What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-05-25 13:00:25 | The Judy Malware: Possibly the largest malware campaign found on Google Play (lien direct) | Check Point researchers discovered another widespread malware campaign on Google Play, Google's official app store. The malware, dubbed “Judyâ€, is an auto-clicking adware which was found on 41 apps developed by a Korean company. The malware uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it. […] | |||
|
2017-05-23 13:00:02 | Hacked in Translation – from Subtitles to Complete Takeover (lien direct) | Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim's media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time […] | |||
|
2017-05-22 13:00:12 | Check Point R80.10 Maximizes Security and Minimizes Operational Overhead for CCI Nice Côte D\'Azur, Creating a “WOW†Effect (lien direct) | Security threats and attackers continue to adapt their techniques, making it more difficult than ever for organizations to protect themselves. When the CCI Nice Côte D'Azur upgraded to Check Point's R80.10 Security Management, it increased threat prevention performance, efficiency, and visibility while reducing operational overhead. In a recent chat with Frédéric Achache, IT Projects Manager […] | |||
|
2017-05-19 13:00:57 | Security Brief for Connected Automotives (lien direct) | Introduction    The question of which companies will dominate the automotive industry in coming years is being decided in the contest to produce Internet-connected cars. Intel predicts 120 million vehicles with varying degrees of automation will be on our roads by 2030. (Shot, 2016).The development and popular adoption of automotive data connectivity and autonomous […] | |||
|
2017-05-17 13:00:55 | April\'s Most Wanted Malware: Exploit Kit Attacks Continue, While Slammer Worm Resurfaces Again (lien direct) | Check Point's latest Global Threat Impact Index detected a continued increase in the number of organizations being targeted with Exploit Kits, as Rig EK became the most prevalent form of attack, while there was also a resurgence in the Slammer worm detected, with 4% of businesses impacted. Slammer resurfaced following a short hiatus, jumping […] | |||
|
2017-05-17 13:00:11 | Check Point Reveals Global WannaCry Ransomware Infection Map at CPX Europe 2017 (lien direct) | Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection Map, the researchers were able to track 34,300 attack attempts in 97 countries. The average pace as of today is one attempt in every three second – indicating a slight decline […] | Wannacry | ||
|
2017-05-16 16:48:44 | CRYING IS FUTILE: SandBlast Forensic Analysis of WannaCry (lien direct) | Using the NSA exploit EternalBlue released by the Shadow Brokers, the WannaCry ransomware developers have added their names to malware lore. Given the number of institutions hit and the amount of media generated, it seemed appropriate to show what the ransomware actually does on a system through our SandBlast Agent Forensics product. The WannaCry outbreak […] | Wannacry | ||
|
2017-05-16 13:01:19 | The mobile banker threat – from end to end (lien direct) | One of the most dangerous threats targeting mobile users is the banking malware. These malicious pieces of code are designed to steal financial information and transfer funds to their own accounts. Over the years, perpetrators successfully managed to overcome all obstacles set before them, such as the 2-Factor-Authentication security mechanism and defenses set in different […] | |||
|
2017-05-15 19:00:14 | WannaCry – New Kill-Switch, New Sinkhole (lien direct) | Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning hit rate of 1 connection per second. Registering the domain activated the kill-switch, and these thousands of to-be victims are safe from […] | Wannacry | ||
|
2017-05-14 18:29:09 | WannaCry – Paid Time Off? (lien direct) | Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing , the 3 bitcoin accounts associated with the WannaCry ransomware have accumulated more than $33,000Â between them. Despite that, not a single case has been reported of anyone receiving their […] | Wannacry | ||
|
2017-05-12 19:08:39 | Global Outbreak of WannaCry (lien direct) | [Updated May 15, 2017] On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing a large scale ransomware attack which is utilizing SMB to propagate within their networks. To complicate matters there are a number of […] | Wannacry | ||
|
2017-05-11 14:47:29 | JAFF – A New Ransomware is in town, and it\'s widely spread by the infamous Necurs Botnet (lien direct) | Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only to shortly peak late in April, spreading Locky using malicious PDF documents. Today, May 11, Necurs started spreading a new ransomware called JAFF. Check Point's global sensors have spotted as many […] | |||
|
2017-05-10 13:00:30 | DiamondFox modular malware – a one-stop shop (lien direct) | Check Point researchers have conducted a thorough investigation of the DiamondFox malware-as-a-service in collaboration with Terbium Labs, a Dark Web Data Intelligence company. The report includes a review of the malware's sales procedure and customer reviews, as well as a full technical analysis of its multiple plugins. For the full DiamondFox report click here. Check […] | |||
