Check Point Blog

iOS Crowned Insecure, Google Gets to Work, Budget Tablets Dangerous – Mobile Security Weekly

Is Software Defined Protection the New Software Defined Networking?

Software Defined Networking (SDN) is the latest buzz term to take over the networking world – and is not to be overlooked. With the goal of automating network infrastructure functions that used to be fixed or manual, the aim is to take complex configuration tasks and make them programmable. When implemented correctly, it should make…

Angler Exploit Kit – Blocking Attacks Even Before Zero Day

The Story Blocking attempts to use exploit kits (EK) against our customers is one of Check Point’s main targets in IPS. Thus, our Intelligence Teams follow closely the trends in this world. On late December, we noticed hype around a specific EK, namely, Angler EK, and decided to give high priority to writing an IPS…

Malware Analysis 101

Introduction A common misconception about malware is the great difficulty of performing malware analysis and the technical requirements involved. When many technical users are faced with a malware infection and asked to analyze it, they may think, “Hey, I’ve heard about this kind of malware. I’ve even read some malware reports, and they sound really…

Malware Analysis – CTB-Locker

Executive Summary CTB (Curve-Tor-Bitcoin) Locker is a crypto-ransomware variant. It is based on advanced algorithms which are used in different combinations, making CTB-Locker significantly more difficult to detect and neutralize. CTB-Locker (aka Critroni or Onion) is based on a so-called encryptor, which encrypts all of a user’s personal data and extorts payment to decrypt the…

Targeted Attacks on Enterprise Mobile Exposed in New Threat Research

New Android Trojans, Gremlins Inside Play, iPhone’s Safe and Sound – Mobile Security Weekly

Anthem Breach: a Slow and Silent Attack

The attack on Anthem, the second-largest health insurer in the U.S., which exposed identifiable personal data of tens of millions of people, was probably not a smash-and-grab raid but instead a sustained, low-key siphoning of information over a period of months.  The breach was designed to stay below the radar of the company’s IT and…

Demystifying iOS Enterprise Certificates

iOS Attacked (Again), Play’s Got Adware, Outlook Has Security Flaws – Mobile Security Weekly