Check Point Blog

Check Point Threat Alert: Web Shells

Web shells can be used to obtain unauthorized access and can lead to wider network compromise. Consistent use of web shells by Advanced Persistent Threat (APT) and criminal groups has led to a significant number of cyber incidents. This alert describes the frequent use of web shells as an exploitation vector and Check Point’s IPS…

Read More
Threat Research November 19, 2015

CyberDay 2015 Recap: A Day of Ideas and Insights

CyberDay 2015 Recap: A Day of Ideas and Insights When CSO and Check Point partnered up to create a security thought leadership event for c-level executives, we had high hopes. Yesterday, November 18, those hopes were exceeded as about 200 people gathered in New York City. The purpose: to help today’s security leaders share the…

Read More
Security Insights

In The Wild: Mobile Security Observations from the Check Point Research Team

As security researchers, we see worrisome vulnerabilities on both iOS and Android every day. Cybercriminals know that smartphones and tablets hold massive amounts of data, so they’re using creative techniques to hack into mobile devices and access sensitive information. In fact, two of the more interesting areas where we’ve seen some threat activity over the…

Read More
Security Insights November 13, 2015

Vulnerabilities Continue to Put Mobile Devices at Risk

Smartphones and tablets have become the most important possessions we carry every day, and everyone should be able to take advantage of the benefits these devices bring without worrying about cybercrime. The convenience and versatility of mobility has also led more organizations to allow employees to use their own devices at work. In fact, according…

Read More
Security Insights November 11, 2015

Advanced Security For The SDDC That’s Really Advanced

Data center virtualization has come a long way – from concept to a reality in a few short years. The latest evolution, virtualizing the network, lets data center operators treat the underlying infrastructure as a pool of resources – compute, storage and network capacity – that can be called upon to dynamically bring up new…

Read More
Security Insights November 10, 2015

Rocket Kitten: A Campaign With 9 Lives

The customized malware and creative phishing techniques of cyber-espionage groups prove that there is a recurring industry problem. Cyber criminals can evade detection by making minimal changes to bypass most current protection solutions. Since early 2014, the attacker group dubbed ‘Rocket Kitten’ has been actively targeting organizations through malware infections and spear phishing campaigns. After…

Read More
Threat Research November 9, 2015

Why it’s a Smart Idea to Use Threat Intelligence

When It Comes to Security, Do You Have ‘Evidence-Based Knowledge’? Recently, I participated in an interesting Twitter chat. One of the questions posed: What keeps you up at night? The responses varied, but the one common thread was that malware is constantly evolving, making things scarily unpredictable. It’s the reason why intelligence is key to…

Read More
Security Insights November 6, 2015

Check Point Discovers Critical vBulletin 0-Day

vBulletin is a commercial forum and blog platform developed by vBulletin Solutions, Inc. It was created over 10 years ago and is written in PHP. It is the world’s most popular forum platform, powering ~78% out of the forums in the top 100K web-sites. Currently there are estimated to be over 40,000 live sites using…

Read More
Threat Research November 5, 2015

“Offline” Ransomware Encrypts Your Data without C&C Communication

Early in September, Check Point obtained a sample of a ransomware. When the sample was run, the following message, written in Russian, appeared:   Translation: “Your files are encrypted, if you wish to retrieve them, send 1 encrypted file to the following mail address: ATTENTION!!! You have 1 week to mail me, after which…

Read More
Threat Research November 4, 2015

Phishing for Employees in Russia

During the period August 27-30, 2015, Check Point sensors recorded a large amount of logs generated by the IPS protection “PHP Print Remote Shell Command Execution.” This was an interesting anomaly, as we do not usually see high volume of logs from this protection. We started investigating the logs received from all sources, and noticed…

Read More
Threat Research November 3, 2015