Global Outbreak of WannaCry

 
On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing a large scale ransomware attack which is utilizing SMB to propagate within their networks.  To complicate matters there are a number of different campaigns ongoing so identifying specific infection vectors has been a challenge. For WannaCry the infection vector appears to be direct infection utilizing SMB as delivery method. Samples have been identified by Check Point Research Teams that contain variant “killswitch” domains and bitcoin addresses. All tested samples have been detected and ...

Banking trojans are on the rise: here’s how to avoid being robbed

 
Banking trojans are helping cybercriminals to commit the perfect crime:  stealing money from the accounts of unsuspecting victims, almost untraceably and at minimal risk.  As such it’s no surprise that from June to December 2016, banking trojans were only fractionally behind ransomware in being the most prevalent type of malware, and in Asia-Pacific countries they far outstripped ransomware in the number of attacks.  So how do banking trojans work, and how can users protect themselves against an online bank robbery? First, banking trojans are among the stealthiest of all malware types.  After a banking trojan infects a user’s PC or web browser, it will lie dormant and wait for ...