What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-09-20 14:00:51 | Will your virtual data traffic take the detour around firewalls? (lien direct) | We're going to need a new term to talk about “data centers.†I say this because virtualization in public and private form factors means the locations of processors and other resources you use on-demand don't sit statically in a data center anymore. Virtual resources dart around like bees in a field of clover. When will […] | |||
|
2016-09-19 13:00:32 | August\'s Top 10 Most Wanted Malware (lien direct) | Today, Check Point revealed that both the number of variants of ransomware and volume of malware attacks were on the rise in August, as the company disclosed the most prevalent malware families attacking organizations' networks in the period. During August, the number of active ransomware families grew by 12 percent while the number of detected […] | |||
|
2016-09-16 14:00:41 | In The Wild: App Stores Are No Sanctuary for Mobile Malware (lien direct) | Most mobile users rely on Google Play and the Apple App Store for their safety and assume that by downloading only highly-rated apps from these stores keeps them safe from mobile malware. In the past, this might have been a good strategy, but today it doesn't always work. Breaking the Myth: Google Play The Check […] | |||
|
2016-09-09 22:16:26 | (Ir)responsible Disclosure (lien direct) | Computers have become an essential part of our lives, and in some cases, they are even responsible for keeping us alive. Our dependency to use computers for medical treatments such as diagnostic equipment, medical monitors and even life support is greater than ever. Technology has given the medical sector new and inspirational ways to continue […] | |||
|
2016-09-08 17:30:29 | CallJam Android Malware Found on Google Play (lien direct) | Keeping Android smartphones and tablets safe from malicious apps is a constant battle for enterprises, end users, and for Google. Despite Google's efforts to prevent cybercriminals from infiltrating Google Play, the Check Point mobile research team has discovered new Android malware there it calls CallJam. CallJam malware includes a premium dialer to generate fraudulent phone […] | |||
|
2016-09-08 17:00:56 | Life After QuadRooter: Measuring The Impact (lien direct) | Following Check Point's disclosure of QuadRooter at Black Hat USA on August 7, the free QuadRooter scanner app was downloaded over half a million times. The results of the scans Check Point collected show that almost two thirds of scanned devices were affected. These reports also offer a unique opportunity to analyze a large sample […] | |||
|
2016-09-08 13:00:58 | Pixel Tracking: A Hacker\'s Tool (lien direct) | What is pixel tracking? It's challenging to justify the effectiveness of an email campaign if you can't measure its success. So, what do you do? You use pixel tracking, a seemingly innocent sales tool that helps sales and marketing teams track their campaigns. Tracking pixels are embedded into emails and load when the recipient opens […] | |||
|
2016-09-07 22:58:22 | Email from PayPal? Don\'t Get Attached! (lien direct) | Introduction Phishing scams are fraudulent email messages that appear to come from legitimate enterprises such as your university, your Internet service provider, or your bank. These messages usually direct you to a spoofed website, have a malicious attachment, or otherwise get you to divulge private information. The perpetrators then use this information to commit identity theft. […] | |||
|
2016-09-07 13:00:06 | Closing the Cloud Security Gaps (lien direct) | Regardless of where your applications and data reside – whether in private, public or hybrid cloud environments – they are attractive targets. Protecting assets in the cloud requires the same comprehensive security used to protect your physical environments. However, the dynamic and elastic nature of the cloud make traditional security approaches ineffective, exposing organizations and […] | |||
|
2016-09-01 17:15:51 | Check Point Forensics: PokemonGo Ransomware\'s Hidden Unexpected User (lien direct) | It was inevitable. Given the popularity of PokemonGo, ransomware developers have already attempted to trick users into downloading malware that claims to be PC versions of the popular mobile game. There are currently already two known ransomware variants that attempt to capitalize on the mobile games popularity by naming their executables pokemongo.exe. BleepingComputer has already […] | |||
|