|
2017-05-09 13:00:02 | (Déjà vu) Android Permission Security Flaw (lien direct) | Check Point researchers spotted a flaw in one of Android's security mechanisms. Based on Google's policy which grants extensive permissions to apps installed directly from Google Play, this flaw exposes Android users to several types of attacks, including ransomware, banking malware and adware. Check Point reported this flaw to Google, which responded that this issue […] | |||
|
2017-05-08 13:00:18 | The Devil\'s Bargain: Security or Productivity? (lien direct) | With so much riding on cyber security, those of us charged with providing it must make a devil's bargain between conflicting priorities: maintain productivity by letting users receive and transmit information quickly, or protect information at the cost of unacceptable latency. The dilemma arises from the nature of today's threats. In the original threat-signature model, […] | |||
|
2017-05-04 17:00:20 | Update – OSX/Dok Campaign (lien direct) | Our ongoing investigation of the OSX/DOK campaign has led us to detect several new variants of this malware. These new variants have the same functionality as the previous ones, and are designed to give the attackers complete access to all victim communications. This includes communication encrypted by SSL, by redirecting the victims' traffic through a […] | |||
|
2017-05-03 13:00:26 | Debug Instrumentation via Flash ActionScript (lien direct) | Browser plug-ins have always been an attractive target for attackers to exploit. In the last couple of years, the most prevalent attack platform was undoubtedly – Flash. With 250+ CVEs in 2016 alone, and incorporation in practically every exploit kit, Flash exploits are everywhere and deserve our attention. As researchers, we stumble upon many cases where […] | |||
|
2017-05-02 13:00:16 | GDPR – here\'s what you need to do right now (lien direct) | By now you may have heard of GDPR, the new European General Data Protection Regulation. It's a complex, and evolving piece of legislation that comes into effect in May 2018. It doesn't matter whether your organization has any presence in the EU, or where your applications and data are processed and stored. If your organization […] | |||
|
2017-05-01 13:00:14 | Getting your emails blocked? Don\'t forget the semicolon; (lien direct) | Due to their common use in websites, JavaScript files are not detected by traditional Anti-Virus software. Scanning JavaScript files while browsing is virtually impossible due to its performance impact and probable high false positive rate, due to most sites using obfuscated JavaScript as a benign method to protect their intellectual property. To detect such attacks, […] | |||
|
2017-04-27 18:03:30 | OSX Malware is Catching Up, and it wants to Read Your HTTPS Traffic (lien direct) | People often assume that if you're running OSX, you're relatively safe from malware. But this is becoming less and less true, as evidenced by a new strain of malware encountered by the Check Point malware research team. This new malware – dubbed OSX/Dok — affects all versions of OSX, has 0 detections on VirusTotal (as […] | |||
|
2017-04-27 05:00:03 | Securing the Connected Car Steps Up a Gear (lien direct) | “Here in my car, I feel safest of all …†That line from Gary Numan's hit single, 'Cars' sums up the way many of us feel when we're driving: safe and protected in the privacy of our vehicles. But cars are increasingly connected to the outside world. Features that were once only available on premium […] | |||
|
2017-04-25 19:30:00 | Banking trojans are on the rise: here\'s how to avoid being robbed (lien direct) | Banking trojans are helping cybercriminals to commit the perfect crime: stealing money from the accounts of unsuspecting victims, almost untraceably and at minimal risk. As such it's no surprise that from June to December 2016, banking trojans were only fractionally behind ransomware in being the most prevalent type of malware, and in Asia-Pacific countries they […] | ★★ | ||
|
2017-04-24 20:47:10 | FalseGuide misleads users on GooglePlay (lien direct) | Update: Since April 24, when the article below was first published, Check Point researchers learned that the FalseGuide attack is far more extensive than originally understood. Five additional apps containing the malware were found on Google Play, developed by “Ðнатолий Хмеленко.†The apps were uploaded to the app store as early as November 2016, meaning […] | ★★★★★ | ||
|
2017-04-21 13:00:25 | (Déjà vu) Introducing SandBlast Mobile: comprehensive mobile threat protection (lien direct) | Just how susceptible are mobile devices to attacks in enterprise environments? It's safe to say that mobile cyberattacks beset every business. For 12 months, Check Point analyzed data from 850 companies around the world, and discovered some surprising insights: 100% of the organizations had at least one mobile malware attack The average number of mobile […] | ★★★★★ | ||
|
2017-04-20 16:00:43 | Check Point Infinity – The Security Architecture of the Future – Today (lien direct) | Infinity is boundless. Unfortunately so are your IT demands and security expectations. The explosion of new technologies promising simplification, untold efficiencies and cost savings are only creating uncertainty, complexity and risk. There needs to be a force to unify and harness the promise of these new technologies for the benefit of business operations and customers. […] | |||
