A Complex Web: Bitcoin Mixing Services

 
Check Point’s Threat Intelligence Analysis team often comes across attackers who seek payment from their victims in Bitcoins – especially following ransomware attacks such as Cerber. Once they get paid for their criminal exploits, these actors employ all sorts of Bitcoin mixers and tumblers to cover their tracks. We decided to analyze these mixing services to achieve a better understanding of their operation methods, in an effort to provide organizations with insights into the complex cybercriminal underworld.   About Bitcoin Mixing Services Bitcoin is often thought of as a payment method that hides both the sender and the recipient, and makes it impossible to identify the ...

October’s ‘Most Wanted’ Malware List Shows Attacks on the Rise

 
Check Point’s Threat Intelligence Research Team revealed today that the number of malware attacks increased in October, as the company released its monthly Global Threat Index, a ranking of the most prevalent malware families attacking organizations’ networks. The team found that both the number of active malware families and number of attacks increased by 5% during the period, pushing the number of attacks on business networks to near peak levels, as seen earlier this year. Locky ransomware attacks continued to rise, moving it up from third to second place, while the Zeus banking trojan moved up two spots, returning it to the top three. The reason for Locky’s continued growth is ...

Can SandBlast Block Unknown Attacks? Challenge Accepted, Network World!

 
Recently, David Strom and Network World decided to put our zero-day protection technology to the test, literally. Now, after in-depth security analysis, we are excited to share the findings with you. In short, Strom found SandBlast to be a comprehensive yet easy to manage solution, which is worth the cost for effective protection against unknown malware.   Challenge No. 1: Can Zero-Day Attacks Be Detected? “No matter what virus package we tried, SandBlast caught it, cleaned it, and stopped the exploit from propagating.” In his extensive testing, David lodged multiple attacks against our SandBlast Threat Prevention Solutions. And guess what! SandBlast stopped all of ...

Beware! Malware Targeting Endpoints on the Rise Ahead

 
All you need to do is listen to the news and you know that the cyber threat landscape in 2016 has gotten much worse. But what types of threats are driving companies to take action? And what actions are they taking? To answer these questions, and more, we turned to SANS Institute, the leading organization for cybersecurity research, training and certification to conduct an in-depth survey of more than 300 enterprise customers across the globe. The survey, known as the 2016 SANS Threat Landscape Survey, explores the current state of the threat landscape and how these security threats are impacting organizations. In particular, it examines the types and the nature of threats attacking ...

Global Trends of the ‘Most Wanted’ Malware

 
The malware world continues to develop rapidly and dynamically. On a daily basis new malware appears, accelerating the cat-and-mouse game between attackers and defenders. As a result, it’s more important than ever for cyber security professionals to stay up-to-date about the ever-changing threat landscape in order to provide organizations with the highest level of protection. To keep you in the know, Check Point has created the H1 2016 Global and Regional Trends of the ‘Most Wanted’ Malware report, which provides an overview of the malware landscape in the top categories – ransomware, banking and mobile – based on threat intelligence data drawn from Check Point’s ThreatCloud ...

6 Tips to Outsmart the Phishermen

 
Brian Kernighan once said, “If you don't understand viruses, phishing, and similar cyber threats, you become more susceptible to them.” With cyber scams constantly increasing in sophistication, this statement is especially true today. So, what exactly is phishing? In a phishing attack, a hacker creates an email that appears to be legitimate and sends it to one or more individuals or employees. Their goal – trick users into clicking on a malicious link or attachment, or divulging login credentials through deceptive websites, allowing the thief to easily bypass defenses and giving them access the network or important business and financial assets. Unfortunately, hackers are ...

September’s ‘Most Wanted’ Malware List: Ransomware in Top 3 for First Time

 
The Check Point Research Team revealed this week that ransomware attacks continued to rise in September. For the first time since the team launched the Threat Index, ransomware moved into the top three position of the most prevalent malware, with the Locky ransomware accounting for 6 percent of all recognized attacks globally during the month. The relative presence of ransomware attacks, within the total number of global attacks, increased by 13 percent. In line with recent trends, the number of active malware families remained high, with three new entries making the top ten, including Chanitor, a downloader for malicious payloads, the Blackhole exploit kit, and Nivdort, a multipurpose bot. ...

Phishing: Reeling in Enterprises for Hefty Profits

 
Can you believe that phishing, the scam that tricks users into giving away sensitive information like their credit card numbers and bank login credentials, is still with us after more than twenty years? Phishing is still here because criminals keep devising new ways to make it work. However, new phishing methods take more effort, but yield only modest returns. To increase their returns, some criminals are dropping phishing schemes that attack large masses of random users and are replacing them with narrowly focused attacks targeting a few high-value employees at enterprises. These attacks are called “spear phishing.” Spear phishing uses social engineering and deception to steal ...

Outstanding Results – Check Point Achieves 3rd NSS Recommended Rating This Year

 
Great news! I’m glad to report we achieved another NSS Recommended in their recent NGIPS Group Test! This is our 3rd NSS Recommended this year and our 13th since we began working with NSS Labs in 2011. The previous two tests this year measured our Next Generation Firewall capabilities and the Breach Detection System (advanced threat prevention) capabilities. This is a great achievement and Check Point stands out as the only vendor to achieve NSS Recommended in these three tests this year. At first, you might think the differences between security products are small but that’s NOT the case. NSS published the results for eight products and they stated in their press release that the ...

4 Tips on How to Respond to a Ransomware Attack

 
Benjamin Franklin said, “An ounce of prevention is worth a pound of cure.” In the world of cyber security, it is indeed essential that organizations take steps to prevent ransomware from attacking their organizations and taking their data hostage. However, despite even the most extravagant and precautious preparations, some attacks may still get through. Knowing what to do, how to respond, in the event your organization becomes a victim of ransomware, and what tools to use to help identify and contain an attack can mean the difference between losing one computer and taking down your entire network for hours, days, or even weeks while you repair the damage. The following best ...