July’s Most Wanted Malware: RoughTed and Fireball Decrease, But Stay Most Prevalent

 
Check Point’s latest Global Threat Impact Index reveals that that the number of organizations impacted globally by the RoughTed malvertising campaign fell by over a third during July, from 28% to 18%. RoughTed is a large-scale malvertising campaign used to deliver malicious websites and payloads such as scams, adware, exploit kits and ransomware. Despite its drop-off, RoughTed remained the most prevalent form of malware during July. Second was HackerDefender, a user-mode rootkit for Windows, which affected 5% of companies. The Index also revealed a sharp decline in the prevalence of Fireball, which dropped to third place in the rankings. In July, it impacted 4.5% or organizations, ...

Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

 
The popular business social network LinkedIn has accumulated over 500 million members across 200 countries worldwide. Whether you’re a manager seeking to expand your team or a graduate on the job hunt, LinkedIn is the go-to place to expand your professional network. As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals utilize the site to seek out trustworthy business connections and job opportunities. The most used feature on the site is the messenger platform. It enables users to easily send resumes, transfer academic research and share job descriptions. Users open messages under the assumption that the information is safe, secure ...

Cyber Attack Trends: Mid-Year Report

 
2017 has proved to be a lucrative year for cybercrime. Prominent malware and attack methods continue to evolve, creatively bypassing existing security solutions.  In 2016, we witnessed sophisticated new malware emerging on a regular basis, exposing new capabilities, distribution methods, and attack services offered for sale through multiple platforms. 2017 is shedding light on a new trend – simple, yet highly effective malware families are causing rapid destruction globally. So far, in 2017 cyber attacks are occurring at a higher frequency than previous years. Recent infiltrations have demonstrated the agility, scale and persistence of an attack that criminals are capable of ...

Get Rich or Die Trying: A Case Study on the Real Identity behind a Wave of Cyber Attacks on Energy, Mining and Infrastructure Companies

 
    Over the past 4 months, over 4,000 organizations globally have been targeted by cyber attacks which aim to infect their networks, steal data and commit fraud.  Many of these companies are leading international names in industries such as oil & gas, manufacturing, banking and construction industries – and some have had their defenses breached by the attacks.       Companies that Check Point researchers confirmed were infected during the campaign include: A marine and energy solutions company in Croatia A transportation company in Abu Dhabi A mining company in Egypt A construction company in Dubai An oil & gas firm in ...

ZoneAlarm Anti-Ransomware Earns “Editor’s Choice” from PC magazine

 
A recent review in PC magazine by Lead Analyst, Neil J. Rubenking approaches one of cyber security’s latest growing concerns, ransomware. Various comparison tests of anti-ransomware products were conducted while specifically focusing on Check Point’s consumer anti-ransomware product, ZoneAlarm. ZoneAlarm by Check Point is based on the same technology of its enterprise grade product, SandBlast Anti- Ransomware. I was very pleased to read that Rubenking took ZoneAlarm for a test drive in a real-life ransomware simulation. Rubenking’s simulation demonstrated ZoneAlarm’s capabilities to defeat each threat in a very easy-to-use, intuitive mode.  ZoneAlarm leaves zero traces of any ...

“The Next WannaCry” Vulnerability is Here – Let’s Stop it before it’s too Late

 
This Tuesday, Microsoft released a security patch including 48 fixes, 25 of which are defined as “critical”. While Microsoft updates happen every month, this one reveals an especially dangerous vulnerability – CVE-2017-8620. Behind this dull name hides a severe flaw affecting all current versions of Windows, which enables attackers to spread a contagious attack between computers in the network. It is not very often that such a volatile vulnerability, providing hackers with full control over entire networks, is discovered. The last time such a vulnerability was disclosed was in March 2017, when another Microsoft security patch fixed the “EternalBlue” exploit. Two months after ...

CSO Gives SandBlast Mobile a Rave Review

 
I was delighted to read David Strom’s extremely favorable product review of Check Point SandBlast Mobile in CSO magazine a few weeks ago. Strom really puts SandBlast Mobile through the paces in the review, and in the process provides security and IT leaders facing the challenge of securing mobility in their organizations with a great deal of insight. In short, Strom found SandBlast Mobile to be a comprehensive yet easy to manage mobile threat defense solution, which is worth the cost to protect against a wide range of attack vectors. The review clearly demonstrates that it’s possible to easily deploy the most advanced security solution, without impacting performance or the overall ...

Are You Prepared for the Next Attack?

 
A WAKE-UP CALL From WannaCry and Petya to the most recent attacks today, #LeakTheAnalyst and HBO—it is now apparent that anyone or any organization is a target for cyber criminals. Attacks continue to grow at an alarming rate – in volume, sophistication and impact. As of May 2017, Check Point products are detecting over 17 million attacks each week, more than half of these attacks include payloads which are unknown at the time of detection and cannot be detected by conventional signature-based technology. These attacks serve as a wake-up call, illustrating how fragile and vulnerable organizations have become in recent years. In response to the many recent outbreaks, organizations ...

Re-Thinking the Cyber Consolidation Paradigm

 
The Battle of Consolidation vs. Best-of-Breed, does more security mean better security? You’re probably frequently scrutinizing whether or not your own organization’s cyber security is being properly managed. We’re constantly being bombarded with news of the latest cyber security attacks and hoping there are no gaps in our own organization’s security. With every new ransomware or phishing attack, the red flags start to wave. The immediate reaction is to ramp up our security and increase the number of vendors with the assumption that with these new products will keep us better protected. In reality, this unfortunately isn’t the case. In a recent survey, executives were asked ...

JavaScript Lost in the Dictionary

 
Check Point threat Intelligence sensors have picked up a stealth campaign that traditional anti-virus solutions are having a hard time detecting. On July 17th SandBlast Zero-Day Protection started showing a massive email campaign which was not caught by traditional AV solutions. Even today, on the fourth day of this campaign, when Check Point has already blocked 5,000 unique samples of the campaign, there are still only a handful of samples on VirusTotal, half of which are not detected by any AV scan engine and the others with just a handful of detections.   The campaign is related to the “BlankSlate” spam campaign which sends emails with blank body and in this case ...