2016-08-31 19:15:00 | DressCode Android Malware Discovered on Google Play (lien direct) | The Check Point mobile threat prevention research team discovered a new Android malware on Google Play, called “DressCode,†which was embedded into more than 40 apps, and found in more than 400 additional apps on third party app stores. Check Point notified Google about the malicious apps, and some have already been removed from Google […] | |||
|
2016-08-31 15:42:18 | Check Point Spearheads Threat Prevention Security for Small and Medium Businesses (lien direct) | Small and medium-sized business owners typically think the security that protects their large enterprises counterparts is well out of reach in terms of costs and complexities. However recent shifts in the threat landscape have them rethinking their security strategies. Cybercriminals are equal opportunists who leverage the same tactics used on bigger enterprises to target smaller […] | |||
|
2016-08-30 21:08:08 | Whaling: The Hunt for High Profile Business Targets (lien direct) | What are whaling attacks? “Whaling†attacks, also called Business Email Compromise (BEC), are a newer form of phishing attack. Phishing attacks consist of messages sent to would-be victims that try to deceive them into clicking malicious links, or opening an attachment that contains malware. Phishing attacks have evolved drastically, in part due to growing awareness […] | |||
|
2016-08-29 07:01:40 | Beware of the Trident Exploits (lien direct) | Researchers from The Citizen Lab at the University of Toronto last week revealed a sophisticated zero-day attack on the iPhone of Ahmed Mansoor, a human rights activist in the United Arab Emirates. The Citizen Lab discovery exposed three zero-day exploits used by “Pegasus,†a lawful interception cyberespionage tool developed by the Israeli-based NSO Group and […] | |||
|
2016-08-26 13:00:42 | Web Scripting Language PHP-7 Vulnerable to Remote Exploits (lien direct) | Exploiting server side bugs is a jackpot for hackers. Users tend to keep their data in one big pot – the server. This allows attackers to focus on one target, instead of individual users, making it possible for them to achieve greater results. This approach has been extremely profitable for attackers with various goals ranging […] | |||
|
2016-08-25 22:26:03 | Advancing the Security of Your SDDC (lien direct) | VMworld US is rapidly approaching and we've been busy gearing up for a great show! In fact, the product team has been especially busy building new features and capabilities into our vSEC Cloud Security product portfolio which we'll showcase during VMworld. While businesses of all sizes are making significant strides to virtualize networks and leverage […] | |||
|
2016-08-24 17:00:07 | The QuadRooter Domino Effect (lien direct) | Component suppliers, Android device manufacturers and developers all test their products rigorously. Even still, vulnerabilities — both in hardware and software — can be found on the smartphones and tablets we trust with our sensitive data. Until a patch for a vulnerability is installed, an affected device is exposed. That’s why fixing vulnerabilities like QuadRooter […] | |||
|
2016-08-24 13:00:44 | The Evolution of Proxy (lien direct) | When I entered the security market nearly 20 years ago, the philosophical and almost religious debate was whether proxy was a better technology than stateful inspection. Back then stateful firewalls were all about access control and proxy servers were interrupting a web connection to prevent direct internet exposure, and the “smart†ones were able to […] | |||
|
2016-08-23 17:44:30 | Phishing scams target everyone – even us! (lien direct) | Phishing scams have been around for over twenty years. It appears unlikely that they will ever go away. Targeting anyone with an email address, they continue to be a persistent threat. Recently, even some of Check Point's executives were recently targeted. The below email, purportedly from PayPal, is an example of emails that potential victims […] | |||
|
2016-08-22 19:05:59 | Check Point Forensic Files: Proving Ranscam ransomware does not provide a way to recover files (lien direct) | Every week we see new ransomware variants as cyber criminals continue to generate revenue from holding victims’ files for ransom. In July, a new ransomware was discovered that is an out-and-out scam. It does not encrypt any files; it simply deletes all user files. It then demands a ransom for recovery of the files, but […] | |||
|
