Google’s annual Android security report illustrates Check Point’s dominance in mobile threat defense research

 
Google published its annual security report yesterday for the Android ecosystem. The report includes many commendable efforts by Google to improve the security of users, and fight back against the raging surge of malware. One of the major actions Google has introduced this year was working alongside security vendors to eradicate malware from the ecosystem, a task Check Point was happy to contribute to. 70% of the malware Google cites in the report was discovered and brought to the public attention by Check Point’s mobile security researchers. This is a good indication of the major role played by Check Point's researchers in protecting the entire mobile ecosystem, while identifying and ...

Ransomware– Not Only File Encryption

 
Ransomware is an ever-increasing threat worldwide, claiming new victims on a regular basis with no end in sight. While most ransomware families prevent the victims from accessing their documents, pictures, databases and other files by encrypting them and offering a decryption key in return for a ransom payment, others use different, but no less creative ways to extract payment from their victims. Here are some examples:    IoT ransomware Smart devices are known to be a soft spot targeted by threat actors for various purposes. In August 2016, security researchers demonstrated their ability to take control of a building’s thermostats and cause them to increase the temperature ...

Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram Accounts

 
One of the most concerning revelations arising from the recent WikiLeaks publication is the possibility that government organizations can compromise WhatsApp, Telegram and other end-to-end encrypted chat applications. While this has yet to be proven, many end-users are concerned as WhatsApp and Telegram use end-to-end encryption to guarantee user privacy. This encryption is designed to ensure that only the people communicating can read the messages and nobody else in between. Nevertheless, this same mechanism has also been the origin of a new severe vulnerability we have discovered in both messaging services’ online platform – WhatsApp Web and Telegram Web. The online version of ...

Merry X-Mas Ransomware Decryption Tool

 
Merry X-Mas is a ransomware that was first spotted in the wild on January 3, 2017. Upon successful infection, the ransomware encrypts victims’ files and presents a “Merry Christmas” ransom note with a holiday-themed design and a demand for payment to regain access to the files. The malware was first distributed through a spam campaign which claimed to be from the Federal Trade Commission. When the victim clicked the link in the email, it caused a zipped file with the extension pdf.exe to download. Disguised as a legitimate PDF file, this was actually the Merry X-Mas dropper.   The malware’s second attack wave came a few days later on January 8, with a similar spam ...

Hancitor Makes First Appearance in Top Five ‘Most Wanted’ Malware in Check Point’s February Global Threat Impact Index

 
Hancitor has surged into the top five of our ‘most wanted’ malware families worldwide for the first time, according to the new February Global Threat Impact Index from our Threat Intelligence Research Team. The downloader, which installs malicious payloads such as Banking Trojans and ransomware on infected machines, climbed 22 places after more than tripling its global impact in the past month. Also known as Chanitor, Hancitor is usually delivered as a macro-enabled Office document in phishing emails with "important" messages such as voicemails, faxes or invoices. The index ranked Kelihos, a botnet used in spam campaigns, as the most prevalent malware family overall, with 12% of ...

Three Key Takeaways from WikiLeaks’ Release of CIA Documents

 
The latest revelations by WikiLeaks, collectively called the “Vault 7 Leak”, have caused quite a commotion in the security world, reinvigorating myths that were previously viewed as theoretical. There are already several lessons to be learned from WikiLeaks’ most recent data dump, and we offer you three top takeaways from the initial document disclosure.   1. Every connected device can be hacked The publication details exploitation techniques for all sorts of electronic devices: from PCs and laptops, to mobile devices, and even to Smart TVs and connected cars. While these techniques are not groundbreaking, the sheer scope of hackable devices revealed in the CIA trove is ...

Preinstalled Malware Targeting Mobile Users

 
Check Point mobile threat researchers recently detected a severe infection in 36 Android devices belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the users’ use, it arrived with it. According to the findings, the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain. Six of the malware instances were added by a malicious actor to the device’s ROM using ...

Check Point Comments on Recent Advanced Threats

 
Today’s publication by WikiLeaks shows how advanced hacking techniques, including extremely sophisticated exploit tools, are more readily available than you’d think; they’re available to everyone, including governments. These tools provide new surveillance capabilities allowing them to hack into enterprise and military networks, smartphones, tablets and even IoT devices such as Smart TVs. Check Point researchers have been tracking these exploits since the news was first released. What is not released yet is the code detail.  Since the information was retrieved from early 2016, most of the mobile devices that have been targeted so far are older operating system versions of Android ...

Check Point R80 Just Made Neopharm’s Security Management Simpler

 
It’s becoming more challenging than ever to manage security across expanding networks, new technologies, and with growing business requirements. With the risk posed by modern threats, security teams need far more agility and visibility to efficiently manage it all. The Neopharm Group found what it needed—clear visibility, management efficiency and a way to reduce operational overhead—through Check Point’s R80 Security Management. I recently sat down with Amir Shay, the IT and Security Manager of the Neopharm Group. Through its family of companies, Neopharm Group is engaged in the research and development, manufacturing, marketing and sales of a broad range of products in the ...

2016 H2 Global and Regional Threat Intelligence Trends

 
Introduction New, sophisticated threats continue to emerge on a daily basis across multiple platforms: social media, mobile platforms, email, and web pages. At the same time, prominent malware and attack methods continue to evolve, bypassing existing security solutions, and tailoring attacks against the largest companies in the world. The devices we use every day are now subject to compromise and can be leveraged for attacks. Even the recent U.S. elections were targeted with significant attacks. The Check Point 2016 H2 Global Threat Intelligence Trends report provides you with the best overview of the cyber landscape; threats, data breaches, trends, attacks and predictions, based on data ...