Check Point Blog

Stopping the Next Massive Cyberattack – Step 5: Incident Response Plans

The Do’s and Don’ts of a Strong Incident Response Plan Check Point’s 2015 Security Report revealed that 81% of organizations said they experienced a data loss incident in the previous year. If there’s one conclusion we can draw from that, it’s that preparing a strong incident response (IR) plan is more critical than ever.  …

Read More
Security Insights June 30, 2015

Microsoft Word Intruder RTF Sample Analysis

  Background Check Point researchers obtained a sample of a malicious Word document that was used in an attack attempt against one of our customers. The sample itself is a Rich Text Format (RTF) file with a .DOC extension. Recently, there has been a resurgence of the trend to use malicious macro code inside office documents. However,…

Read More
Threat Research June 26, 2015

Zero-Day Flaw Victimizes Apple iOS and OSX Apps

Researchers this week disclosed zero-day flaws in Apple’s iOS and OSX operating systems that allowed them to raid password keychains, crack secure containers, and circumvent Apple App Store security checks. The group of six researchers from Indiana University, Peking University and Georgia Institute of Technology claims that almost 90% of the over 1,600 OSX apps…

Read More
Threat Research June 19, 2015

Stopping the Next Massive Cyberattack – Step 4: Monitor

With the rise of cyber threats, ensuring your organization is protected against malicious attacks requires constant awareness and visibility into the network’s security infrastructure. Monitoring network activity is essential to strengthening an organization’s defense against cyberattacks, as it will allow the administrator to observe network and security performance while detecting any problems or failures that…

Read More
Security Insights June 18, 2015

Check Point 2015 Security Report Paints a Picture of the Threat Landscape—And it’s Not Pretty

This month, Check Point released its annual security report—a trove of statistics and trends culled from collaborative research and in-depth analysis of more than 300,000 hours of monitored network traffic, from more than 16,000 Threat Prevention gateways and one million smartphones. The bottom line, to state the obvious: Things are getting worse out there. Hackers…

Read More
Security Insights June 16, 2015

Critical Infrastructure is at Risk!

Almost all of today’s modern conveniences, such as electricity, transportation, water systems, and manufactured products, are managed by industrial control systems (ICS). Many of these systems are considered to be critical infrastructure and operate as the backbone of a nation’s economy, security and health. An attack on these systems and networks has the potential to…

Read More
Security Insights June 10, 2015

New Data: Volatile Cedar Malware Campaign

      At the end of March, we published a blog post and a whitepaper about a cyber-espionage campaign dubbed “Volatile Cedar.” This campaign has successfully penetrated targets world-wide, using a variety of attack techniques, in particular, a custom-made malware implant codenamed Explosive.   Let’s recap what we know:   The Campaign: The Volatile…

Read More
Threat Research June 9, 2015

Stopping the Next Massive Cyberattack – Step 3: Implement Security Controls

After assessing network strengths and weaknesses and building a properly segmented network, the next step to stronger security is to implement security controls. Cybercriminals are using sophisticated methods to attack specific targets and steal valuable information. The only defense against these attacks is an equally advanced security system where multiple layers work together to identify,…

Read More
Security Insights June 3, 2015

New Vulnerabilities Discovered In WordPress

Not Just Another Broken Link…   Introduction     Check Point researcher Dikla Barda recently discovered critical vulnerabilities in two widely used WordPress plugins: the Broken Link Checker and the Download Manager. These vulnerabilities allow: Access to private data by unauthenticated users via Path Traversal. Execution of malicious code and theft of user sessions via a…

Read More
Threat Research June 2, 2015

“Troldesh” – New Ransomware from Russia

Overview   “Troldesh”, aka Encoder.858 or Shade, is a Trojan and a crypto-ransomware variant created in Russia and spread all over the world.   Troldesh is based on so-called encryptors that encrypt all of the user’s personal data and extort money to decrypt the files. Troldesh encrypts a user’s files with an “.xtbl” extension. Troldesh…

Read More
Threat Research June 1, 2015