Hacked in Translation – “Director’s Cut” – Full Technical Details

 
Background Recently, Check Point researchers revealed a brand new attack vector – attack by subtitles. As discussed in the previous post and in our demo, we showed how attackers can use subtitles files to take over users' machines, without being detected. The attack vector entailed a number of vulnerabilities found in prominent streaming platforms, including VLC, Kodi (XBMC), PopcornTime and strem.io. The potential damage the attacker could inflict is endless, ranging anywhere from stealing sensitive information, installing ransomware, mass Denial of Service attacks, and much more. After our original publication appeared, the vulnerabilities were fixed, which allows us to tell ...

FalseGuide misleads users on GooglePlay

 
Update: Since April 24, when the article below was first published, Check Point researchers learned that the FalseGuide attack is far more extensive than originally understood. Five additional apps containing the malware were found on Google Play, developed by “Анатолий Хмеленко.” The apps were uploaded to the app store as early as November 2016, meaning they hid successfully for five months, accumulating an astounding number of downloads. The updated estimate now includes nearly 2 million infected users *** Is someone trying to build a botnet on Google Play? Check Point mobile threat researchers detected a new strain of malware on Google Play, Google’s official ...

The Skinner adware rears its ugly head on Google Play

 
A new member of the ever growing adware-found-on-Google-Play-list has been found. Previous members include Viking Horde, DressCode and CallJam, among many others. The malware, dubbed "Skinner", was embedded inside an app which provides game related features. The app was downloaded by over 10,000 users, and managed to hide on Google Play for over two months. Skinner tracks the user's location and actions, and can execute code from its Command and Control server without the user's permission. The app was removed from the play store after we contacted the Google security team. While Adware are a common threat to users, Skinner displayed new elaborate tactics used to evade detection and ...

Choice, Flexibility and Advanced Security – Now with Google Cloud Platform

 
As a general rule of thumb, it has been a long accepted strategy in IT to avoid vendor lock in, or trusting too much in a single equipment provider that you get stuck because changing to another vendor would be too costly or inconvenient. This is especially true with public cloud providers, and fear of vendor lock in is often cited as a major road block to further cloud adoption. So how do you eliminate the risks of putting all your IT eggs in a single virtual network basket? One approach to solving this dilemma is a multi-cloud strategy. A multi-cloud approach provides benefits beyond simply eliminating financial risk; it can also help businesses redefine their software ...

Check Point Software Continues Impressive Run on Industry Recognition by Joining CRN 2017 Security 100 Elite Vendors

 
These past few months have seen great momentum for Check Point. The CRN 2017 Security 100 List was just released and Check Point tops the list as one of the 25 Coolest Network Security Vendors in the Network Security category. CRN publishes this list every year to help channel businesses find the vendor that provides “the perfect mix of technology and incentives to partner with.” The companies on CRN's Security 100 list have demonstrated creativity and innovation in product development, as well as a strong commitment to delivering those offerings through a vibrant channel of solution providers. If you really want to see where “the bits meet the bandwidth” in cyber security, ...

A Complex Web: Bitcoin Mixing Services

 
Check Point’s Threat Intelligence Analysis team often comes across attackers who seek payment from their victims in Bitcoins – especially following ransomware attacks such as Cerber. Once they get paid for their criminal exploits, these actors employ all sorts of Bitcoin mixers and tumblers to cover their tracks. We decided to analyze these mixing services to achieve a better understanding of their operation methods, in an effort to provide organizations with insights into the complex cybercriminal underworld.   About Bitcoin Mixing Services Bitcoin is often thought of as a payment method that hides both the sender and the recipient, and makes it impossible to identify the ...

October’s ‘Most Wanted’ Malware List Shows Attacks on the Rise

 
Check Point’s Threat Intelligence Research Team revealed today that the number of malware attacks increased in October, as the company released its monthly Global Threat Index, a ranking of the most prevalent malware families attacking organizations’ networks. The team found that both the number of active malware families and number of attacks increased by 5% during the period, pushing the number of attacks on business networks to near peak levels, as seen earlier this year. Locky ransomware attacks continued to rise, moving it up from third to second place, while the Zeus banking trojan moved up two spots, returning it to the top three. The reason for Locky’s continued growth is ...

Can SandBlast Block Unknown Attacks? Challenge Accepted, Network World!

 
Recently, David Strom and Network World decided to put our zero-day protection technology to the test, literally. Now, after in-depth security analysis, we are excited to share the findings with you. In short, Strom found SandBlast to be a comprehensive yet easy to manage solution, which is worth the cost for effective protection against unknown malware.   Challenge No. 1: Can Zero-Day Attacks Be Detected? “No matter what virus package we tried, SandBlast caught it, cleaned it, and stopped the exploit from propagating.” In his extensive testing, David lodged multiple attacks against our SandBlast Threat Prevention Solutions. And guess what! SandBlast stopped all of ...

Beware! Malware Targeting Endpoints on the Rise Ahead

 
All you need to do is listen to the news and you know that the cyber threat landscape in 2016 has gotten much worse. But what types of threats are driving companies to take action? And what actions are they taking? To answer these questions, and more, we turned to SANS Institute, the leading organization for cybersecurity research, training and certification to conduct an in-depth survey of more than 300 enterprise customers across the globe. The survey, known as the 2016 SANS Threat Landscape Survey, explores the current state of the threat landscape and how these security threats are impacting organizations. In particular, it examines the types and the nature of threats attacking ...

Global Trends of the ‘Most Wanted’ Malware

 
The malware world continues to develop rapidly and dynamically. On a daily basis new malware appears, accelerating the cat-and-mouse game between attackers and defenders. As a result, it’s more important than ever for cyber security professionals to stay up-to-date about the ever-changing threat landscape in order to provide organizations with the highest level of protection. To keep you in the know, Check Point has created the H1 2016 Global and Regional Trends of the ‘Most Wanted’ Malware report, which provides an overview of the malware landscape in the top categories – ransomware, banking and mobile – based on threat intelligence data drawn from Check Point’s ThreatCloud ...