The Internet of ransomware Things

 
San Francisco’s Municipal Railway (MUNI) riders got to ride for free over the last weekend (Nov 25th-26th), after what appears as a ransomware hit the agency’s payment system. The alleged attack sought $73,000 in ransom for stolen city data. “Personal information of MUNI customers were not compromised as part of this incident,” Paul Rose, a spokesperson for the San Francisco Municipal Transit Authority (SFMTA), said Monday. “We’ve never considered paying the ransom,” he added, “because we have in-house staff capable of recovering all systems, and we’re doing that now.” Despite Rose’s guarantee, the alleged malware attacker issued a new threat to MUNI via news ...

Check Point Named a Leader in the 2016 Gartner Magic Quadrant for Enterprise Network Firewalls

 
Today’s enterprise networks are more complex than ever. Cloud computing, floods of connected devices and highly mobile workforces put a ton of pressure on security teams to keep networks and data protected. At the same time, the tools and techniques used by cybercriminals to target enterprise data continues to rapidly evolve. When reflecting on the state of enterprise security, I often quote the philosopher Heraclitus who said it best, “The only thing that is constant is change.”   This begs the question: Why is the firewall still part of the network security discussion? There are some in the security industry who view the firewall as antiquated technology. After all, the ...

“Recommended” for Security Effectiveness and Value 5 Years in a Row by NSS Labs

 
The Next Generation Firewall (NGFW) is the cornerstone of any effective network security strategy. However as the threat landscape continues to evolve and grow in sophistication, NGFW solutions should prove effective at protecting against new and unknown threats as well as continue safeguarding against previously known threats. But that begs the question: how do customers determine which NGFW is recommended for security effectiveness against new and existing threats while delivering exceptional value? NSS Labs provides a transparent evaluation of NGFW products to help customers narrow down their choices. A recognized leader in independent security product testing, NSS Labs conducts ...

A Major Step Ahead in Network Security

 
It’s January 2016 and my New Years’ resolution is still fresh in my mind. In addition to visiting the gym more frequently and losing some of my “holiday” weight, I am also resolute that this year will be another big year of cyber security headlines and major breaches, even though network security spending continues to rise. With all the publicity of late, it’s clear we need to think differently about security to start gaining the upper hand. Cyber criminals are getting smarter, leveraging highly sophisticated attacks, adapting their tactics to exploit any weakness and ultimately achieving their goals. These advanced techniques require an equally advanced security approach, one ...

Angler EK Pushing TeslaCrypt

 
In recent weeks, we have witnessed a very large up rise in TeslaCrypt infection attempts. TeslaCrypt is a relatively new ransomware, first reported in the beginning of 2015. Although it is not the most sophisticated malware, it is continuously maintained and updated by its authors, and still manages to spread through various infection vectors. In the previous week, there has been a nine-fold increase in infections, as reported by Symantec. Most of the infections in this current campaign are delivered by spam.   On December 16th, Check Point researchers identified a large increase in TeslaCrypt infection attempts via Angler Exploit Kit. Angler Exploit Kit (EK) is a ...

Phishing for Employees in Russia

 
During the period August 27-30, 2015, Check Point sensors recorded a large amount of logs generated by the IPS protection “PHP Print Remote Shell Command Execution.” This was an interesting anomaly, as we do not usually see high volume of logs from this protection. We started investigating the logs received from all sources, and noticed that they were all similar. The resources in all logs contained the following suspicious command: roskomnadzor=print-439573653*57; Looking at “roskomnadzor,” we found that this is the name of the Russian Federal Service for Supervision of Communications, Information Technology and Mass Communications (and that Russian people seem to be ...

Context-Aware Network Security

 
Defense in depth is a concept that is hard to argue with; put as many security mechanisms in place to make it difficult if not impossible for the bad guys to gain access to your network. Much of the security “sprawl” we see today is a direct result of this strategy – deploy the best access-layer security solutions, best data center security solutions, and best gateway security solutions and you’re good, right? The problem as we’ve painfully discovered is that these security “silos” do a great job in their respective domains, but don’t share information very well. With the sophistication of today’s threats, relevant information is needed by all tools and platforms to ...

One Step Ahead

 
What are forward-looking CSOs doing to stay beyond the reach of cybercriminals? Recently, I was in New York City, where I was fortunate enough to have tickets to one of the hottest shows on Broadway: Hamilton. I was fascinated by how precarious the fate of our independence was had it not been for the forward-looking and -acting Alexander Hamilton. If he were around today in the world of cybersecurity, I’m pretty sure he’d be looking at CPU-level sandboxing and identifying innovative ways to out-wile the latest attack strategies that target new, disruptive technologies. We’ve all heard it before: Preparation is everything. But when it comes to security, it’s not enough. ...

Our Mission To Cure The Healthcare Security Epidemic

 
The healthcare industry has taken a major beating in terms of cyber security attacks. In the past two years, there has been a myriad of breaches, compromising the personal health information (PHI) of millions. According to the Identity Theft Resource Center, 42.5 percent of all data breaches were in the healthcare industry. The Center also reports that 91 percent of all healthcare companies reported that they had at least one data breach over the last two years.   Despite the efforts of HIPAA regulations to enforce the privacy of patients’ information and the security of their medical records, many studies have shown a surge in data breach cases. Specifically, one study in the ...

The Future Of Financial Cybersecurity

 
October is Cybersecurity Awareness Month, and it starts with large attacks against two prominent financial organizations – An Experian breach, which affected 15 million T-Mobile customers; and Scottrade, which compromised the information of approximately 4.6 million customers. The reality is that there are still huge gaps in companies’ security programs in financial institutions, and unless it gets under control, there will be bigger problems ahead that will affect everyone.   As Experian reported, “Based on Experian’s investigation to date, the unauthorized access was an isolated incident over a limited period of time. It included access to a server that contained ...