What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-07-22 14:00:51 | Securely Embrace the Hybrid Cloud (lien direct) | The trend in enterprise IT is to move from a hardware-centric to an application-centric network model, enabling businesses to streamline processes and improve end-user experiences, all while enhancing their competitive positioning. As a result, IT organizations are under tremendous pressure to rapidly transform in order to keep pace with these new business demands. This need […] | |||
|
2016-07-21 20:00:34 | The Cure for Your Private Cloud Security Blues (lien direct) | Hot off the heels of Cisco Live! in Las Vegas, there's a continued buzz about the Cisco Application Centric Infrastructure (ACI) and how it is helping organizations transform from legacy to next-generation private cloud data centers. In fact, front-and-center to this year's event was the desire to transform Cisco offerings and make them more cloud-like, […] | |||
|
2016-07-20 16:36:37 | Check Point Forensics: CTB-Faker Ransomware (lien direct) | SandBlast Agent Forensics Introduction The concept is quite simple: we run a malware sample on a PC in our malware lab, with all protections turned off, and let SandBlast Forensics automatically analyze it, providing comprehensive analysis of the security incident. In addition to the blog, we are thrilled to now provide you with access to […] | |||
|
2016-07-18 18:00:37 | (Déjà vu) Top 10 Most Wanted Malware (lien direct) | Check Point Software Technologies today published its latest Threat Index, revealing the number of active malware families increased by nearly two-thirds in the first half of 2016, led by the number of threats to business networks and mobile devices. During June, Check Point detected 2,420 unique and active malware families attacking business networks, a 61 […] | |||
|
2016-07-14 13:00:35 | Ransomware’s Motto: The Simpler, The Scarier, The Better (lien direct) | A lot has been said about the ransomware epidemic. The number of infections worldwide increases daily, as well as the number of different variants. Check Point researchers have been analyzing ransomware for almost two years, and it has been a fascinating study. We can easily follow the trends, common aspects, and differences between ransomware families. […] | |||
|
2016-07-13 15:48:52 | Stop Before You (Pokemon) GO (lien direct) | The excitement over the new game Pokemon GO has taken the world by storm. Because it’s available only in limited countries right now, some people may be tempted to download the app from sources other than Google Play or the Apple App Store. Getting apps from unofficial sources can expose you to malicious apps that […] | |||
|
2016-07-11 13:00:21 | Malware\'s Constant Evolution Requires Advanced Protections (lien direct) | Malware developers are fast learners. They adapt to new security measures in record time and find new ways to evade detection or at least stay hidden long enough to complete their malicious goals. In this blog we review some of the cutting-edge techniques attackers use to bypass defenses and the techniques we use to protect […] | |||
|
2016-07-11 09:13:18 | (Déjà vu) DIY Attribution, Classification, and In-depth Analysis of Mobile Malware (lien direct) | The security research community has been dealing with malware attribution and classification for decades. The benefits of this process for PC-based malware are myriad and well known. Check Point has followed the same process for multiple malware campaigns during the last year, including Volatile Cedar, Rocket-Kitten, and the Nuclear Exploit Kit. In fact, the PC […] | |||
|
2016-07-08 22:41:38 | Jigsaw Ransomware Decryption (lien direct) | The Jigsaw ransomware was first spotted in April 2016, and has since received a bit of traction. It became infamous thanks to an image of the Jigsaw killer from the movie 'Saw' displayed on the ransom note (hence its name), and its unique way of persuading victims to comply – if payments aren't made […] | |||
|
2016-07-05 18:53:12 | Check Point Forensic Files: Cerber Ransomware Distribution using Office DOTM files (lien direct) | The start of a series This blog entry is the first in a new series featuring reports from Check Point SandBlast Agent Forensics. The concept is quite simple: we run a malware sample on a PC in our malware lab, with all protections turned off, and let SandBlast Forensics automatically analyze it. SandBlast Forensics identifies, […] | |||
|
