Check Point R80.10 Maximizes Security and Minimizes Operational Overhead for CCI Nice Côte D’Azur, Creating a “WOW” Effect

 
Security threats and attackers continue to adapt their techniques, making it more difficult than ever for organizations to protect themselves. When the CCI Nice Côte D’Azur upgraded to Check Point’s R80.10 Security Management, it increased threat prevention performance, efficiency, and visibility while reducing operational overhead.   In a recent chat with Frédéric Achache, IT Projects Manager of CCI Nice Côte D’Azur, I gained some interesting behind-the-scenes perspectives on its security challenges. The CCI is a metropolitan and regional agency charged with promoting economic development across the Alpes-Maritimes Côte D’Azur region. In addition to headquarters, ...

Security Brief for Connected Automotives

 
Introduction       The question of which companies will dominate the automotive industry in coming years is being decided in the contest to produce Internet-connected cars. Intel predicts 120 million vehicles with varying degrees of automation will be on our roads by 2030. (Shot, 2016).The development and popular adoption of automotive data connectivity and autonomous navigation will have major consequences for IT professionals in many industries who will be expected to provide a variety of IT services to consumers and employees through cars that in themselves are mobile computing platforms. Automotive Security Issues Because connected cars intersect the categories of ...

Check Point Reveals Global WannaCry Ransomware Infection Map at CPX Europe 2017

 
Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection Map, the researchers were able to track 34,300 attack attempts in 97 countries. The average pace as of today is one attempt in every three second – indicating a slight decline since the original pace registered two days ago, of one attempt per second. The top country from where attack attempts were registered is India, followed by the USA and Russia.   Maya Horowitz, Threat Intelligence Group Manager at Check Point said, “Although we see it slightly slowing down, WannaCry still spreads fast, targeting organizations ...

WannaCry – New Kill-Switch, New Sinkhole

 
Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning hit rate of 1 connection per second. Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from the ransomware’s damage. Our research shows that the kill-switch works the same as in earlier versions, and the rest of the code is similar to the older versions. New kill-switch: ...

Global Outbreak of WannaCry

 
On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing a large scale ransomware attack which is utilizing SMB to propagate within their networks.  To complicate matters there are a number of different campaigns ongoing so identifying specific infection vectors has been a challenge. For WannaCry the infection vector appears to be direct infection utilizing SMB as delivery method. Samples have been identified by Check Point Research Teams that contain variant “killswitch” domains and bitcoin addresses. All tested samples have been detected and ...

JAFF – A New Ransomware is in town, and it’s widely spread by the infamous Necurs Botnet

 
Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only to shortly peak late in April, spreading Locky using malicious PDF documents. Today, May 11, Necurs started spreading a new ransomware called JAFF. Check Point’s global sensors have spotted as many as 40,000 emails in the last few hours, at an infection rate of approximately 10,000 emails sent per hour. Image 1: The JAFF ransomware ransom note (courtesy of MalwareHunterTeam)   Necurs has the reputation for being one of the 'best' malware distributors. In the past, it helped Locky and Dridex reach millions of victims, making them ...

DiamondFox modular malware – a one-stop shop

 
Check Point researchers have conducted a thorough investigation of the DiamondFox malware-as-a-service in collaboration with Terbium Labs, a Dark Web Data Intelligence company. The report includes a review of the malware’s sales procedure and customer reviews, as well as a full technical analysis of its multiple plugins. For the full DiamondFox report click here. Check Point Threat Intelligence teams constantly track the latest attack trends, campaigns and attack methods to maintain an up-to-date and  accurate view of the cyber threat landscape. In recent years, an effective new business method has penetrated the thriving malware and attack tools market and led to the establishment ...

The Devil’s Bargain: Security or Productivity?

 
With so much riding on cyber security, those of us charged with providing it must make a devil’s bargain between conflicting priorities: maintain productivity by letting users receive and transmit information quickly, or protect information at the cost of unacceptable latency. The dilemma arises from the nature of today’s threats. In the original threat-signature model, which is still valid, threat actors distribute malware, which honeypots and other sensors around the Internet pick up and pass to security analysts. The analysts quickly generate the threat signatures antivirus and intrusion-prevention systems use to block threats. Security vendors update malware signatures in their ...

GDPR – here’s what you need to do right now

 
By now you may have heard of GDPR, the new European General Data Protection Regulation.  It’s a complex, and evolving piece of legislation that comes into effect in May 2018.  It doesn’t matter whether your organization has any presence in the EU, or where your applications and data are processed and stored.  If your organization holds or controls any data about an EU citizen, then you need to start thinking about being compliant with GDPR … and the sooner, the better. Simply put, GDPR requires companies to implement entirely new processes and procedures around the collection and storage of personally identifiable information (PII).  It defines PII as any information that ...

Check Point Infinity – The Security Architecture of the Future – Today

 
Infinity is boundless.  Unfortunately so are your IT demands and security expectations.  The explosion of new technologies promising simplification, untold efficiencies and cost savings are only creating uncertainty, complexity and risk. There needs to be a force to unify and harness the promise of these new technologies for the benefit of business operations and customers.  Welcome to the future of cyber security, Check Point Infinity.  Check Point Infinity is the first ever consolidated, security architecture across networks, cloud and mobile providing the highest level of threat prevention.  The days of ineffective, disparate, point product security constructs are ...