Check Point Blog

Sort blog posts by:  

Growing a Global Company: Recapping Gil Shwed’s Interviews with Forbes and Inc

 
If you ask any Check Point researcher or engineer for one word that describes what Check Point does best, you’ll get a wide range of answers -- anything from “cybersecurity” to “cyber-security” to the rebels that’ll say “cyber security”.   But if you ask the press, you’ll get a very different answer. Growth.   Over the past week, Inc and Forbes sat down with our CEO, Gil Shwed, and asked him about his journey as an entrepreneur. They wondered - why would a founder stay with a company for so many years… why not cash out early, like most founders do? Gil talks about ingredients to Check Point’s success and his own personal insights from running one ...

December’s Most Wanted Malware: Crypto-Miners Affect 55% of Businesses Worldwide

 
Check Point’s latest Global Threat Index reveals the rise of crypto-mining malware targeting enterprises   During the month of December 2017, crypto-mining malware rapidly rose in Check Point’s Global Threat Index’s top ten most prevalent malware.   Crypto-mining malware refers to cybercriminals hijacking the victim’s CPU or GPU power and existing resources to mine cryptocurrency. Check Point researchers found that crypto-miners managed to impact 55% of organizations globally, with two variants in the top three list of malware and ten different variants in the expanded top 100.  In December, the crypto-miner Coinhive replaced RoughTed as the most prevalent ...

Malware Displaying Porn Ads Discovered in Game Apps on Google Play

 
In the past, cyber-criminals have targeted businesses, hospitals, and governments; today, we’ve seen them begin to focus on games and apps intended for children.   Check Point Researchers have revealed a new and nasty malicious code on Google Play Store that hides itself inside roughly 60 game apps, several of which are intended for children. According to Google Play's data, the apps have been downloaded between 3 million and 7 million times.   Dubbed ‘AdultSwine’, these malicious apps wreak havoc in three possible ways: Displaying ads from the web that are often highly inappropriate and pornographic. Attempting to trick users into installing fake ...

How The Spectre/Meltdown Vulnerabilities Work

 
The Spectre and Meltdown vulnerabilities recently discovered in Intel, AMD and ARM processors, are fairly complex. In this post we will try to simplify what the problem is, how it could affect your business and what actions can be taken to protect against it. It is important to begin by clarifying that despite their two names, both Spectre and Meltdown are essentially based on the same observation. This observation is a weakness behind the common implementation of speculative execution. What Is Speculative Execution? With the rate of computing power said to double every two years, CPU engineers are tasked with ensuring computers are able to run faster and faster in order to carry ...

Mitigating CPU Vulnerabilities: Removing the OS Blindfold

 
OS Level Solutions Are Not Enough The recent Meltdown and Spectre vulnerabilities target weaknesses of the CPU rather than the Operating System, or the applications that run on it. (See here for background on how these vulnerabilities work). Since they do not involve the Operating System, solutions that monitor at that level, such as traditional sandboxes, will be incapable of detecting these types of attack. A lower level framework is required in order to properly identify and mitigate these attacks.   Using The CPU Level Framework To Mitigate The Spectre and Meltdown Vulnerabilities CPU Level framework was introduced into the family of SandBlast Advanced Threat ...

LightsOut: Shining a Light On Malicious Flashlight Apps on Google Play

 
Check Point researchers have detected a new type of adware roaming Google Play, the official app store of Google. The suspicious scripts overrides the user’s decision to disable ads showing outside of a legitimate context, and then, in many of the apps, hides its icon to hinder efforts to remove it. This is a purely malicious activity, as it has no other possible purpose other than eluding the user.   Dubbed ‘LightsOut’, the code hid itself in 22 different flashlight and utility apps, and reached a spread of between 1.5 million and 7.5 million downloads. Its purpose? To generate illegal ad revenue for its perpetrators at the expense of unsuspecting users.   The ...

Huawei Routers Exploited to Create New Botnet

 
A Zero-Day vulnerability in the Huawei home router HG532 has been discovered and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI which is an updated variant of Mirai. The suspected threat actor behind the attack is an amateur nicknamed ‘Nexus Zeta’. Introduction In the last 10 years, the number of connected devices has grown to over twenty billion, and, as the years go by, they get progressively smarter. However, whereas they score high on convenience, the latest discoveries from Check Point Research shows they still have a lot of homework to do to get their security score up ...

NSS Recommends Check Point for Advanced Threat Prevention

 
Check Point's NSS BPS Test Highlights: Lowest TCO per Mbps Highest security effectiveness with 100% block rate Results achieved via a single, consolidated gateway We are pleased to announce that Check Point achieved NSS Recommended in the recent NSS Labs Breach Prevention System (BPS) test. Using a single consolidated 15600 gateway, Check Point achieved the highest security effectiveness score and the lowest total cost of ownership (TCO). This was NSS Labs’ first test of advanced threat prevention products where the ability to prevent – rather than detect - attacks was tested, and provides independent validation of our assertion that done correctly, cyber-attacks ...

What Lies Ahead? Cyber-Security Predictions for 2018

 
Arnold H. Glasow famously quipped that “the trouble with the future is that it usually arrives before we’re ready for it.”  The past year certainly took us by surprise when the WannaCry and Petya ransomware outbreaks hit businesses globally, causing unprecedented disruption, while serious new vulnerabilities such as BlueBorne were discovered in almost every connected device in use.   While these large-scale attacks and vulnerabilities dominated news headlines, there were other significant cybersecurity trends developing behind the scenes which also have the potential to disrupt peoples’ daily lives.   These trends are the result of our increasing reliance on ...

November’s Most Wanted Malware: Return of Necurs Botnet Brings New Ransomware Threat

 
During the month of November, the Necurs botnet has returned to Check Point’s Global Threat Index’s top ten most prevalent malware. Check Point researchers found that hackers were using Necurs, considered to be the largest spam botnet in the world, to distribute the relatively new Scarab ransomware that was first seen in June 2017. The Necurs botnet started mass distribution of Scarab during the U.S. Thanksgiving holiday, sending over 12 million emails in a single morning. Necurs has previously been used to distribute some of the most insidious malware variants to hit business networks in the past 12 months, including the Locky and Globeimposter families. The re-emergence of the ...