Fifth Generation Phishing Kits Have Arrived

 
“Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime.” - Maimonides (1135-1204).   With online phishing kits being the all-in-one DIY fishing pack for those new to this illicit activity, low-tech scammers are taking Maimonides’ proverb to heart.   Phishing kits are built specifically for those with lower technical knowledge, and as such, provide the cyber-criminal with everything they need in order to carry out an attack. With the barrier now lower, more threat actors can get involved, allowing for more attacks and therefore more potential victims.   As part of a joint analysis, Check Point Researchers ...

Check Point’s 2018 Security Report

 
2017 was a pivotal year that surprised many in the IT security industry.   From the resurgence of destructive ransomware, IoT botnets, data breaches and mobile malware to full scale nation state attacks, it is clear that we are at an inflection point and transitioning to the next generation of the cyber-threat landscape.   In our 2018 Security Report, you will gain an understanding as to why the World Economic Forum recently placed cyber-attacks as one of the top three global risks for this year and beyond. As we enter the fifth generation of cyber security, the report highlights how threat actors are now effectively weaponizing malware as a way to cripple large institutions, ...

Kicking off RSA 2018: Check Point’s integration with CloudPassage

 
With RSA 2018 kicking off today in San Francisco, we’re excited to announce that the CloudPassage and Check Point integration will be showcased at our booth (N 3635). With dynamically-applied, finely-tuned sets of protection, this integration enables cloud security that meshes with the cloud’s agility and dynamism.   The same principles used to protect physical networks – concepts like the principle of least privilege and defense-in-depth, for example – also apply to protecting the cloud. But the cloud has a very important distinction from physical networks: the cloud is far more automated, and thus, our cloud security solutions need to evolve and “behave” more like ...

March’s Most Wanted Malware:  Cryptomining Malware That Works Even Outside the Web Browser on the Rise

 
Check Point’s latest Global Threat Index reveals that hackers are increasingly utilizing cryptomining malware that operates without an active web browser session   Check Point recently published its monthly Global Threat Index, revealing a surge of cryptomining malware attacks throughout March – specifically, an endpoint cryptomining malware known as the XMRig variant.   First seen in the wild in May 2017, XMRig entered Check Point’s top ten most wanted malware index (8th) for the first time during March 2018, after a 70% increase in global impact. By working on the end point device rather than the web browser itself, XMRig is able to mine the Monero cryptocurrency ...

Bracing for the next Atlanta: Preventing Cyber-Attacks on Major Cities

 
Two weeks ago, the city of Atlanta suffered a large scale cyber-attack.   All court dates had to be rescheduled, all city job applications had to be suspended until further notice, and some law enforcement officials reportedly had to write reports by hand. Six days after the attack, the city’s computer system was still down.   Detailed information of the attack isn’t yet fully available, but we do know that it was a variant of the SamSam ransomware that brought large parts of the city’s government to its knees.   "I just want to make the point that this is much bigger than a ransomware attack," said Keisha Lance, the mayor of Atlanta. "This is really ...

Google’s 2017 Android Security Report Shines Light on ExpensiveWall

 
Google recently published its 2017 security report for the Android ecosystem, a comprehensive overview of the constantly evolving mobile threat landscape, which indicates that Trojans, spyware, and hostile downloaders account for a large portion of mobile threats today. Among the eight notable Android malware campaigns cited by Google in the report was ExpensiveWall, a malware discovered by Check Point mobile threat researchers and written about in this space in September 2017.   Google notes the technical sophistication of ExpensiveWall, and that unlike the other malware highlighted in the report, the outbreak was concentrated primarily in Europe. ExpensiveWall spread through ...

Preventing crypto-mining attacks: four key steps that’ll keep you safe

 
  We recently published an overview of the rapid rise in mining attacks, how these attacks work, and their impact on businesses around the world.   The rise of in cryptocurrency values has incentivized hackers to exploit the CPU power of their victims in order for crypto-mining operations. Our research shows that these cryptojacking attacks have reached epidemic proportions.     In our previous post we reviewed how current plague of mining attack is impacting businesses across the globe in three key ways:   Consumption of precious server resources Reduced user productivity Negative impact on company reputation and customer ...

SandBlast Mobile delivers new Orange Mobile Threat Protection service

 
Mobile devices are critical to every organization’s digital transformation initiative. But for hackers set on stealing sensitive business data, mobile devices are the new back door to the enterprise network.   In fact, 20% of all businesses have been breached and an even larger number has no idea whether they’ve experienced a mobile attack, according to a recent survey conducted by Dimensional Research.   To combat these burgeoning mobile attacks, Orange Cyberdefense, a division of the Orange Group focused on cybersecurity, and Check Point have partnered to secure enterprise mobile devices with a new Orange service called Mobile Threat Protection.   By ...

How Can Your Business Score Touchdowns Without An Offensive Line?

 
What the Philadelphia Eagles Can Teach Us About Cyber-Security   Imagine your founding CTO resigning … right before your company’s biggest annual conference. How do you adapt, maintain momentum, and bring home wins?   The Philadelphia Eagles experienced the American football version of this nightmare scenario when their star quarterback, Carson Wentz, tore his knee ligaments a few weeks before the NFL playoffs. Before his injury, the betting markets had the Eagles as front-runners, with 6-to-1 odds to win the championship. The week after, their odds tumbled down to 9-to-1.   This weekend, 110 million people in the United States will celebrate one of the ...

Growing a Global Company: Recapping Gil Shwed’s Interviews with Forbes and Inc

 
If you ask any Check Point researcher or engineer for one word that describes what Check Point does best, you’ll get a wide range of answers -- anything from “cybersecurity” to “cyber-security” to the rebels that’ll say “cyber security”.   But if you ask the press, you’ll get a very different answer. Growth.   Over the past week, Inc and Forbes sat down with our CEO, Gil Shwed, and asked him about his journey as an entrepreneur. They wondered - why would a founder stay with a company for so many years… why not cash out early, like most founders do? Gil talks about ingredients to Check Point’s success and his own personal insights from running one ...