Boleto: The Perfect ‘Inside Job’ Banking Malware

 
The Brazilian cyberspace is known to be a whole ecosystem of its own and, although the banking malware that originates there has traditionally been somewhat basic, recent trends have indicated new and more refined tools for attack. Subsequently, what originally started in Brazil may well be about to spread to users of online banking worldwide. In May 2017, researchers at Talos analyzed a banking Trojan that was delivered in Portuguese via a spam campaign, a common delivery method for such malware. Upon opening the email attachment, victims would be redirected to a JAR file which executes a malicious JAVA code to initiate the malware installation process. Until now, the deeper inner ...

Baby, who can drive my car?

 
This is the third post in our IoT blog series. Read the first post about IoT in healthcare and the second post about smart cities here. Driverless cars have long been a feature in science fiction – and over the past few years, they’ve become a reality, with the major motor manufacturers developing and showcasing autonomous vehicles, with the vision of making road travel cleaner, more efficient and safer. While we have yet to see the truly driverless car on public roads, the cars that most of us drive every day are already far more intelligent and connected than we may realize.  And that connectivity can present a significant cybersecurity risk. A typical new car today is ...

KRACK Attack: How Secure is Your Wi-fi Connection?

 
A cybersecurity researcher of KU Leuven in Belgium, Mathy Vanhoef, has revealed a flaw in Wi-Fi’s WPA2’s cryptographic protocols. The discovery is alarming as the WPA2 protocol, the most common and secure Wi-Fi access protocol since 2004, is trusted by all for keeping Wi-Fi connections safe. The attack, known as a ‘KRACK Attack’ (Key Reinstallation Attack) works by allowing the attacker to decrypt a user’s data without needing to crack or know the actual Wi-Fi network’s password. The attacker does this by decrypting the secure Wi-Fi connection and turning it into an unencrypted, and hence unsecure, HotSpot. For this reason, merely changing the Wi-Fi network password will not ...

September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

 
Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky has not appeared in our Global Threat Impact Index, which reports on the top ten most prevalent malware attacks globally every month, since November 2016. However, attacks in September were powered by the hefty Necurs botnet, which in itself was ranked at number ten in the table. These attacks shot Locky up 25 places overall, to sit just behind the Roughted malvertising campaign in pole position. Locky’s distribution began in February 2016, and it rapidly became one of ...

Check Point IoT Blog Series: Smart Cities Need Smart Security

 
The second in our Check Point IoT series, read our first post about securing IoT devices in healthcare here.  The smart city is sparking the imagination of planners, developers, governments, businesses and citizens all over the world. Smart cities combine pervasive web connectivity, smart IoT devices, artificial intelligence and machine learning. They collect and analyze, in real-time, multiple forms of data in order to create an interconnected fabric of devices that drive efficiencies across services critical to the city’s infrastructure such as utilities, transport, healthcare and emergency services. We’ve already seen smart cities improving citizens’ lives while realizing ...

Check Point IoT Blog Series: First, Do No Harm. Securing Healthcare IoT Devices

 
"When a hacker takes control of all networked medical devices at a hospital in Dallas and threatens to kill one patient every hour if his demands are not met, the Cyber team must find the source and figure out how they accessed an airtight security system." That’s the plot summary of an episode of crime drama CSI: Cyber, which was broadcast in late 2015. The episode proved to be prescient by predicting two attack trends that have emerged over the past 18 months. The first is targeting of hospitals by cybercriminals: in 2016, at least 14 hospitals were attacked with ransomware. A Los Angeles hospital reportedly paid $17,000 to regain access to medical records showing treatment history, ...

Check Point vSEC for Azure Stack seamlessly secures the hybrid-cloud

 
Using the hybrid cloud is much like streaming a movie on a home theater system. Pulling the film from the cloud to your big screen TV, the home theater experience marries the benefits of the public cloud with the comfort of not having to leave the house and overpay for popcorn. The hybrid cloud, with the public cloud benefits such as agility, elasticity, and on-demand computing, allows organizations to have complete control over their data, deploying the services to best meet their unique business, technical, and regulatory requirements.  And one of the best ways for organizations to deploy hybrid cloud is with Microsoft Azure Stack. Microsoft released Azure Stack in order to push the ...

It’s time for Microsoft Ignite 2017!

 
Microsoft Ignite 2017 (#Ignite2017) is finally here, and Check Point is delighted to be a Gold Sponsor for this year’s conference. We’ve got a great show planned! If you are in the Orlando area and planning on attending, we invite you to come spend some time with us. Our cloud and mobile security experts are excited to meet with you to discuss how we’re seamlessly extending our advanced security protections to safeguard our digital way of life through our longtime collaboration and partnership with Microsoft. Be sure to stop by our booth – #807 – on the show floor. We will have experts on hand to dive deep into our vSEC cloud security solution for Microsoft Azure and Azure ...

August’s Most Wanted Malware: Banking Trojans and Ransomware That Want Your Money

 
Check Point’s latest Global Threat Index has revealed that banking trojans were extensively used by cyber-criminals during August with three main variants appearing in the top 10. The Zeus, Ramnit and Trickbot banking trojans all appeared in the top ten. The Trojans work by identifying when the victim is visiting a banking website, and then utilizes keylogging or webinjects to harvest basic login credentials or more sensitive information such as PIN numbers. Another popular method used by tojans is re-directing victims to fake banking websites, designed to mimic legitimate ones and steal credentials that way. The Index also revealed that Globe Imposter, a ransomware disguised as a ...

Does your mobile anti-virus app protect or infect you? The truth behind DU Antivirus Security

 
With mobile attacks representing nearly 20% of all cyberattacks in the Americas during the first half of 2017, users are constantly warned to be aware of security risks affecting their data and privacy, and install security software to protect their device. But what happens when antivirus solutions can’t be trusted, and actually compromise users’ privacy? Check Point mobile threat researchers recently discovered a free mobile anti-virus app developed by the DU group, a developer of Android apps, which collects user data without the device owners’ consent. The app, called DU Antivirus Security, was distributed over Google Play, Google’s official app store, and downloaded between ...