Check Point Blog

Threat Research February 2, 2017

SQL Slammer Comeback

SQL Slammer is a computer worm that first appeared in the wild in January 2003, and caused a denial of service condition on tens of thousands of servers around the world. It did so by…

Read More
Threat Research January 16, 2017

Malware Takes a Christmas Break in December’s Global Threat Index

Global malware attacks decreased by 8% in December compared with the previous month, with the popular Locky ransomware recording a huge 81% decrease per week, according to the latest monthly Global Threat Index from Check…

Read More
Threat Research December 27, 2016

Check Point discovers three Zero-Day Vulnerabilities in web programming language PHP 7

PHP 7, the latest release of the popular web programming language that powers more than 80% of websites, offers great advantages for website owners and developers. Some of them include doubling the performance and adding…

Read More
Security Insights September 9, 2016

(Ir)responsible Disclosure

Computers have become an essential part of our lives, and in some cases, they are even responsible for keeping us alive. Our dependency to use computers for medical treatments such as diagnostic equipment, medical monitors…

Read More
Threat Research September 8, 2016

Life After QuadRooter: Measuring The Impact

Following Check Point’s disclosure of QuadRooter at Black Hat USA on August 7, the free QuadRooter scanner app was downloaded over half a million times. The results of the scans Check Point collected show that…

Read More
Threat Research June 7, 2016

FACEBOOK MaliciousChat

Check Point disclosed details about a vulnerability found in Facebook Messenger, both in the online and mobile application. Following Check Point’s responsible disclosure, Facebook promptly fixed the vulnerability.   What is this vulnerability? The vulnerability allows…

Read More
Uncategorized May 29, 2016

OEMs Have Flaws Too: Exposing Two New LG Vulnerabilities

Check Point disclosed today two vulnerabilities (CVE-2016-3117, CVE-2016-2035) which can be used to elevate privileges on LG mobile devices to attack them remotely at the LayerOne 2016 conference in Los Angeles. LG issued fixes for both…

Read More
Threat Research April 13, 2016

Check Point Threat Alert: Badlock Vulnerability

EXECUTIVE SUMMARY An elevation-of-privilege vulnerability exists in Microsoft Windows and the Samba interoperability suite for Linux & UNIX. Attackers could launch a man-in-the-middle-attack and downgrade the authentication level of DCE/RPC channels, allowing them to impersonate…

Read More
Threat Research January 8, 2016

Turkish Clicker: Check Point Finds New Malware on Google Play

The Check Point research team has discovered an extensive malware campaign on the Google Play™ store. Check Point Mobile Threat Prevention detected the first samples of malware we call “Turkish Clicker” on several customer devices. …

Read More
Threat Research December 29, 2015

Check Point Threat Alert: Outlook OLE Vulnerability

Object Linking and Embedding (OLE), developed by Microsoft, allows users to embed and link to documents and other objects. However, a Remote-Command-Execution vulnerability was found in Microsoft Office that allows remote attackers to execute arbitrary…

Read More