Check Point Blog

Closing the Malware Gap: The Rise of Threat Extraction

Attackers most commonly enter organizations through everyday means such as an emailed file. While these documents look innocuous, they can easily contain malicious content delivered in the form of macros, embedded Java script and even external website links. This kind of infection happens more frequently than you’d think. According to Check Point’s 2015 Security Report,…

Read More
Security Insights September 22, 2015

Check Point and AirWatch Partner to Secure the Future of the Mobile Enterprise

As cyberthreats become more sophisticated, it’s important to have a comprehensive mobile security strategy that ties into your broader security infrastructure. That strategy should include solutions that are easy to deploy, simple to manage, and transparent to the end user in order to achieve greater success and to maximize security. To help customers achieve that…

Read More
Security Insights

XCodeGhost: The First Wide-Scale Attack on iOS Apps Arrives

XcodeGhost is a compromised version of the iOS developer platform, Xcode. This unofficial version of Xcode was altered so that it injects malicious code into any app that was developed and compiled using it. How can an attacker use XcodeGhost? Infected apps are capable of receiving commands from the attacker through the server to perform…

Read More
Threat Research September 21, 2015

BrainTest – A New Level of Sophistication in Mobile Malware

Check Point Mobile Threat Prevention has detected two instances of a mobile malware variant infecting multiple devices within the Check Point customer base. The malware, packaged within an Android game app called BrainTest, had been published to Google Play twice. Each instance had between 100,000 and 500,000 downloads according to Google Play statistics, reaching an…

Read More
Threat Research

Finding Vulnerabilities in Core WordPress: A Bug Hunter’s Trilogy, Part III – Ultimatum

In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only ‘Subscriber’ user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS attacks on…

Read More
Threat Research September 15, 2015

The Problem with Traditional Sandboxing

Hackers have come to recognize and understand the usual methods of threat prevention, like antivirus, anti-bot and firewalls. While these are essential elements in a comprehensive security program, today’s advanced hackers use their knowledge and insight to design malware and attacks capable of evading detection by these traditional methods. According to the Check Point 2015…

Read More
Security Insights September 14, 2015

Check Point IPS Protects Against Zero-Day Vulnerability in FireEye Appliances

On September 6th, researcher Kristian Erik Hermansen publically disclosed a zero-day vulnerability in FireEye appliances. This vulnerability impacts customers running HX 2.1.x and DMZ 2.1.x versions of the FireEye HX endpoint security platform, and appears to be concentrated in a PHP script on the appliance itself. If exploited, this vulnerability could lead to unauthorized remote…

Read More
Security Insights September 10, 2015

Analysis of the Sality Gambling Campaign

Check Point has a wide and global install base, from which we receive anonymized logs of millions of security incidents per day. At the end of July, one of our anomaly detection algorithms found the following domains in logs from approximately 15% of our sensors in Vietnam:   All four of…

Read More
Threat Research

The Sandbox Evolved: An Advanced Solution to Defeat the Unknown

The modern threat landscape is one of constant evolution. Everything is changing before our eyes – the types of security threats we face, and especially the methods cybercriminals use to infiltrate networks and confiscate data. These new, ever-changing threats have become very complex, bringing new risks and uncertainties. Typically, signature-based protection like antivirus (AV) and…

Read More
Security Insights September 9, 2015

WhatsApp “MaliciousCard” Vulnerabilities Allowed Attackers to Compromise Hundreds of Millions of WhatsApp Users

Introduction WhatsApp Web is a web-based extension of the WhatsApp application on your phone. The web application mirrors all messages sent and received, and fully synchronize your phone and your desktop computer so that users can see all messages on both devices. WhatsApp Web is available for most WhatsApp supported platforms, including Android, iPhone (iOS), Windows Phone…

Read More
Threat Research September 8, 2015