Check Point Blog

Sort blog posts by:  

August’s Most Wanted Malware: Banking Trojans and Ransomware That Want Your Money

 
Check Point’s latest Global Threat Index has revealed that banking trojans were extensively used by cyber-criminals during August with three main variants appearing in the top 10. The Zeus, Ramnit and Trickbot banking trojans all appeared in the top ten. The Trojans work by identifying when the victim is visiting a banking website, and then utilizes keylogging or webinjects to harvest basic login credentials or more sensitive information such as PIN numbers. Another popular method used by tojans is re-directing victims to fake banking websites, designed to mimic legitimate ones and steal credentials that way. The Index also revealed that Globe Imposter, a ransomware disguised as a ...

Does your mobile anti-virus app protect or infect you? The truth behind DU Antivirus Security

 
With mobile attacks representing nearly 20% of all cyberattacks in the Americas during the first half of 2017, users are constantly warned to be aware of security risks affecting their data and privacy, and install security software to protect their device. But what happens when antivirus solutions can’t be trusted, and actually compromise users’ privacy? Check Point mobile threat researchers recently discovered a free mobile anti-virus app developed by the DU group, a developer of Android apps, which collects user data without the device owners’ consent. The app, called DU Antivirus Security, was distributed over Google Play, Google’s official app store, and downloaded between ...

Highlights from CEO Gil Shwed’s Quora session

 
This week, our founder and CEO Gil Shwed participated in a fascinating Q&A session on Quora. He answered the Quora community’s top questions on cyber security, mobile security and innovation. Here are our editor’s pick highlights from his session. What will the field of cybersecurity look like in the next 10 years? In the coming 10 years, nation sponsored organizations will continue to develop cyber-attack technologies for defense and offense; financially driven criminal groups will continue to seek ways to monetize cyber-attacks; hacktivists will continue to use cyber to convey their messages; terrorist groups will also shift to cyber space; and finally – people with no ...

ExpensiveWall: A dangerous ‘packed’ malware on Google Play that will hit your wallet

 
Check Point’s mobile threat research team identified a new variant of an Android malware that sends fraudulent premium SMS messages and charges users’ accounts for fake services without their knowledge. According to Google Play data, the malware infected at least 50 apps and was downloaded between 1 million and 4.2 million times before the affected apps were removed. The new strain of malware is dubbed "ExpensiveWall," after one of the apps it uses to infect devices, "Lovely Wallpaper." ExpensiveWall is a new variant of a malware found earlier this year on Google Play. The entire malware family has now been downloaded between 5.9 million and 21.1 million times. What makes ...

BlueBorne: A New Set of Bluetooth Vulnerabilities Endangering Every Connected Device

 
The IoT cybersecurity firm, Armis, has revealed eight vulnerabilities in the implementation of Bluetooth in several operating systems, including Android, Windows, Linux, and iOS, successful exploitation of which could allow hackers to take complete control of a device. Indeed, these are the most severe vulnerabilities found in Bluetooth in recent years and are worrying due to their ability to be spread over an air interface. They have been termed ‘The BlueBorne Vulnerabilities’. Airborne attacks on mobile devices date back to the Cabir worm, an attack that presented the first proof of concept of a Bluetooth malware that was spread fast and wide, and even penetrated enclosed ...

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions

 
With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought is being invested in devising an appropriate information security strategy to combat these breaches and providing the best solutions possible. We have recently found a new and alarming method that allows any known malware to bypass even the most common security solutions, such as next generation anti-viruses, inspection tools, and anti-ransomware. This technique, dubbed Bashware, leverages a new Windows 10 feature called Subsystem for Linux (WSL), which recently ...

Would you Rather be Reactive or Proactive?

 
In today's world, an organization’s cyber security system must always be operating at full force. What seemed to be “good enough solutions” before are simply not enough. Still, organizations choose to handle technical issues after the fact, providing remediation after the damage has already been done. Instead of waiting for the next attack to occur, we can take action. Check Point PRO support proactively monitors your security management and gateways, providing a report on the organizations overall security, diagnostics and actionable insights. With automatic ticket creation and escalation, alert fatigue will no longer be an issue. Businesses can take comfort in knowing that a ...

Layered protection is a must. Here’s why.

 
Cyber attacks are advancing in their sophistication. Take WannaCry – once it makes a single entry, its ability to spread throughout the organization and evade protection layers infected hundreds of thousands of computers. These advances make it clear that there’s no singular point solution that can act as a “magic bullet”. Companies have been approaching their security reactively: incidents or trends push them to test and buy a single point solution for one, specific gap at a time, resulting in a collection of point solutions without an equal increase in protection. Most attacks use this lack of integration to their advantage, attacking multiple stages to defeat a disjointed ...

July’s Most Wanted Malware: RoughTed and Fireball Decrease, But Stay Most Prevalent

 
Check Point’s latest Global Threat Impact Index reveals that that the number of organizations impacted globally by the RoughTed malvertising campaign fell by over a third during July, from 28% to 18%. RoughTed is a large-scale malvertising campaign used to deliver malicious websites and payloads such as scams, adware, exploit kits and ransomware. Despite its drop-off, RoughTed remained the most prevalent form of malware during July. Second was HackerDefender, a user-mode rootkit for Windows, which affected 5% of companies. The Index also revealed a sharp decline in the prevalence of Fireball, which dropped to third place in the rankings. In July, it impacted 4.5% or organizations, ...

Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

 
The popular business social network LinkedIn has accumulated over 500 million members across 200 countries worldwide. Whether you’re a manager seeking to expand your team or a graduate on the job hunt, LinkedIn is the go-to place to expand your professional network. As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals utilize the site to seek out trustworthy business connections and job opportunities. The most used feature on the site is the messenger platform. It enables users to easily send resumes, transfer academic research and share job descriptions. Users open messages under the assumption that the information is safe, secure ...