2016-08-18 13:00:21 | July\'s Top 10 Most Wanted Malware (lien direct) | Check Point Software Technologies today revealed the number of active malware families decreased by 5 percent in July, as the company disclosed the most prevalent malware families attacking organizations' networks in the month. During July, Check Point detected 2,300 unique and active malware families attacking business networks, a 5 percent increase compared to June, with […] | |||
|
2016-08-16 13:00:25 | CerberRing: An In-Depth Exposé on Cerber Ransomware-as-a-Service (lien direct) | Check Point researchers have uncovered the sophisticated infrastructure of Cerber, a Ransomware-as-a-Service, including the business model and money trail. For the full CerberRing Report click here. The ransomware epidemic continues to rage on, encrypting files of private and enterprise users alike. Ransomware has become a global problem. According to the FBI, the accumulated revenue in the […] | |||
|
2016-08-07 20:53:21 | QuadRooter: New Android Vulnerabilities in Over 900 Million Devices (lien direct) | Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets. The Check Point mobile threat research team, which calls the set of vulnerabilities QuadRooter, presented its findings in a session at DEF CON 24 in Las Vegas. What is QuadRooter? QuadRooter is a […] | |||
|
2016-08-02 13:00:50 | SandBlast Receives ‘Recommended’ Rating Once Again (lien direct) | Hackers continue to target organizations with advanced malware. With over 390,000 new malware variants created each day1, traditional security solutions don't stand a chance in this cat and mouse game. Organizations are constantly striving to ensure protections are top notch to defend their organizations against ever-persistent cyber attackers. An essential ingredient to successfully block unknown […] | |||
|
2016-08-02 13:00:18 | Secure Every Click – Check Point SandBlast™ Agent for Browsers (lien direct) | Internet users expect near-instant and unconstrained access to web content when browsing. Unfortunately, the web poses one of the greatest threats to enterprises today. Malware may be hidden in web-downloaded content or webmail attachments. Your employees may unknowingly become victims of phishing, social engineering, and other malware-less attacks aimed at stealing corporate passwords and sensitive […] | |||
|
2016-07-26 13:00:42 | Ransomware: what you need to know (lien direct) | In recent years, there has been a surge of ransomware attacks. It's been reported all over security blogs, tech websites and in the news. Unfortunately, these attacks show no signs of slowing. If anything, they are getting worse. Cryptolocker, the first famous ransomware, was observed in the wild in 2013. From then until mid-2015, there […] | |||
|
2016-07-22 14:00:51 | Securely Embrace the Hybrid Cloud (lien direct) | The trend in enterprise IT is to move from a hardware-centric to an application-centric network model, enabling businesses to streamline processes and improve end-user experiences, all while enhancing their competitive positioning. As a result, IT organizations are under tremendous pressure to rapidly transform in order to keep pace with these new business demands. This need […] | |||
|
2016-07-21 20:00:34 | The Cure for Your Private Cloud Security Blues (lien direct) | Hot off the heels of Cisco Live! in Las Vegas, there's a continued buzz about the Cisco Application Centric Infrastructure (ACI) and how it is helping organizations transform from legacy to next-generation private cloud data centers. In fact, front-and-center to this year's event was the desire to transform Cisco offerings and make them more cloud-like, […] | |||
|
2016-07-20 16:36:37 | Check Point Forensics: CTB-Faker Ransomware (lien direct) | SandBlast Agent Forensics Introduction The concept is quite simple: we run a malware sample on a PC in our malware lab, with all protections turned off, and let SandBlast Forensics automatically analyze it, providing comprehensive analysis of the security incident. In addition to the blog, we are thrilled to now provide you with access to […] | |||
|
2016-07-18 18:00:37 | (Déjà vu) Top 10 Most Wanted Malware (lien direct) | Check Point Software Technologies today published its latest Threat Index, revealing the number of active malware families increased by nearly two-thirds in the first half of 2016, led by the number of threats to business networks and mobile devices. During June, Check Point detected 2,420 unique and active malware families attacking business networks, a 61 […] | |||
|