2016-07-01 17:20:07 | From HummingBad to Worse: New In-Depth Details and Analysis of the HummingBad Android Malware Campaign (lien direct) | For five months, Check Point mobile threat researchers had unprecedented access to the inner-workings of Yingmob, a group of Chinese cyber criminals behind the HummingBad malware campaign. HummingBad is a malware Check Point discovered in February 2016 that establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. Yingmob […] | |||
|
2016-06-29 17:32:06 | SandBlast Protects Customers from Widespread Cerber Ransomware Attack (lien direct) | Starting at 6:44am UTC on June 22nd, Avanan, a partner of Check Point, detected a large-scale ransomware attack against its Cloud Security Platform customers across multiple companies. We believe this attack was only detected by SandBlast – Check Point's Zero Day Protection solution. The attack included a very nasty ransomware called Cerber, which spreads through phishing […] | |||
|
2016-06-27 13:00:27 | The Malware-as-a-Service Industry (lien direct) | Several recent developments have brought the malware infrastructure-as-a-service industry into the spotlight, reminding everyone how prominent it is in the cybercrime arena. The infrastructures that create malware exploit kits are so immense that the global threat landscape can be completely altered when one of them is downed. According to Kafeine, a leading exploit kit researcher, […] | Guideline | ||
|
2016-06-24 16:00:54 | Effective Security Management in a Software Defined World (lien direct) | Software defined infrastructure (SDx) along with use of private and public clouds completely transforms the way IT departments manage enterprise data centers and workloads. Automation is a key component of software defined networking (SDN), bringing network, server, security management and other IT functions or teams together. In the past when organizations deployed new applications, the application […] | |||
|
2016-06-23 13:00:27 | The Infamous Nuclear Exploit Kit Shuts Down (lien direct) | In a seeming response to the recent Check Point investigative report, the Nuclear Exploit Kit shut down its entire infrastructure and ceased operation. Background The Nuclear Exploit Kit, one of the largest attack infrastructures observed in the wild today, was recently the subject of a thorough investigation conducted by the Check Point Threat Intelligence and […] | |||
|
2016-06-22 16:24:33 | Intel Spot On with CET (lien direct) | Intel has recently published a specification for a new technology meant to detect and block malware at the processor level. The technology, developed with the help of Microsoft, is called Control-flow Enforcement Technology (CET), and its main purpose is to prevent any attempt to use Return-Oriented Programming (ROP) or Jump-Oriented Programming (JOP) for exploits. This […] | |||
|
2016-06-20 13:00:58 | Cerber Ransomware Targets U.S., Turkey and the UK in Two Waves (lien direct) | New ransomware families appear on a regular basis, each with a different method of operation. The Cerber ransomware, which has a sophisticated implementation process, uses a very interesting tactic in its attacks. It operates in surges with relatively low activity in between them. We have detected two such spikes in Cerber's activity, the first in […] | |||
|
2016-06-17 16:45:03 | Tales from the Trenches: Modern Malware Requires Modern Investigation Techniques (lien direct) | The Check Point Incidence Response team was called in to assist a company who suffered a severe breach in their network, which was not previously protected by Check Point's advanced protections. The team began to investigate and was extremely impressed by the malware's tactics and sophisticated evasion techniques. The malware's evasive nature required the team […] | |||
|
2016-06-17 15:23:37 | In The Wild: Mobile Malware Implements New Features (lien direct) | Malware developers just won't stand still. They continue developing malware as they go, sometimes to adapt to the changing threat landscape, and sometimes simply to improve their capabilities. Recently, two examples of such advancements presented themselves, one in Triada's code and one in Viking Horde's. Triada's Trident is Getting Stronger As if the original malware […] | |||
|
2016-06-15 15:00:37 | Trust No One – A Cyberworld Survival Guide (lien direct) | Cybercriminals are professional scammers; their specialty is tricking users into helping them achieve their malicious goals. Attackers use many different tactics, including spam, phishing emails, and fake ads. In each case, the unsuspecting user plays an active role in his own victimization when he clicks a link or opens an attachment. Recently, an unconventional campaign […] | |||
