Global Trends of the ‘Most Wanted’ Malware

 
The malware world continues to develop rapidly and dynamically. On a daily basis new malware appears, accelerating the cat-and-mouse game between attackers and defenders. As a result, it’s more important than ever for cyber security professionals to stay up-to-date about the ever-changing threat landscape in order to provide organizations with the highest level of protection. To keep you in the know, Check Point has created the H1 2016 Global and Regional Trends of the ‘Most Wanted’ Malware report, which provides an overview of the malware landscape in the top categories – ransomware, banking and mobile – based on threat intelligence data drawn from Check Point’s ThreatCloud ...

Check Point’s Cyber Security Predictions for 2017

 
2016 proved to be another year of devastating data breaches, spanning across multiple industries, across both large and small companies alike. There have been many sobering moments throughout the year, validating once again, that no one is immune to sophisticated cyberattacks. According to the Identity Theft Resource Center, as of October 19th of this year there were 783 reported breaches, exposing more than 29 million records (please note this number does not include the majority of breaches in which companies did not report the number of records affected). What does this tell us? Data breaches are becoming more prevalent and attack trends show no evidence of slowing down. Again, we see ...

6 Tips to Outsmart the Phishermen

 
Brian Kernighan once said, “If you don't understand viruses, phishing, and similar cyber threats, you become more susceptible to them.” With cyber scams constantly increasing in sophistication, this statement is especially true today. So, what exactly is phishing? In a phishing attack, a hacker creates an email that appears to be legitimate and sends it to one or more individuals or employees. Their goal – trick users into clicking on a malicious link or attachment, or divulging login credentials through deceptive websites, allowing the thief to easily bypass defenses and giving them access the network or important business and financial assets. Unfortunately, hackers are ...

September’s ‘Most Wanted’ Malware List: Ransomware in Top 3 for First Time

 
The Check Point Research Team revealed this week that ransomware attacks continued to rise in September. For the first time since the team launched the Threat Index, ransomware moved into the top three position of the most prevalent malware, with the Locky ransomware accounting for 6 percent of all recognized attacks globally during the month. The relative presence of ransomware attacks, within the total number of global attacks, increased by 13 percent. In line with recent trends, the number of active malware families remained high, with three new entries making the top ten, including Chanitor, a downloader for malicious payloads, the Blackhole exploit kit, and Nivdort, a multipurpose bot. ...

Phishing: Reeling in Enterprises for Hefty Profits

 
Can you believe that phishing, the scam that tricks users into giving away sensitive information like their credit card numbers and bank login credentials, is still with us after more than twenty years? Phishing is still here because criminals keep devising new ways to make it work. However, new phishing methods take more effort, but yield only modest returns. To increase their returns, some criminals are dropping phishing schemes that attack large masses of random users and are replacing them with narrowly focused attacks targeting a few high-value employees at enterprises. These attacks are called “spear phishing.” Spear phishing uses social engineering and deception to steal ...

Outstanding Results – Check Point Achieves 3rd NSS Recommended Rating This Year

 
Great news! I’m glad to report we achieved another NSS Recommended in their recent NGIPS Group Test! This is our 3rd NSS Recommended this year and our 13th since we began working with NSS Labs in 2011. The previous two tests this year measured our Next Generation Firewall capabilities and the Breach Detection System (advanced threat prevention) capabilities. This is a great achievement and Check Point stands out as the only vendor to achieve NSS Recommended in these three tests this year. At first, you might think the differences between security products are small but that’s NOT the case. NSS published the results for eight products and they stated in their press release that the ...

Join Check Point at SecTor to learn how to go beyond traditional security with advanced threat prevention

 
Next week, Check Point will be at SecTor, Canada’s premier IT security education conference. The conference brings the world’s brightest (and darkest) minds together to identify, discuss, dissect and debate the latest digital threats facing corporations today. The conference has assembled a line-up of industry experts who will share some of the most engaging, educational and thought-provoking security sessions in the industry.   With the threat landscape rapidly evolving, advanced malware and zero day threats will leave your traditional security approaches in the dust. Legacy security architectures and tools will expose your infrastructure to cyber risks and challenges never ...

Android Updates: Hurry Up and Wait  

 
Google, device makers and carriers take too long to update Android vulnerabilities. In fact, while it takes Apple just days to update iOS when it finds a vulnerability, Threatpost points out that it can take Google weeks or even months to do the same for Android. Apple needed only ten days to fix Trident vulnerabilities in iOS, but it took Google over seven months to fix all of the QuadRooter vulnerabilities in Android. While Apple is faster to fix iOS, and although iPhone and iPad devices are wildly popular, Apple doesn't rule the mobile world. Android has over 87% ownership of the global smartphone OS market, and of the top 5 smartphone vendors, 39% make Android devices – ...

4 Tips on How to Respond to a Ransomware Attack

 
Benjamin Franklin said, “An ounce of prevention is worth a pound of cure.” In the world of cyber security, it is indeed essential that organizations take steps to prevent ransomware from attacking their organizations and taking their data hostage. However, despite even the most extravagant and precautious preparations, some attacks may still get through. Knowing what to do, how to respond, in the event your organization becomes a victim of ransomware, and what tools to use to help identify and contain an attack can mean the difference between losing one computer and taking down your entire network for hours, days, or even weeks while you repair the damage. The following best ...

Defeating Sandbox Evasion: How to Increase Successful Emulation Rate in Your Virtualized Environment

 
At the Virus Bulletin conference yesterday in Denver, Check Point researchers Stanislav Skuratovich and Aliaksandr Chailytko gave a talk detailing how cyber security professionals can defeat sandbox evasion. In case you weren't able to attend the conference, we've provided a summary of their presentation below. The malware world is a dynamic one. As soon as sandboxes appeared, malware writers began looking for ways to circumvent them. As part of the endless cat and mouse game, we endeavor to keep users protected by identifying and blocking any attempt to evade sandbox detection. Sandboxes are special virtualized, sterile environments used by researchers and advanced security ...