2016-07-14 13:00:35 | Ransomware’s Motto: The Simpler, The Scarier, The Better (lien direct) | A lot has been said about the ransomware epidemic. The number of infections worldwide increases daily, as well as the number of different variants. Check Point researchers have been analyzing ransomware for almost two years, and it has been a fascinating study. We can easily follow the trends, common aspects, and differences between ransomware families. […] | |||
|
2016-07-13 15:48:52 | Stop Before You (Pokemon) GO (lien direct) | The excitement over the new game Pokemon GO has taken the world by storm. Because it’s available only in limited countries right now, some people may be tempted to download the app from sources other than Google Play or the Apple App Store. Getting apps from unofficial sources can expose you to malicious apps that […] | |||
|
2016-07-11 13:00:21 | Malware\'s Constant Evolution Requires Advanced Protections (lien direct) | Malware developers are fast learners. They adapt to new security measures in record time and find new ways to evade detection or at least stay hidden long enough to complete their malicious goals. In this blog we review some of the cutting-edge techniques attackers use to bypass defenses and the techniques we use to protect […] | |||
|
2016-07-11 09:13:18 | (Déjà vu) DIY Attribution, Classification, and In-depth Analysis of Mobile Malware (lien direct) | The security research community has been dealing with malware attribution and classification for decades. The benefits of this process for PC-based malware are myriad and well known. Check Point has followed the same process for multiple malware campaigns during the last year, including Volatile Cedar, Rocket-Kitten, and the Nuclear Exploit Kit. In fact, the PC […] | |||
|
2016-07-08 22:41:38 | Jigsaw Ransomware Decryption (lien direct) | The Jigsaw ransomware was first spotted in April 2016, and has since received a bit of traction. It became infamous thanks to an image of the Jigsaw killer from the movie 'Saw' displayed on the ransom note (hence its name), and its unique way of persuading victims to comply – if payments aren't made […] | |||
|
2016-07-05 18:53:12 | Check Point Forensic Files: Cerber Ransomware Distribution using Office DOTM files (lien direct) | The start of a series This blog entry is the first in a new series featuring reports from Check Point SandBlast Agent Forensics. The concept is quite simple: we run a malware sample on a PC in our malware lab, with all protections turned off, and let SandBlast Forensics automatically analyze it. SandBlast Forensics identifies, […] | |||
|
2016-07-01 17:20:07 | From HummingBad to Worse: New In-Depth Details and Analysis of the HummingBad Android Malware Campaign (lien direct) | For five months, Check Point mobile threat researchers had unprecedented access to the inner-workings of Yingmob, a group of Chinese cyber criminals behind the HummingBad malware campaign. HummingBad is a malware Check Point discovered in February 2016 that establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. Yingmob […] | |||
|
2016-06-29 17:32:06 | SandBlast Protects Customers from Widespread Cerber Ransomware Attack (lien direct) | Starting at 6:44am UTC on June 22nd, Avanan, a partner of Check Point, detected a large-scale ransomware attack against its Cloud Security Platform customers across multiple companies. We believe this attack was only detected by SandBlast – Check Point's Zero Day Protection solution. The attack included a very nasty ransomware called Cerber, which spreads through phishing […] | |||
|
2016-06-27 13:00:27 | The Malware-as-a-Service Industry (lien direct) | Several recent developments have brought the malware infrastructure-as-a-service industry into the spotlight, reminding everyone how prominent it is in the cybercrime arena. The infrastructures that create malware exploit kits are so immense that the global threat landscape can be completely altered when one of them is downed. According to Kafeine, a leading exploit kit researcher, […] | Guideline | ||
|
2016-06-24 16:00:54 | Effective Security Management in a Software Defined World (lien direct) | Software defined infrastructure (SDx) along with use of private and public clouds completely transforms the way IT departments manage enterprise data centers and workloads. Automation is a key component of software defined networking (SDN), bringing network, server, security management and other IT functions or teams together. In the past when organizations deployed new applications, the application […] | |||
|