|
2016-06-08 16:51:11 | Hack In The Box: Mobile Attackers Are Listening In (lien direct) | While most mobile attacks require some level of interaction with the user, Man-in-The-Middle (MiTM) attacks can achieve their goal without the user ever knowing they occurred. This type of attacks allows attackers to eavesdrop, intercept and alter traffic between your device and any other counterpart. There are several ways by which hackers can execute such […] | |||
|
2016-06-07 07:01:21 | (Déjà vu) FACEBOOK MaliciousChat (lien direct) | Check Point disclosed details about a vulnerability found in Facebook Messenger, both in the online and mobile application. Following Check Point's responsible disclosure, Facebook promptly fixed the vulnerability. What is this vulnerability? The vulnerability allows a malicious user to change a conversation thread in the Facebook Online Chat & Messenger App. By abusing this vulnerability, […] | |||
|
2016-06-06 13:00:23 | Zcrypt: The Ransomware Virus Hybrid (lien direct) | A recent piece of ransomware has emerged that is causing quite the stir. The reason – it is in fact a virus and can infect users even through USB devices. The technology itself is not new, but when implemented by ransomware the results could be severe. Given this, now is a good time for people […] | |||
|
2016-06-03 16:21:04 | In The Wild: Never a Dull Moment with Mobile Malware (lien direct) | Mobile malware learns fast. Every time new security measures come along, malware somehow manages to find a way to overcome them. This week we bring you such a story, with further details about Viking Horde, a botnet found by Check Point on Google Play. The malware is capable of bypassing even Android's latest OS security […] | |||
|
2016-06-01 15:47:49 | Hack In The Box: Mobile Malware Goes In For The Kill (lien direct) | For attackers, installing a Trojan on your mobile device is the best way to attack it. Mobile malware provides attackers with a full arsenal of capabilities they can use to conduct several types of attacks including surveillance, info-stealing, ransomware, fraud, and much more. Surveillance malware, for instance, can track location, extract call logs, files, and […] | |||
|
2016-05-29 19:00:53 | OEMs Have Flaws Too: Exposing Two New LG Vulnerabilities (lien direct) | Check Point disclosed today two vulnerabilities (CVE-2016-3117, CVE-2016-2035) which can be used to elevate privileges on LG mobile devices to attack them remotely at the LayerOne 2016 conference in Los Angeles. LG issued fixes for both vulnerabilities which Check Point made LG aware of before disclosing them publicly. These vulnerabilities are unique to LG devices which […] | |||
|
2016-05-27 17:16:35 | Check Point Named a Leader in the 2016 Gartner Magic Quadrant for Enterprise Network Firewalls (lien direct) | Today's enterprise networks are more complex than ever. Cloud computing, floods of connected devices and highly mobile workforces put a ton of pressure on security teams to keep networks and data protected. At the same time, the tools and techniques used by cybercriminals to target enterprise data continues to rapidly evolve. When reflecting on the […] | |||
|
2016-05-27 14:00:25 | Attacks on SMB are a sure thing, according to the latest Verizon report (lien direct) | It's not surprising that small businesses are much more vulnerable to cyberattacks vs. large enterprises. The 2016 Data Breach Investigations Report reveals just how much (Check Point contributed to the report). The report covers a large number of SMBs. 521 small businesses were surveyed and 447 confirmed they suffered a security breach with data loss […] | |||
|
2016-05-27 13:00:42 | CryptXXX Ransomware: Simple, Evasive, Effective (lien direct) | CryptXXX emerged a few weeks ago and it's been sneaky! It's most impressive feature is the simplicity of its evasion techniques, which are giving it an advantage over most security systems. This has resulted in a very low detection rate for new samples and a high success rate on the malware's part. According to the […] | |||
|
2016-05-26 13:00:16 | Spam-Riding Dropper Packs a One-Two Ransomware, Adware Punch (lien direct) | The Most Trusty Attack Vector Shady random strangers on the internet often have an uncanny ability to make you believe that you should have expected to hear from them. You may be savvy enough to brush off the 'Nigerian Prince in Distress' and the 'Thousands of Hot Singles in Your Area Waiting to Meet You' […] | |||
|
