Check Point Blog

The Check Point 2017 Global Threat Intelligence Trends Report

2017 was an incredible year for the cyber security industry. With attacks reaching ever higher numbers and increasing levels of innovation, there seems to be no stop to the cat and mouse game taking place between threat actors and security experts. In our H2 2017 Global Threat Intelligence Trends Report, we reveal that cyber-criminals are…

Read More
Corporate Blog January 31, 2018

Huawei Routers Exploited to Create New Botnet

A Zero-Day vulnerability in the Huawei home router HG532 has been discovered and hundreds of thousands of attempts to exploit it have already been found in the wild. The delivered payload has been identified as OKIRU/SATORI which is an updated variant of Mirai. The suspected threat actor behind the attack is an amateur nicknamed ‘Nexus…

Read More
Corporate Blog December 21, 2017

September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky has not appeared in our Global Threat Impact Index, which reports on the top ten most prevalent malware attacks globally every month, since…

Read More
Corporate Blog October 12, 2017

Beware of the Bashware: A New Method for Any Malware to Bypass Security Solutions

With a growing number of cyber-attacks and the frequent news headlines on database breaches, spyware and ransomware, quality security products have become a commodity in every business organization. Consequently a lot of thought is being invested in devising an appropriate information security strategy to combat these breaches and providing the best solutions possible. We have…

Read More
Corporate Blog September 11, 2017

July’s Most Wanted Malware: RoughTed and Fireball Decrease, But Stay Most Prevalent

Check Point’s latest Global Threat Impact Index reveals that that the number of organizations impacted globally by the RoughTed malvertising campaign fell by over a third during July, from 28% to 18%. RoughTed is a large-scale malvertising campaign used to deliver malicious websites and payloads such as scams, adware, exploit kits and ransomware. Despite its…

Read More
Corporate Blog August 21, 2017

Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

The popular business social network LinkedIn has accumulated over 500 million members across 200 countries worldwide. Whether you’re a manager seeking to expand your team or a graduate on the job hunt, LinkedIn is the go-to place to expand your professional network. As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals…

Read More
Corporate Blog August 18, 2017

JavaScript Lost in the Dictionary

Check Point threat Intelligence sensors have picked up a stealth campaign that traditional anti-virus solutions are having a hard time detecting. On July 17th SandBlast Zero-Day Protection started showing a massive email campaign which was not caught by traditional AV solutions. Even today, on the fourth day of this campaign, when Check Point has already…

Read More
Corporate Blog July 20, 2017

June’s Most Wanted Malware: RoughTed Malvertising Campaign Impacts 28% of Organizations

Check Point’s latest Global Threat Impact Index revealed that 28% of organizations globally were affected by the Roughted malvertising campaign during June. A large-scale malvertising campaign, RoughTed is used to deliver links to malicious websites and payloads such as scams, adware, exploit kits and ransomware. It began to spike in late May before continuing to…

Read More
Corporate Blog July 17, 2017

OSX/Dok Refuses to Go Away and It’s After Your Money

Following up on our recent discovery of the new OSX/Dok malware targeting macOS users, we’d like to report that the malicious actors behind it are not giving up yet. They are aiming at the victim’s banking credentials by mimicking major bank sites. The fake sites prompt the victim to install an application on their mobile…

Read More
Corporate Blog July 13, 2017

Hacked in Translation – “Director’s Cut” – Full Technical Details

Background Recently, Check Point researchers revealed a brand new attack vector – attack by subtitles. As discussed in the previous post and in our demo, we showed how attackers can use subtitles files to take over users’ machines, without being detected. The attack vector entailed a number of vulnerabilities found in prominent streaming platforms, including…

Read More
Corporate Blog July 8, 2017