Check Point Blog

Wipe Leaves Crumbs, Android App Tampering, SMS iPhone Crash – Mobile Security Weekly

Both iOS and Android had several problematic issues this week, making it clear (once again!) that device vendors are failing millions of users from a security perspective. We also reiterate the fact that there are many different areas of “the mobile ecosphere” that can be the source of major security issues.   Factory Reset Leaves…

Read More
Threat Research May 29, 2015

CapTipper – Malicious HTTP Traffic Explorer

The Problem   In recent years, the Internet has experienced a large number of “drive-by” attacks, mostly by exploit kits. Exploit kits are a type of malicious toolkit which exploit security holes, such as insecure or outdated software applications, for the purpose of spreading malware. When a victim visits a website whose server has been…

Read More
Threat Research May 27, 2015

Stopping the Next Massive Cyberattack – Step 2: Segmentation

When it comes to cybersecurity, conducting a thorough assessment of your current environment to identify potential weaknesses in your security network is only the first step toward a stronger security infrastructure. The next step is to segment the network. Segmentation is the process of separating a network into multiple sections, or segments, to better protect information…

Read More
Security Insights May 22, 2015

Check Point Threat Alert: Logjam

Executive Summary A major flaw was discovered with SSL and was named “Logjam”. The flaw affects a number of fundamental web protocols. 8.4% of the Top 1 Million domains were initially vulnerable. SK106147 – Check Point Response to Logjam Vulnerability.   DESCRIPTION The vulnerability affects an algorithm called the “Diffie-Hellman key exchange” which allows protocols…

Read More
Threat Research May 20, 2015

Storm Kit – Changing the rules of the DDoS attack

Background Distributed denial of service (DDoS) is one of the most commonly used cybercriminal methods. It’s easy, cheap and difficult to trace, and “service providers” can be found throughout the “dark” Web. As a result, the impact on e-commerce and other online business can be tremendous. According to a recent survey by Neustar, a DDoS…

Read More
Threat Research

Analysis of the Havij SQL Injection tool

Havij, an automatic SQL Injection tool, is distributed by ITSecTeam, an Iranian security company. The name Havij means “carrot”, which is the tool’s icon. The tool is designed with a user-friendly GUI that makes it easy for an operator to retrieve the desired data. Such ease of use may be the reason behind the transition…

Read More
Threat Research May 14, 2015

The 1st Step to Stopping the Next Massive Cyberattack: Assess

Given the ever-increasing sophistication of cybercrime methods, organizations must employ advanced assessment tools and practices to reduce or eliminate security gaps. The first step to a successful security posture is to know what your current security network looks like. It’s hard to strengthen a security foundation when you don’t know where the weaknesses are.  …

Read More
Security Insights May 12, 2015

The Microsoft Help File (.chm) May Enslave You

 “Microsoft Compiled HTML Help” is a Microsoft proprietary online help format that consists of a collection of HTML pages, indexing and other navigation tools. These files are compressed and deployed in a binary format with an extension of .CHM (compiled HTML).   Check Point researcher Liad Mizrachi has conducted research showing that .chm files can…

Read More
Threat Research