2016-05-25 23:20:09 | Weaponized WordPress Tools (lien direct) | WordPress is a free, open source content management system (CMS) for creating websites, and is considered to be the most popular blogging system in use. WordPress’ appeal to website developers stems from its free plugins and themes that are easily installed over the basic platform. These add-ons allow WordPress users to personalize and expand their websites and blogs. […] | |||
|
2016-05-25 16:57:39 | Hack In The Box: Malware Disguises Itself To Infiltrate Your Device (lien direct) | No user would intentionally allow malware onto a mobile device, so it's obvious why malicious apps disguise themselves to trick users into inviting them in. In many cases, malware tries to persuade the user into going even further by asking for various permissions that can enable malicious actions. Malware tries to do as much damage […] | |||
|
2016-05-24 19:00:26 | TeslaCrypt Ransomware Shuts Down: One Down, Plenty to Go (lien direct) | In a surprising turn of events, the creators of the notorious TeslaCrypt ransomware shut down their operation and revealed the master key for decrypting all files. They even said they are sorry, as displayed in the image below. Figure 1: TeslaCrypt Shut Down Message The motive behind this step remains unclear. The attackers could […] | Tesla | ||
|
2016-05-24 13:00:58 | The Scripting Threat: How Admin Tools Became Dominant in the Malware Attack Lifecycle (lien direct) | Malware have increasingly adopted scripts as a major technique, replacing file-based execution. This transition took place mainly to avoid signature-based detection employed by many security vendors. To understand how this is achieved, one must first understand what scripting really is. Scripting languages are programs that support automated execution of tasks, which could be executed manually […] | |||
|
2016-05-20 19:00:50 | In The Wild: Malware in Google Play is as Prevalent and Pesky as Ever (lien direct) | Not a week passes without new malware found on Google Play and this week was no different. Among the malware found are both new and old samples, including a known malicious banker and a new type of malware making its first appearance on Google Play. Also, Google has patched more vulnerabilities, which is no coincidence […] | |||
|
2016-05-20 16:00:34 | Spear Phishing 2.0 Adds Social Engineering & VM Evasion (lien direct) | Spear phishing attacks are a rising threat faced by organizations. These well-planned attacks can deceive even the most cautious users. Unlike old-fashioned mass phishing attempts, these attacks are directed at specific individuals or companies and are tailor-made to fit their target. Used for a wide variety of reasons from stealing personal information or credentials to […] | |||
|
2016-05-19 15:00:00 | Everyday Malware Poses a Risk to Critical Infrastructure (lien direct) | Many people believe that only state-sponsored attacks can endanger critical infrastructure. They claim that such elaborate malware capable of targeting the inner workings of Industrial Control Systems (ICS) are not the work of simple hackers. This flawed perception completely disregards the fact that ICS can fall victim to the most banal malware – and in […] | |||
|
2016-05-18 15:52:35 | Hack In The Box: How Attackers Manipulate Root Access and Configuration Changes (lien direct) | Securing iOS and Android smartphones and tablets is still a relatively new concept. Taking control of a mobile device was once considered an unlikely threat because it was hard to do. However, malware has moved forward, making attacks a more imminent threat. One of the causes for this is malware's advances in attack capabilities. Technical […] | |||
|
2016-05-17 18:35:27 | Inside Nuclear\'s Core: Unraveling a Ransomware-as-a-Service Infrastructure (lien direct) | The Check Point Research team has uncovered the entire operation of one of the world's largest attack infrastructures. Exploit Kits are a major part of the Malware-as-a-Service industry, which facilitate the execution of ransomware and banking trojans, among others. Their creators rent them to cybercriminals who use them to attack unsuspecting users. Nuclear is one of the […] | |||
|
2016-05-17 14:00:53 | Introducing Check Point SandBlast™ Cloud (lien direct) | The increasing adoption of cloud-based email tools such as Microsoft Office 365™ allows businesses to efficiently communicate and collaborate, without investing resources in managing and maintaining their own dedicated IT infrastructure. However, the shift to cloud-based tools also brings with it an array of security risks, including sophisticated attacks like spear-phishing and ransomware that use […] | |||
