Google Archives | Check Point Blog

Home > Company >

The Skinner adware rears its ugly head on Google Play

by Oren Koriat and Andrey Polkovnichenko, Cyber Analysts, Check Point posted 2017/03/08

A new member of the ever growing adware-found-on-Google-Play-list has been found. Previous members include Viking Horde, DressCode and CallJam, among many others. The malware, dubbed "Skinner", was embedded inside an app which provides game related features. The app was downloaded by over 10,000 users, and managed to hide on Google Play for over two months. Skinner tracks the user's location and actions, and can execute code from its Command and Control server without the user's permission. The app was removed from the play store after we contacted the Google security team. While Adware are a common threat to users, Skinner displayed new elaborate tactics used to evade detection and ...

Read the full article

Introducing Check Point vSEC for Google Cloud Platform

by Erez Berkner, Director of Product Management, Cloud Security, Check Point posted 2017/03/07

Cloud Security Puzzle – Solved! If you are deploying workloads (like web servers) or migrating back office apps into Google Cloud Platform (GCP), you will be happy to know that you can now do it securely in a turn-key way without sacrificing the agility & business elasticity provided by GCP. Check Point’s vSEC cloud security solution delivers advanced security that is virtually built into the Google environment using Google’s APIs. Together, Google and Check Point enable a multilayer security solution that comprehensively protects customers’ assets and data in the cloud with advanced threat prevention security. Why do we really need another security layer? While the ...

Read the full article

Choice, Flexibility and Advanced Security – Now with Google Cloud Platform

by Donald Meyer, Head of Marketing, Data Center and Cloud Security posted

As a general rule of thumb, it has been a long accepted strategy in IT to avoid vendor lock in, or trusting too much in a single equipment provider that you get stuck because changing to another vendor would be too costly or inconvenient. This is especially true with public cloud providers, and fear of vendor lock in is often cited as a major road block to further cloud adoption. So how do you eliminate the risks of putting all your IT eggs in a single virtual network basket? One approach to solving this dilemma is a multi-cloud strategy. A multi-cloud approach provides benefits beyond simply eliminating financial risk; it can also help businesses redefine their software ...

Read the full article

More Than 1 Million Google Accounts Breached by Gooligan

by Check Point Research Team posted 2016/11/30

As a result of a lot of hard work done by our security research teams, we revealed today a new and alarming malware campaign. The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day. Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more. Gooligan is a new variant of the Android malware campaign found by our researchers in the SnapPea app last year. Check Point reached out to the Google Security team immediately ...

Read the full article

Gartner Recognizes the Importance of Mobile Threat Defense

by Michael Shaulov, Head of Cloud & Mobility Product Management posted 2016/09/22

HummingBad. Stagefright. QuadRooter. Mobile malware and vulnerabilities have been making headlines well over the past year, and attacks are becoming a more common way for cybercriminals to steal sensitive data. We believe this trend – one that our research team encounters daily – is illustrated in the Gartner Market Guide for Mobile Threat Defense Solutions.* This rise in the sophistication and volume of mobile malware and continued exposure to unknown vulnerabilities demonstrates how Android and iOS devices simply aren’t secure on their own. The Mobile Threat Defense Market is Growing Rapidly Mobile malware and vulnerabilities aren’t all that different than their cousins ...

Read the full article

Security Disclosure: Google’s iOS Gmail App Potential Target for Threat Actors

by Avi Bashan posted 2014/07/10

As part of our ongoing research into Apple’s iOS environment, we analyze mobile apps from various perspectives. During a routine analysis of the Gmail iOS app we unexpectedly came across a vulnerability which enables a threat actor that is performing a Man-in-the-Middle attack to view, and even modify, encrypted communications. Secure Mobile Communications 101 In general, secure communications rely on encryption, i.e. SSL, between an app and the back-end server to prevent prying eyes from seeing into content during transmit. The problem with using just SSL is that a threat actor can impersonate the back-end server ...

Read the full article

Post Archives