Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

 
The popular business social network LinkedIn has accumulated over 500 million members across 200 countries worldwide. Whether you’re a manager seeking to expand your team or a graduate on the job hunt, LinkedIn is the go-to place to expand your professional network.   As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals utilize the site to seek out trustworthy business connections and job opportunities. The most used feature on the site is the messenger platform. It enables users to easily send resumes, transfer academic research and share job descriptions. Users open messages under the assumption that the information is ...

ZoneAlarm Anti-Ransomware Earns “Editor’s Choice” from PC magazine

 
A recent review in PC magazine by Lead Analyst, Neil J. Rubenking approaches one of cyber security’s latest growing concerns, ransomware. Various comparison tests of anti-ransomware products were conducted while specifically focusing on Check Point’s consumer anti-ransomware product, ZoneAlarm. ZoneAlarm by Check Point is based on the same technology of its enterprise grade product, SandBlast Anti- Ransomware. I was very pleased to read that Rubenking took ZoneAlarm for a test drive in a real-life ransomware simulation. Rubenking’s simulation demonstrated ZoneAlarm’s capabilities to defeat each threat in a very easy-to-use, intuitive mode.  ZoneAlarm leaves zero traces of any ...

“The Next WannaCry” Vulnerability is Here – Let’s Stop it before it’s too Late

 
This Tuesday, Microsoft released a security patch including 48 fixes, 25 of which are defined as “critical”. While Microsoft updates happen every month, this one reveals an especially dangerous vulnerability – CVE-2017-8620. Behind this dull name hides a severe flaw affecting all current versions of Windows, which enables attackers to spread a contagious attack between computers in the network. It is not very often that such a volatile vulnerability, providing hackers with full control over entire networks, is discovered. The last time such a vulnerability was disclosed was in March 2017, when another Microsoft security patch fixed the “EternalBlue” exploit. Two months after ...

Are You Prepared for the Next Attack?

 
A WAKE-UP CALL From WannaCry and Petya to the most recent attacks today, #LeakTheAnalyst and HBO—it is now apparent that anyone or any organization is a target for cyber criminals. Attacks continue to grow at an alarming rate – in volume, sophistication and impact. As of May 2017, Check Point products are detecting over 17 million attacks each week, more than half of these attacks include payloads which are unknown at the time of detection and cannot be detected by conventional signature-based technology. These attacks serve as a wake-up call, illustrating how fragile and vulnerable organizations have become in recent years. In response to the many recent outbreaks, organizations ...

Re-Thinking the Cyber Consolidation Paradigm

 
The Battle of Consolidation vs. Best-of-Breed, does more security mean better security? You’re probably frequently scrutinizing whether or not your own organization’s cyber security is being properly managed. We’re constantly being bombarded with news of the latest cyber security attacks and hoping there are no gaps in our own organization’s security. With every new ransomware or phishing attack, the red flags start to wave. The immediate reaction is to ramp up our security and increase the number of vendors with the assumption that with these new products will keep us better protected. In reality, this unfortunately isn’t the case. In a recent survey, executives were asked ...

June’s Most Wanted Malware: RoughTed Malvertising Campaign Impacts 28% of Organizations

 
Check Point’s latest Global Threat Impact Index revealed that 28% of organizations globally were affected by the Roughted malvertising campaign during June. A large-scale malvertising campaign, RoughTed is used to deliver links to malicious websites and payloads such as scams, adware, exploit kits and ransomware. It began to spike in late May before continuing to peak--impacting organizations in 150 different countries. The top affected companies were in the education, communications and retails & wholesale sector. The malvertiding related infection rates spiked in recent months as attackers only have to compromise one online ad provider to reach a wide range of victims with ...

Check Point: A Leader in Vision and Execution in Two Gartner Magic Quadrants

 
Following the latest cyber attack outbreaks, WannaCry and Petya ransomware, businesses are now realizing just how vulnerable they are.  What seemed to be “good enough solutions” until now simply isn’t enough in today’s world. But still, many continue to add solutions that are focused on detecting attacks rather than preventing them. This approach lets the attackers hit first, and only after the damage has already been done, provide remediation. Instead of sitting on the sideline and watching the next attack occur, we can take action and prevent it before it happens.  The technologies already exist, and the architecture is already available. But when it comes to selecting a cyber ...

Preventing Petya – stopping the next ransomware attack

 
Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within customer networks.  It appears to be using the ‘EternalBlue’ exploit which May’s WannaCry attack also exploited.  It was first signaled by attacks on financial institutions in the Ukraine, but soon started spreading more widely, particularly across Europe, the Americas and Asia. The ransomware is propagating fast across business networks in the same way WannaCry did last month.  However, unlike other ransomware types including WannaCry, Petya does not encrypt files on infected ...

Securing the Cloud: Ward Off Future Storms

 
A recent incident has left the voting records of 198 million Americans exposed. The data included the names, dates of birth, addresses, and phone numbers of voters from both parties. It also included voter’s positions on various political issues and their projected political preference. Although it is not unusual to collect this type of information, it should raise alarm bells that the platform hosting this data was not secured. This is the largest known data exposure in the United States, leaving the sensitive information of millions of Americans unprotected.   When it comes to protecting personal information and sensitive data, extensive measures should be taken to keep the ...

Hacked in Translation – from Subtitles to Complete Takeover

 
Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.     What is it? Perpetrators use various ...