|
2017-04-17 13:00:12 | When you look at files from your cloud, are they looking back at you? (lien direct) | When your users look at files served from your cloud platform, files that have tracking pixels could be looking back - revealing more than you should to outsiders about users and infrastructure. Security researchers are finding tracking pixels implicated in attacks on enterprises. So, if your IT workloads are on a cloud platform, you should […] | |||
|
2017-04-13 13:00:37 | March\'s \'Most Wanted\' Malware List: Exploit Kits Rise Again in Popularity (lien direct) | Old malware rarely dies: it just lies dormant for a while. This was one of the key findings of the Check Point Research Team's latest Global Threat Impact Index, which saw a surge in the usage of Exploit Kits during March, following a steady decline in usage since a high point in May 2016. Exploit […] | |||
|
2017-04-13 13:00:37 | The Unbearable Lightness of Operating Web-Based Attacks: How easy it is to steal money from IE 8.0-11.0 users (lien direct) | Looking back at the past year, there is no doubt that the malware-as-a-service industry, which sells and trades malware samples, attack tools, and a variety of services, is thriving. It means that cyber criminals with low technical skills can easily purchase attack tools from more advanced hackers, vastly increasing the number of potential attackers, attacks, […] | |||
|
2017-04-12 13:00:35 | Survey: Enterprise security pros doubtful they can prevent mobile breaches (lien direct) | At least once a week – usually after pounding on my iPhone to access a business document, texting a family member, and calling a colleague on another continent, all in a matter of minutes – I'm reminded how complete the shift to mobile computing has been. It's hard imagining what it was like working without […] | |||
|
2017-04-10 13:15:15 | CRN Gives Check Point\'s Star Partner Program 5 Stars (lien direct) | For the school kids in our neighborhood, getting a gold star from the teacher is a pretty big deal. Despite providing the world's toughest cyber security, we're still big kids at heart when it comes to receiving great recognition for stellar performance. This is why we are pretty stoked that CRN's Partner Program Guide has […] | |||
|
2017-04-10 13:00:35 | Stranger things: Securing your network in the upside down world of SDx (lien direct) | The smash hit Netflix series 'Stranger Things' centers around the mysterious disappearance of residents of Hawkins, Indiana. Those who vanish find themselves in a frightening, parallel nether-world called the 'Upside Down', where things are not exactly as they seem. For some organizations, moving from physical hardware-based networks to SDx public or private clouds can feel […] | |||
|
2017-04-06 21:09:46 | The latest findings on Chrysaor (Pegasus for Android) are even more stealthy (lien direct) | Earlier this week Google published a research about a new sophisticated spyware tool for Android, believed to be related to the Pegasus malware for iOS, which was discovered in August 2016. As Google wrote in their blog, the malware was most likely created by the authors of Pegasus – the NSO group, and shares many […] | |||
|
2017-04-03 16:59:11 | Stopping Your Staff from Raining Data from the Cloud (lien direct) | No matter what your company's official position is on the use of cloud services, your employees absolutely depend on them as part of their day-to-day work. The problem: the services they tend to use usually aren't the ones you want them to use. A 2015 study of cloud usage found that employees were using 15 […] | |||
|
2017-03-27 16:50:05 | Best-of-breed security for hybrid clouds (lien direct) | Wouldn't it be great if you could make a fresh start with your organization's IT infrastructure? Unfortunately, unless you're a start-up, most enterprises don't have the luxury of starting with a clean slate. Instead, the majority of us have to make the most of a hybrid of legacy apps and existing investments with new cloud […] | |||
|
2017-03-23 15:10:13 | Google\'s annual Android security report illustrates Check Point\'s dominance in mobile threat defense research (lien direct) | Google published its annual security report yesterday for the Android ecosystem. The report includes many commendable efforts by Google to improve the security of users, and fight back against the raging surge of malware. One of the major actions Google has introduced this year was working alongside security vendors to eradicate malware from the ecosystem, […] | |||
|
2017-03-22 15:00:08 | Ransomware– Not Only File Encryption (lien direct) | Ransomware is an ever-increasing threat worldwide, claiming new victims on a regular basis with no end in sight. While most ransomware families prevent the victims from accessing their documents, pictures, databases and other files by encrypting them and offering a decryption key in return for a ransom payment, others use different, but no less creative […] | |||
|
