2016 H2 Global and Regional Threat Intelligence Trends

 
Introduction New, sophisticated threats continue to emerge on a daily basis across multiple platforms: social media, mobile platforms, email, and web pages. At the same time, prominent malware and attack methods continue to evolve, bypassing existing security solutions, and tailoring attacks against the largest companies in the world. The devices we use every day are now subject to compromise and can be leveraged for attacks. Even the recent U.S. elections were targeted with significant attacks. The Check Point 2016 H2 Global Threat Intelligence Trends report provides you with the best overview of the cyber landscape; threats, data breaches, trends, attacks and predictions, based on data ...

Android: the Perils of Popularity

 
Despite the long lines you see stretching from stores when a new iPhone comes out, Android phones rule. According to IDC, Android’s market share hovers at over 80 percent while iOS has a market share in the teens. Android’s popularity — and vulnerability to attacks — arise from Google’s decision to make Android an open OS. Being an open OS lets many manufacturers make devices that can run Android. However this leads to OS fragmentation when several vendors each release several models over several years resulting in thousands of active versions of Android. This wouldn’t be a big deal except each version has software vulnerabilities that must be patched. At best, it can take ...

Cyber Threat Alliance Marks New Era in Industry Collaboration and Customer Protection

 
The announcement by the Cyber Threat Alliance (CTA) at the RSA Conference is an important moment in the security industry.  It truly marks a new era of industry collaboration for the greater good through the sharing of threat intelligence to drive better protection for all member customers.   What is the CTA? The Cyber Threat Alliance (CTA) is an intelligence sharing marketplace where leading security vendors have joined together in good faith to equitably share campaign-based cyber threat intelligence to improve our products and boost the security posture of our customers.  The CTA’s Guiding Principles are: For the greater good:  Share intelligence to strengthen ...

Check Point’s 2017 Cyber Security Survey Shows Key Concerns and Opportunities among IT Professionals

 
The theme of the 2017 RSA Conference is ‘The Power of Opportunity’ inspired by an approach to learning taken by the Zen monk Shunryu Suzuki. He said that one should pursue even the most advanced study with the mind-set of a beginner and be open to considering new possibilities. That’s certainly a good way to approach the challenges of enterprise security. Today’s business landscape is constantly evolving, presenting new opportunities and challenges – such as the migration to public and private clouds, wider roll-out of mobility and BYOD programs, and the emergence of new cyberthreats seeking to exploit these technologies. So, what are the threats that enterprises are ...

The SMISHING threat – unraveling the details of an attack

 
  On January 26, a new smishing attack targeted users in the Czech Republic. Smishing, or SMS phishing, is a vector attackers use to send SMS messages from supposedly legitimate organizations.  These messages persuade users to download a malicious app, to provide private information like bank account or credit card details, or to click on a malicious URL. In this campaign, the attackers masqueraded as Czech Post, the Czech postal service to get users to download a malicious app containing a full-scale Trojan horse. Once users click the link, they are led to a fake Czech Post web page with a seemingly legitimate address. From there the malware downloads and installs immediately ...

Hummingbad Overtaken as Leading Mobile Malware in January’s Global Threat Impact Index

 
 Hummingbad has been overtaken as the leading mobile malware for the first time since February 2016, according to the new January Global Threat Impact Index from our Threat Intelligence Research Team. Hummingbad was replaced at the top of the ‘most wanted mobile malware’ by Triada, a modular backdoor for Android which grants super-user privileges to downloaded malware, as helps it to get embedded into system processes.  In total, mobile malware accounted for 9% of all recognized attacks while the Index ranked Kelihos, a botnet used in bitcoin theft, as the most prevalent malware family overall, with 5% of organizations globally being impacted by it. Overall the top 10 malware ...

Check Point Prevention at the Movies, Rogue One: Data Loss on a Galactic Scale

 
  The Client: The Galactic Empire   The situation: Security researchers at Check Point have attributed an attack on the client to a hacking group calling itself the “Rebel Alliance.” Researchers have identified the motive driving the attack was to exfiltrate the Empire’s intellectual property, specifically a file named “Stardust” containing the plans for a large weapons station or “Death Star.” This incident was consistent with a complex attack method which included data leakage by an insider, an exploit our researchers named DroidChanger targeting vulnerabilities in Internet of Droids or IoD devices, compromised physical security and insufficient access ...

SQL Slammer Comeback

 
SQL Slammer is a computer worm that first appeared in the wild in January 2003, and caused a denial of service condition on tens of thousands of servers around the world. It did so by overloading Internet objects such as servers and routers with a massive number of network packets within 10 minutes of its first emergence.   The worm exploits a buffer overflow vulnerability in Microsoft SQL Server 2000 or MSDE 2000 by sending a formatted request to UDP port 1434. After the server is infected, it attempts to spread rapidly by sending the same payload to random IP addresses, causing a denial of service condition on its targets. This vulnerability was discovered by David Litchfield ...