Check Point Blog

Check Point to Uncover Certifi-gate, A New Android Threat, at Black Hat USA 2015

Check Point to Uncover A New Threat to Millions of Android Devices Seizing control of and stealing information from Android devices is nothing new for sophisticated hackers. But what if the vulnerabilities they depend on were being made available by those you trust most to protect your privacy and sensitive data? Join Check Point researchers…

Read More
Threat Research July 30, 2015

Current Wave of Ransomware

Today, ransomware like Cryptolocker is hitting organizations around the globe. At Check Point, we can help prevent these ransomware attacks through a multi-layered approach to security. The current round of ransomware is coming in through two different methods: via malicious ads and via phishing links in e-mail. A common thread amongst both these methods of…

Read More
Security Insights July 26, 2015

One Click Office Exploit – Introducing the Office Exploit Builder

A new threat called “office exploit builder” allows attackers to generate stealth MS Office files (Word & Excel formats) with macros to download and execute malicious code on a victim’s machine.   Cybercriminals are increasingly using this “office exploit builder” and similar exploit builders. As a launching pad for attacks, these methods have proven successful…

Read More
Threat Research July 21, 2015

SwiftKey Leaves Samsung Devices Susceptible to Cybercrime

A vulnerability in the SwiftKey virtual keyboard pre-installed on the Samsung Galaxy S4 Mini, S4, S5 and S6 could let hackers take complete control of these devices, researchers discovered recently. This is because the keyboard, which is designed to accept and install language updates via HTTP (and not HTTPS) fails to properly validate the file,…

Read More
Threat Research

Some Lessons from the Hacking Team Breach

Reactions to the breach at Hacking Team, as described in Steve Ragan’s recent blog post, have ranged from shock that a security company could be so deeply exposed to glee at these surveillance specialists getting a taste of their own medicine.   The data exposed in the breach, as well as the breach itself, are…

Read More
Security Insights July 16, 2015

Threat Alert: OPM Tools

EXECUTIVE SUMMARY -The breach in the U.S. Office of Personnel Management (OPM) had compromised the personal information of millions of Americans. -There were two attacks by suspected Chinese hackers on personnel data and applications for security clearances. -The massive data breach is now believed to have affected well over 10 million separate users. -This alert…

Read More
Security Insights July 13, 2015

Adware or APT – SnapPea Downloader – An Android Malware that implements 12 different exploits

On June 4th 2015, Check Point discovered multiple instances of a sophisticated mobile malware campaign. The malware was previously inaccurately categorized as part of simple Adware campaign rather than the relatively advanced threat it actually is. Subsequent research by our mobile security specialists has found that the campaign consists of a set of malicious applications…

Read More
Threat Research July 10, 2015

Check Point Threat Alert: Hacking Team

EXECUTIVE SUMMARY   Hacking Team is an Italian company that provides security services and tools to governments and law enforcement organizations.   The company experienced a data breach on Monday, July 6th, resulting in 400 GB of its documents being leaked.   Source code stolen from Hacking Team has revealed new zero day vulnerabilities in…

Read More
Threat Research July 9, 2015

Stopping the Next Massive Cyberattack: 5 Steps to Stronger Security

The aftershocks of the 2014 breaches are still reverberating across the security landscape, and many organizations are starting to examine their own security programs, wondering how they can avoid becoming the next big breach story. It’s possible to prevent and mitigate future attacks, but that can’t happen relying on technology alone. By recognizing secure operations…

Read More
Security Insights July 8, 2015

Who Really Controls Your Online Store?

Check Point researchers Avi Gimpel, Liad Mizrachi and Oded Vanunu recently discovered critical vulnerabilities in the osCommerce platform. These vulnerabilities can lead to a full system compromise, with an outside agent gaining control over the osCommerce administration panel and access to the data of the platform stores’ members and customers. These vulnerabilities affect over 260,000…

Read More
Threat Research July 7, 2015