|
2016-05-12 17:15:07 | The Notorious TeslaCrypt V3 Ransomware: A Comprehensive Analysis (lien direct) | As the current wave of ransomware rages on, one stands out in its ability to adapt: TeslaCrypt. Although it emerged only in 2015, we are currently witnessing the malware's third generation. Since its debut, it has transformed itself, fixing its flaws and vastly improving its ability to evade detection. It has also expanded its distribution […] | Tesla | ||
|
2016-05-12 16:53:08 | (Déjà vu) Hack In The Box: System Vulnerabilities Can Leave Mobile Devices Exposed (lien direct) | System vulnerabilities are a major threat facing users and enterprises today, and these need to be remedied thoughtfully. Since these vulnerabilities don't require social engineering schemes to become exposed, and because they have an alarmingly high success rate, they are also one of the easiest ways to attack Android and iOS devices. The constant release […] | |||
|
2016-05-09 19:00:30 | Viking Horde: A New Type of Android Malware on Google Play (lien direct) | The Check Point research team uncovered a new Android malware campaign on Google Play it calls Viking Horde. Viking Horde conducts ad fraud, but can also be used for other attack purposes such as DDoS attacks, spam messages, and more. At least five instances of Viking Horde managed to bypass Google Play malware scans so […] | |||
|
2016-05-06 18:24:23 | (Déjà vu) In The Wild: Mobile Malware Follows in the Steps of its PC Cousins (lien direct) | Mobile Security Observations from the Check Point Research Team Mobile malware is still a growing phenomenon and, in many cases, follows the lead set by predecessors in the PC world. This week the Check Point research team encountered different mobile malware that adopted techniques previously known only in the PC world. This is not a […] | Guideline | ||
|
2016-05-05 14:30:00 | The Unknown Threats Will Get You, Every Time (lien direct) | Craig Dunaway didn’t see it coming. His company, restaurant chain Penn Station, had done everything possible to secure its sensitive data and that of its customers. Even still, Dunaway, the president of Penn Station, would learn in 2012 about an unusual security breach. Malware secretly uploaded to Penn Station’s network had been stealing credit card […] | |||
|
2016-05-04 18:27:28 | Hacking Elections (lien direct) | There are many different motives for hacking an organization. Most attacks are categorized as cybercrime, and this involves credential theft, ransomware or any form of financially motivated attacks. Another form of cyber attacks are classified as cyber espionage and include state espionage and spouse tracking, for example. Cyber war is another motive for attacks, mostly […] | |||
|
2016-05-02 14:00:21 | A New Approach to Security (lien direct) | Changing with the times is frequently overlooked when it comes to data center security. Technology is becoming increasingly dynamic, but most data centers are still using archaic security measures to protect their network which isn't going to stand a chance against today's sophisticated attacks. Recent efforts to upgrade these massive security systems are still falling […] | |||
|
2016-04-29 15:02:54 | In The Wild: Breaking Mobile Security Paradigms… Again (lien direct) | Security researchers have shattered the mobile security paradigm once again. They've managed to bypass Android two-factor authentication, and iOS is proven vulnerable again both to exploits and malware. It has become very clear: traditional defenses are simply not enough. Users must implement advanced measures to stay safe. Two Factor Authentication Bypass: There’s No Place to Hide […] | |||
|
2016-04-28 15:05:35 | (Déjà vu) Marcher Marches On: The Anatomy of a Banker Malware (lien direct) | Not very often do we have the chance to observe the full flow of an attack. Usually, we can analyze the malware itself and, in some cases, we manage to identify the infiltration vector. But today we're laying out the full attack flow of the infamous Marcher mobile banker malware. Overview The Marcher banker malware […] | |||
|
2016-04-26 16:00:55 | Check Point Threat Alert: CryptXXX Ransomware (lien direct) | CryptXXX ransomware has been observed in the wild as of March 2016, delivered via the Angler Exploit Kit and spread through the Bedep trojan. The ransomware is demanding a $500 ransom to be paid in order to recover the encrypted files on a machine, and provides the victim the possibility to decrypt one file for […] |
To see everything:
Our RSS (filtrered)
