How Can Your Business Score Touchdowns Without An Offensive Line?

 
What the Philadelphia Eagles Can Teach Us About Cyber-Security   Imagine your founding CTO resigning … right before your company’s biggest annual conference. How do you adapt, maintain momentum, and bring home wins?   The Philadelphia Eagles experienced the American football version of this nightmare scenario when their star quarterback, Carson Wentz, tore his knee ligaments a few weeks before the NFL playoffs. Before his injury, the betting markets had the Eagles as front-runners, with 6-to-1 odds to win the championship. The week after, their odds tumbled down to 9-to-1.   This weekend, 110 million people in the United States will celebrate one of the ...

LightsOut: Shining a Light On Malicious Flashlight Apps on Google Play

 
Check Point researchers have detected a new type of adware roaming Google Play, the official app store of Google. The suspicious scripts overrides the user’s decision to disable ads showing outside of a legitimate context, and then, in many of the apps, hides its icon to hinder efforts to remove it. This is a purely malicious activity, as it has no other possible purpose other than eluding the user.   Dubbed ‘LightsOut’, the code hid itself in 22 different flashlight and utility apps, and reached a spread of between 1.5 million and 7.5 million downloads. Its purpose? To generate illegal ad revenue for its perpetrators at the expense of unsuspecting users.   The ...

October’s Most Wanted Malware: Cryptocurrency Mining Presents New Threat

 
Check Point’s latest Global Threat Index has revealed crypto miners were an increasingly prevalent form of malware during October as organizations were targeted with the CoinHive variant Crypto mining is emerging as a silent, yet significant, actor in the threat landscape, allowing threat actors to extract substantial profits while victims’ endpoints and networks suffer from latency and decreased performance. The emergence of Seamless and CoinHive once again highlights the breadth and depth of the challenges organizations face in securing their networks against cyber-criminals. Following up on recent Check Point research that found that cryptocurrency miners can use up to 65% of ...

Account Hijacks Affect Everybody, Even ‘Top Dogs’

 
Being “cool and smart” was the name of the game when we were at school, and it seems nothing really changes as we get older. With the ‘cool factor’ among IT professionals translating into the adoption of modern IT technology, it’s not surprising to see why today’s businesses are being pushed ever faster towards to the cloud. But of course there are other good reasons why 70% of companies (Gartner 2016) are already moving their IT infrastructure closer to the stars with cloud services. Whether it be data storage and servers or the increasing use of SaaS products, cloud computing allows businesses much greater agility and enables them to deliver applications at a fraction of ...

HomeHack: How Hackers Could Have Taken Control of LG’s IoT Home Appliances

 
The second season of award-winning TV thriller Mr. Robot premiered with a scene that sent shivers down the cybersecurity world’s spine. In uncomfortably realistic detail, hackers virtually broke into a smart home, turning the home-based IoT technology against its inhabitants. The TV and stereo started switching on and off randomly, the water temperature in the shower went from boiling to freezing with little warning, and the air conditioning brutally forced the characters to leave their homes by reaching arctic temperatures. The most unsettling part of the whole sequence isn’t that this type of cyberattack might happen. It’s unsettling because it’s already happening. Recently, ...

September’s Most Wanted Malware: Locky Shoots Back Up Global Rankings

 
Check Point’s latest Global Threat Index has revealed a massive increase in worldwide Locky attacks during September, with the ransomware impacting 11.5% of organizations globally over the course of the month. Locky has not appeared in our Global Threat Impact Index, which reports on the top ten most prevalent malware attacks globally every month, since November 2016. However, attacks in September were powered by the hefty Necurs botnet, which in itself was ranked at number ten in the table. These attacks shot Locky up 25 places overall, to sit just behind the Roughted malvertising campaign in pole position. Locky’s distribution began in February 2016, and it rapidly became one of ...

Layered protection is a must. Here’s why.

 
Cyber attacks are advancing in their sophistication. Take WannaCry – once it makes a single entry, its ability to spread throughout the organization and evade protection layers infected hundreds of thousands of computers. These advances make it clear that there’s no singular point solution that can act as a “magic bullet”. Companies have been approaching their security reactively: incidents or trends push them to test and buy a single point solution for one, specific gap at a time, resulting in a collection of point solutions without an equal increase in protection. Most attacks use this lack of integration to their advantage, attacking multiple stages to defeat a disjointed ...

Is Malware Hiding in Your Resume? Vulnerability in LinkedIn Messenger Would Have Allowed Malicious File Transfer

 
The popular business social network LinkedIn has accumulated over 500 million members across 200 countries worldwide. Whether you’re a manager seeking to expand your team or a graduate on the job hunt, LinkedIn is the go-to place to expand your professional network. As the world’s largest professional network, LinkedIn has acquired a noteworthy reputation. Individuals utilize the site to seek out trustworthy business connections and job opportunities. The most used feature on the site is the messenger platform. It enables users to easily send resumes, transfer academic research and share job descriptions. Users open messages under the assumption that the information is safe, secure ...

CrashOverride

 
On June 20th Check Point published an IPS signature providing virtual patching for the Siemens SIPROTEC DoS vulnerability. This IPS signature can help protect against a new malware, CrashOverride, also known as Industroyer-- that is a direct threat to Electric Grid Operators.   CrashOverride is the fourth piece of ICS-tailored malware used against these targets and the second ever to be designed and deployed for disrupting physical industrial processes. CrashOverride was employed in the December 17th, 2016 cyber-attack on the Kiev, Ukraine transmission substation resulting in electric grid operations impact.   This malware is an extensible platform that can be used to ...

Android Permission Security Flaw

 
Check Point researchers spotted a flaw in one of Android’s security mechanisms. Based on Google’s policy which grants extensive permissions to apps installed directly from Google Play, this flaw exposes Android users to several types of attacks, including ransomware, banking malware and adware. Check Point reported this flaw to Google, which responded that this issue  is already being dealt with in the upcoming version of Android, currently dubbed "Android O".   Technical Background: In Android version 6.0.0, dubbed “Marshmallow”, Google introduced a new permission model for apps. The new model consists of several groups of permissions, with permissions considered as ...