from PayPal? Don’t Get Attached!

 
Introduction Phishing scams are fraudulent email messages that appear to come from legitimate enterprises such as your university, your Internet service provider, or your bank. These messages usually direct you to a spoofed website, have a malicious attachment, or otherwise get you to divulge private information. The perpetrators then use this information to commit identity theft.   Why is PayPal fraud so special? According to “OpenPhish”, a zero-day phishing site feed, PayPal is one of the top 10 targeted brands https://openphish.com/phishing_activity.html. PayPal is very popular and contains sensitive user information, which makes it very attractive for phishing ...

Closing the Cloud Security Gaps

 
Regardless of where your applications and data reside – whether in private, public or hybrid cloud environments – they are attractive targets. Protecting assets in the cloud requires the same comprehensive security used to protect your physical environments. However, the dynamic and elastic nature of the cloud make traditional security approaches ineffective, exposing organizations and their data to a host of new risks. What’s more cloud assets are being provisioned and put into production environments without the security teams’ knowledge. Infrastructure teams, server administrators and application developers now define infrastructure – but these disciplines typically do not ...

Check Point Forensics: PokemonGo Ransomware’s Hidden Unexpected User

 
It was inevitable. Given the popularity of PokemonGo, ransomware developers have already attempted to trick users into downloading malware that claims to be PC versions of the popular mobile game. There are currently already two known ransomware variants that attempt to capitalize on the mobile games popularity by naming their executables pokemongo.exe. BleepingComputer has already named the first of the discovered ransomware the PokemonGo Ransomware and the second is called DetoxCrypto. In this blog, we will show and describe a SandBlast Agent forensics run of the PokemonGo Ransomware and how it attempts to hide the creation of a new user account called “hack3r”. Click here to ...