Cyber Attack Trends: Mid-Year Report

 
2017 has proved to be a lucrative year for cybercrime. Prominent malware and attack methods continue to evolve, creatively bypassing existing security solutions.  In 2016, we witnessed sophisticated new malware emerging on a regular basis, exposing new capabilities, distribution methods, and attack services offered for sale through multiple platforms. 2017 is shedding light on a new trend – simple, yet highly effective malware families are causing rapid destruction globally. So far, in 2017 cyber attacks are occurring at a higher frequency than previous years. Recent infiltrations have demonstrated the agility, scale and persistence of an attack that criminals are capable of ...

ZoneAlarm Anti-Ransomware Earns “Editor’s Choice” from PC magazine

 
A recent review in PC magazine by Lead Analyst, Neil J. Rubenking approaches one of cyber security’s latest growing concerns, ransomware. Various comparison tests of anti-ransomware products were conducted while specifically focusing on Check Point’s consumer anti-ransomware product, ZoneAlarm. ZoneAlarm by Check Point is based on the same technology of its enterprise grade product, SandBlast Anti- Ransomware. I was very pleased to read that Rubenking took ZoneAlarm for a test drive in a real-life ransomware simulation. Rubenking’s simulation demonstrated ZoneAlarm’s capabilities to defeat each threat in a very easy-to-use, intuitive mode.  ZoneAlarm leaves zero traces of any ...

“The Next WannaCry” Vulnerability is Here – Let’s Stop it before it’s too Late

 
This Tuesday, Microsoft released a security patch including 48 fixes, 25 of which are defined as “critical”. While Microsoft updates happen every month, this one reveals an especially dangerous vulnerability – CVE-2017-8620. Behind this dull name hides a severe flaw affecting all current versions of Windows, which enables attackers to spread a contagious attack between computers in the network. It is not very often that such a volatile vulnerability, providing hackers with full control over entire networks, is discovered. The last time such a vulnerability was disclosed was in March 2017, when another Microsoft security patch fixed the “EternalBlue” exploit. Two months after ...

CSO Gives SandBlast Mobile a Rave Review

 
I was delighted to read David Strom’s extremely favorable product review of Check Point SandBlast Mobile in CSO magazine a few weeks ago. Strom really puts SandBlast Mobile through the paces in the review, and in the process provides security and IT leaders facing the challenge of securing mobility in their organizations with a great deal of insight. In short, Strom found SandBlast Mobile to be a comprehensive yet easy to manage mobile threat defense solution, which is worth the cost to protect against a wide range of attack vectors. The review clearly demonstrates that it’s possible to easily deploy the most advanced security solution, without impacting performance or the overall ...

Are You Prepared for the Next Attack?

 
A WAKE-UP CALL From WannaCry and Petya to the most recent attacks today, #LeakTheAnalyst and HBO—it is now apparent that anyone or any organization is a target for cyber criminals. Attacks continue to grow at an alarming rate – in volume, sophistication and impact. As of May 2017, Check Point products are detecting over 17 million attacks each week, more than half of these attacks include payloads which are unknown at the time of detection and cannot be detected by conventional signature-based technology. These attacks serve as a wake-up call, illustrating how fragile and vulnerable organizations have become in recent years. In response to the many recent outbreaks, organizations ...

Re-Thinking the Cyber Consolidation Paradigm

 
The Battle of Consolidation vs. Best-of-Breed, does more security mean better security? You’re probably frequently scrutinizing whether or not your own organization’s cyber security is being properly managed. We’re constantly being bombarded with news of the latest cyber security attacks and hoping there are no gaps in our own organization’s security. With every new ransomware or phishing attack, the red flags start to wave. The immediate reaction is to ramp up our security and increase the number of vendors with the assumption that with these new products will keep us better protected. In reality, this unfortunately isn’t the case. In a recent survey, executives were asked ...

Cloudy Forecast: Are you Naked in the Cloud?

 
What do high-clearance government employees, telecommunication customers and WWE fans all have in common? While this sounds like the beginning of a joke, in reality what unifies all of them is the fact that their personal, sensitive data is now part of an alarming statistic; the increasing frequency of data breaches in popular cloud services. Over the past few weeks, we have witnessed a rapidly growing trend of data exposure due to poor cloud security practices. In a recent example, Upguard earlier this week discovered yet another case of millions of sensitive customer details exposed to anyone with an active internet connection. The data was openly available on the internet until an ...

Check Point: A Leader in Vision and Execution in Two Gartner Magic Quadrants

 
Following the latest cyber attack outbreaks, WannaCry and Petya ransomware, businesses are now realizing just how vulnerable they are.  What seemed to be “good enough solutions” until now simply isn’t enough in today’s world. But still, many continue to add solutions that are focused on detecting attacks rather than preventing them. This approach lets the attackers hit first, and only after the damage has already been done, provide remediation. Instead of sitting on the sideline and watching the next attack occur, we can take action and prevent it before it happens.  The technologies already exist, and the architecture is already available. But when it comes to selecting a cyber ...

Preventing Petya – stopping the next ransomware attack

 
Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within customer networks.  It appears to be using the ‘EternalBlue’ exploit which May’s WannaCry attack also exploited.  It was first signaled by attacks on financial institutions in the Ukraine, but soon started spreading more widely, particularly across Europe, the Americas and Asia. The ransomware is propagating fast across business networks in the same way WannaCry did last month.  However, unlike other ransomware types including WannaCry, Petya does not encrypt files on infected ...

Securing the Cloud: Ward Off Future Storms

 
A recent incident has left the voting records of 198 million Americans exposed. The data included the names, dates of birth, addresses, and phone numbers of voters from both parties. It also included voter’s positions on various political issues and their projected political preference. Although it is not unusual to collect this type of information, it should raise alarm bells that the platform hosting this data was not secured. This is the largest known data exposure in the United States, leaving the sensitive information of millions of Americans unprotected.   When it comes to protecting personal information and sensitive data, extensive measures should be taken to keep the ...