Check Point Blog

Check Point Threat Alert – Simda

Overview   The Simda botnet is a network of computers infected with self-propagating malware which has compromised more than 770,000 computers worldwide.   Since 2009, cyber criminals have been targeting computers with unpatched software and compromising them with Simda malware. This malware may re-route a user’s Internet traffic to websites under criminal control or can…

Read More
Threat Research April 16, 2015

Protecting Beyond the Point of Sale

The sad reality is that retail breaches are becoming too common. With over a billion credit cards in circulation in the US and over 7 billion worldwide, credit card data has become a prime target for cybercriminals. An alarming number of data and network security breaches happen each year in the payment card and retail…

Read More
Security Insights

Check Point Threat Alert: AAEH/Beebone

Overview   AAEH, also known as BeeBone, is a family of polymorphic downloaders created with the primary purpose of downloading other malware, including password stealers, rootkits, fake antivirus, and ransomware. AAEH is often propagated across networks, removable drives (USB/CD/DVD), and through ZIP and RAR archive files. Other aliases include VObfus, VBObfus, and Changeup. The polymorphic…

Read More
Threat Research April 15, 2015

The Curious Incident of the Phish in the Night-Time: a Forensic Case Study

Names have been changed to protect the privacy of the individuals involved.   On the morning of February 26, 2015, Laurie logged on to her Google account at work and discovered that overnight, someone had used her account as a stepping stone for a total, indiscriminate phishing campaign.   Laurie is the chief administrative assistant…

Read More
Threat Research April 8, 2015

Segmentation is Great in Theory, but Who Has the Time?

Security is one of those, “pay a little now, or pay a lot later” concepts. Your data, your customer information, your intellectual property, your trade secrets, these are the lifeblood of your company. One bad hack could distract your team for months, set your product position back years or worse, put you out of business…

Read More
Security Insights April 1, 2015

Volatile Cedar – Analysis of a Global Cyber Espionage Campaign

Today, we announced the discovery of Volatile Cedar, a persistent attacker group originating possibly in Lebanon with political ties. Beginning in late 2012, the carefully orchestrated attack campaign we call Volatile Cedar has been targeting individuals, companies and institutions worldwide. This campaign, led by a persistent attacker group, has successfully penetrated a large number of…

Read More
Threat Research March 31, 2015

What Can We Learn from Clinton’s “Email-gate”?

Hillary Clinton has been scrutinized for using her private email account for Department of State-related correspondence. The so-called “email-gate” has put Mrs. Clinton in a hot-spot forcing her to provide explanations to what appears to be not only an attempt to hide official correspondence from the public but, more importantly, a breach in security.  …

Read More
Security Insights March 27, 2015

Intelligence Report: Equation Group

Executive Summary The Equation Group, active since 2001, is a highly advanced and secretive computer espionage organization. The first report on Equation was published by Kaspersky during their 2015 Security Analyst Summit. The malware used in their operations, dubbed EquationDrug and GrayFish, is capable of reprogramming hard disk drive firmware. The group is using advanced techniques, predilection…

Read More
Threat Research March 26, 2015