Check Point Blog

SandBlast Protects Customers from Widespread Cerber Ransomware Attack

Starting at 6:44am UTC on June 22nd, Avanan, a partner of Check Point, detected a large-scale ransomware attack against its Cloud Security Platform customers across multiple companies. We believe this attack was only detected by SandBlast – Check Point’s Zero Day Protection solution. The attack included a very nasty ransomware called Cerber, which spreads through phishing…

Read More
Threat Research June 29, 2016

The Malware-as-a-Service Industry

Several recent developments have brought the malware infrastructure-as-a-service industry into the spotlight, reminding everyone how prominent it is in the cybercrime arena. The infrastructures that create malware exploit kits are so immense that the global threat landscape can be completely altered when one of them is downed. According to Kafeine, a leading exploit kit researcher,…

Read More
Threat Research June 27, 2016

Effective Security Management in a Software Defined World

Software defined infrastructure (SDx) along with use of private and public clouds completely transforms the way IT departments manage enterprise data centers and workloads. Automation is a key component of software defined networking (SDN), bringing network, server, security management and other IT functions or teams together. In the past when organizations deployed new applications, the application…

Read More
Security Insights June 24, 2016

The Infamous Nuclear Exploit Kit Shuts Down

In a seeming response to the recent Check Point investigative report, the Nuclear Exploit Kit shut down its entire infrastructure and ceased operation. Background The Nuclear Exploit Kit, one of the largest attack infrastructures observed in the wild today, was recently the subject of a thorough investigation conducted by the Check Point Threat Intelligence and…

Read More
Threat Research June 23, 2016

Intel Spot On with CET

Intel has recently published a specification for a new technology meant to detect and block malware at the processor level. The technology, developed with the help of Microsoft, is called Control-flow Enforcement Technology (CET), and its main purpose is to prevent any attempt to use Return-Oriented Programming (ROP) or Jump-Oriented Programming (JOP) for exploits. This…

Read More
Uncategorized June 22, 2016

Top 10 Most Wanted Malware

Today Check Point published its Threat Index for May, revealing the number of active global malware families increased by 15 percent. Last month Check Point detected 2,300 unique and active malware families attacking business networks. It was the second month running Check Point observed an increase in the number of unique malware families, having previously…

Read More
Threat Research June 21, 2016

Cerber Ransomware Targets U.S., Turkey and the UK in Two Waves

New ransomware families appear on a regular basis, each with a different method of operation. The Cerber ransomware, which has a sophisticated implementation process, uses a very interesting tactic in its attacks. It operates in surges with relatively low activity in between them. We have detected two such spikes in Cerber’s activity, the first in…

Read More
Threat Research June 20, 2016

Tales from the Trenches: Modern Malware Requires Modern Investigation Techniques

The Check Point Incidence Response team was called in to assist a company who suffered a severe breach in their network, which was not previously protected by Check Point’s advanced protections. The team began to investigate and was extremely impressed by the malware’s tactics and sophisticated evasion techniques. The malware’s evasive nature required the team…

Read More
Threat Research June 17, 2016

In The Wild: Mobile Malware Implements New Features

Malware developers just won’t stand still. They continue developing malware as they go, sometimes to adapt to the changing threat landscape, and sometimes simply to improve their capabilities. Recently, two examples of such advancements presented themselves, one in Triada’s code and one in Viking Horde’s. Triada’s Trident is Getting Stronger As if the original malware…

Read More
Security Insights

Trust No One – A Cyberworld Survival Guide

Cybercriminals are professional scammers; their specialty is tricking users into helping them achieve their malicious goals. Attackers use many different tactics, including spam, phishing emails, and fake ads. In each case, the unsuspecting user plays an active role in his own victimization when he clicks a link or opens an attachment. Recently, an unconventional campaign…

Read More
Threat Research June 15, 2016