2016-06-23 13:00:27 | The Infamous Nuclear Exploit Kit Shuts Down (lien direct) | In a seeming response to the recent Check Point investigative report, the Nuclear Exploit Kit shut down its entire infrastructure and ceased operation. Background The Nuclear Exploit Kit, one of the largest attack infrastructures observed in the wild today, was recently the subject of a thorough investigation conducted by the Check Point Threat Intelligence and […] | |||
|
2016-06-22 16:24:33 | Intel Spot On with CET (lien direct) | Intel has recently published a specification for a new technology meant to detect and block malware at the processor level. The technology, developed with the help of Microsoft, is called Control-flow Enforcement Technology (CET), and its main purpose is to prevent any attempt to use Return-Oriented Programming (ROP) or Jump-Oriented Programming (JOP) for exploits. This […] | |||
|
2016-06-20 13:00:58 | Cerber Ransomware Targets U.S., Turkey and the UK in Two Waves (lien direct) | New ransomware families appear on a regular basis, each with a different method of operation. The Cerber ransomware, which has a sophisticated implementation process, uses a very interesting tactic in its attacks. It operates in surges with relatively low activity in between them. We have detected two such spikes in Cerber's activity, the first in […] | |||
|
2016-06-17 16:45:03 | Tales from the Trenches: Modern Malware Requires Modern Investigation Techniques (lien direct) | The Check Point Incidence Response team was called in to assist a company who suffered a severe breach in their network, which was not previously protected by Check Point's advanced protections. The team began to investigate and was extremely impressed by the malware's tactics and sophisticated evasion techniques. The malware's evasive nature required the team […] | |||
|
2016-06-17 15:23:37 | In The Wild: Mobile Malware Implements New Features (lien direct) | Malware developers just won't stand still. They continue developing malware as they go, sometimes to adapt to the changing threat landscape, and sometimes simply to improve their capabilities. Recently, two examples of such advancements presented themselves, one in Triada's code and one in Viking Horde's. Triada's Trident is Getting Stronger As if the original malware […] | |||
|
2016-06-15 15:00:37 | Trust No One – A Cyberworld Survival Guide (lien direct) | Cybercriminals are professional scammers; their specialty is tricking users into helping them achieve their malicious goals. Attackers use many different tactics, including spam, phishing emails, and fake ads. In each case, the unsuspecting user plays an active role in his own victimization when he clicks a link or opens an attachment. Recently, an unconventional campaign […] | |||
|
2016-06-08 16:51:11 | Hack In The Box: Mobile Attackers Are Listening In (lien direct) | While most mobile attacks require some level of interaction with the user, Man-in-The-Middle (MiTM) attacks can achieve their goal without the user ever knowing they occurred. This type of attacks allows attackers to eavesdrop, intercept and alter traffic between your device and any other counterpart. There are several ways by which hackers can execute such […] | |||
|
2016-06-07 07:01:21 | (Déjà vu) FACEBOOK MaliciousChat (lien direct) | Check Point disclosed details about a vulnerability found in Facebook Messenger, both in the online and mobile application. Following Check Point's responsible disclosure, Facebook promptly fixed the vulnerability. What is this vulnerability? The vulnerability allows a malicious user to change a conversation thread in the Facebook Online Chat & Messenger App. By abusing this vulnerability, […] | |||
|
2016-06-06 13:00:23 | Zcrypt: The Ransomware Virus Hybrid (lien direct) | A recent piece of ransomware has emerged that is causing quite the stir. The reason – it is in fact a virus and can infect users even through USB devices. The technology itself is not new, but when implemented by ransomware the results could be severe. Given this, now is a good time for people […] | |||
|
2016-06-03 16:21:04 | In The Wild: Never a Dull Moment with Mobile Malware (lien direct) | Mobile malware learns fast. Every time new security measures come along, malware somehow manages to find a way to overcome them. This week we bring you such a story, with further details about Viking Horde, a botnet found by Check Point on Google Play. The malware is capable of bypassing even Android's latest OS security […] |
To see everything:
Our RSS (filtrered)
