Check Point Blog

Sort blog posts by:  

Webinar: Examining The Latest Trends In Enterprise Mobile Cyberattacks

 
The explosive proliferation of personal smartphones and tablets in the workplace exposes companies to increased risk of cyberattacks. How bad can it be? Threats to mobile users are myriad and powerful, and hackers are ultimately capable of compromising any device, accessing sensitive data at any time. For the past year Check Point mobile threat researchers analyzed data from 850 businesses around the world and determined that every business was attacked at least once. This landmark cybersecurity study is the first to assess actual threat data of corporate-owned and bring-your-own devices. Don't miss Check Point’s latest webinar on December 7, entitled “Mobile Cyberattacks Impact ...

77% of Android Devices Still Endanger Users Due to Design Flaws

 
Researchers have discovered a design flaw in Android that can be used to remotely capture screenshots or record audio… without the user’s knowledge or consent.   The attack relies on the MediaProjection service in Android, which has these extensive capabilities, and was made available for the use of non-propriety apps since Android version 5.0 (Lollipop). While apps are required to receive the user's permission to use this service, the new attack uses a screen overlay tactic to deceive them into granting it unknowingly.   At the time of publication, Google has only fixed the issue in Android version 8.0 (Oreo), leaving Android versions 5.0, 6.0 and 7.0, which ...

Uber Takes Cloud Security For A Ride

 
Cloud security has had a rough ride of it recently, and this past week its driver was the $68bn global transportation company, Uber.   Earlier this week, it was revealed that the personal details of Uber’s 57 million drivers and had been stolen back in 2016. The company then made matters worse by not reporting the breach to international data regulators, and instead paid the perpetrators $100,000 to delete the sensitive files and cover up the incident.   However, Uber’s failure to disclose the breach goes beyond non-adherence to best practice and journeys into the realm of the unethical. With such a large amount of sensitive data at stake, Uber was certainly ...

Check Point Security Credentials Validated with Cyber Essentials Plus Awards

 
Check Point is proud to announce that we have received two ‘Cyber Essentials Plus’ awards under the British Government’s Cyber Essentials Accreditation Scheme. The British Ambassador to Israel, David Quarrey, officially presented the accreditations as part of the UK Government’s Cyber Essentials Scheme. Launched in 2014, the Cyber Essentials Scheme serves as part of the National Cyber Security Strategy to help British organizations bolster their defenses against cyber-attack.   Meeting the Criteria The Cyber Essentials Plus accreditation offers a higher level of assurance by externally testing an organisation’s cyber security approach. The assessment was conducted ...

The Danger Behind Santa’s Beard

 
Santa’s beard is usually white, the colour of purity and innocence. However, cyber-criminals targeting online shoppers enjoying the run up to the Black Friday and Christmas holidays this year could be trying to take advantage of that innocence.   Researchers at Check Point recently discovered that criminals have a new way to trick merry online shoppers via the massively popular AliExpress shopping portal. With more than 100 million customers and $23bn in revenue worldwide, AliExpress, part of the AliBaba Group, is one of the most popular places to shop online.   After discovering the vulnerability, Check Point Researchers immediately informed AliExpress who, due to ...

New Research: Mobile Malware Hits Every Business

 
Every business has experienced at least one mobile cyberattack in the past year, according to a new study published today by Check Point mobile threat researchers. The report, entitled Mobile Cyberattacks Impact Every Business, is the first study to document the volume and impact of mobile attacks across corporate and public enterprise environments. The landmark study analyzes actual threat telemetry from corporate-issued and personally-owned bring-your-own devices. Data from the research demonstrates that enterprise mobility is under constant attack, affecting all regions and industries, on both Android and iOS platforms. These threats to mobile users are often sophisticated and ...

SandBlast Mobile: The Best Mobile Security Solution Just Got Better

 
If there’s one thing we can count on it’s the tenacity and resourcefulness of cybercriminals. SandBlast Mobile threat researchers recently identified two new trends emerging in the global hacking community. First, cybercriminals have recently begun developing mobile permutations of existing zero-day malware. One recent case involved a mobile remote access Trojan (mRAT) that was spotted on the device of the chief security officer of a major European bank. An mRAT allows an attacker to remotely access an infected device and gather information from all its sensors, such as the camera, microphone, message and call directories, and much more. mRATs are typically used to surveil mobile ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Account Hijacks Affect Everybody, Even ‘Top Dogs’

 
Being “cool and smart” was the name of the game when we were at school, and it seems nothing really changes as we get older. With the ‘cool factor’ among IT professionals translating into the adoption of modern IT technology, it’s not surprising to see why today’s businesses are being pushed ever faster towards to the cloud. But of course there are other good reasons why 70% of companies (Gartner 2016) are already moving their IT infrastructure closer to the stars with cloud services. Whether it be data storage and servers or the increasing use of SaaS products, cloud computing allows businesses much greater agility and enables them to deliver applications at a fraction of ...

HomeHack: How Hackers Could Have Taken Control of LG’s IoT Home Appliances

 
The second season of award-winning TV thriller Mr. Robot premiered with a scene that sent shivers down the cybersecurity world’s spine. In uncomfortably realistic detail, hackers virtually broke into a smart home, turning the home-based IoT technology against its inhabitants. The TV and stereo started switching on and off randomly, the water temperature in the shower went from boiling to freezing with little warning, and the air conditioning brutally forced the characters to leave their homes by reaching arctic temperatures. The most unsettling part of the whole sequence isn’t that this type of cyberattack might happen. It’s unsettling because it’s already happening. Recently, ...