2017-03-21 13:00:03 | Swearing Trojan Continues to Rage, Even After Authors\' Arrest (lien direct) | Researchers with Tencent Security recently disclosed details about Swearing Trojan, a mobile banking malware that attacked users in China. Swearing Trojan's name comes from Chinese swear words found inside the malware's code. The malware infected a wide spread of Android users in China, stealing their bank credentials and other sensitive personal information. Similar to mobile […] | |||
|
2017-03-20 13:00:19 | Get off my (private) cloud (lien direct) | As enterprises transform their physical data centers to private and hybrid cloud models, how should they secure these new environments, keeping threats and attackers off their cloud? A new era of virtualization, automation and Anything-as-a-Service (XaaS) is being ushered in at a blistering pace, driving greater efficiencies and cost savings while dramatically changing the way […] | |||
|
2017-03-15 13:00:20 | Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram Accounts (lien direct) | One of the most concerning revelations arising from the recent WikiLeaks publication is the possibility that government organizations can compromise WhatsApp, Telegram and other end-to-end encrypted chat applications. While this has yet to be proven, many end-users are concerned as WhatsApp and Telegram use end-to-end encryption to guarantee user privacy. This encryption is designed to […] | |||
|
2017-03-14 13:00:04 | Merry X-Mas Ransomware Decryption Tool (lien direct) | Merry X-Mas is a ransomware that was first spotted in the wild on January 3, 2017. Upon successful infection, the ransomware encrypts victims' files and presents a “Merry Christmas†ransom note with a holiday-themed design and a demand for payment to regain access to the files. The malware was first distributed through a spam campaign […] | |||
|
2017-03-13 13:00:00 | Hancitor Makes First Appearance in Top Five \'Most Wanted\' Malware in Check Point\'s February Global Threat Impact Index (lien direct) | Hancitor has surged into the top five of our 'most wanted' malware families worldwide for the first time, according to the new February Global Threat Impact Index from our Threat Intelligence Research Team. The downloader, which installs malicious payloads such as Banking Trojans and ransomware on infected machines, climbed 22 places after more than tripling […] | |||
|
2017-03-10 22:47:36 | Three Key Takeaways from WikiLeaks\' Release of CIA Documents (lien direct) | The latest revelations by WikiLeaks, collectively called the “Vault 7 Leakâ€, have caused quite a commotion in the security world, reinvigorating myths that were previously viewed as theoretical. There are already several lessons to be learned from WikiLeaks' most recent data dump, and we offer you three top takeaways from the initial document disclosure. […] | |||
|
2017-03-10 14:33:09 | (Déjà vu) Preinstalled Malware Targeting Mobile Users (lien direct) | The Check Point Mobile Threat Prevention has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the […] | |||
|
2017-03-08 14:00:49 | The Skinner adware rears its ugly head on Google Play (lien direct) | A new member of the ever growing adware-found-on-Google-Play-list has been found. Previous members include Viking Horde, DressCode and CallJam, among many others. The malware, dubbed “Skinner”, was embedded inside an app which provides game related features. The app was downloaded by over 10,000 users, and managed to hide on Google Play for over two months. […] | |||
|
2017-03-08 00:23:52 | Check Point Comments on Recent Advanced Threats (lien direct) | Today's publication by WikiLeaks shows how advanced hacking techniques, including extremely sophisticated exploit tools, are more readily available than you'd think; they're available to everyone, including governments. These tools provide new surveillance capabilities allowing them to hack into enterprise and military networks, smartphones, tablets and even IoT devices such as Smart TVs. Check Point researchers […] | |||
|
2017-03-07 19:22:24 | Introducing Check Point vSEC for Google Cloud Platform (lien direct) | Cloud Security Puzzle – Solved! If you are deploying workloads (like web servers) or migrating back office apps into Google Cloud Platform (GCP), you will be happy to know that you can now do it securely in a turn-key way without sacrificing the agility & business elasticity provided by GCP. Check Point's vSEC cloud security […] | |||
|
2017-03-07 18:45:42 | Choice, Flexibility and Advanced Security – Now with Google Cloud Platform (lien direct) | As a general rule of thumb, it has been a long accepted strategy in IT to avoid vendor lock in, or trusting too much in a single equipment provider that you get stuck because changing to another vendor would be too costly or inconvenient. This is especially true with public cloud providers, and fear of […] | |||
|
2017-03-07 00:09:47 | Check Point Software Continues Impressive Run on Industry Recognition by Joining CRN 2017 Security 100 Elite Vendors (lien direct) | These past few months have seen great momentum for Check Point. The CRN 2017 Security 100 List was just released and Check Point tops the list as one of the 25 Coolest Network Security Vendors in the Network Security category. CRN publishes this list every year to help channel businesses find the vendor that provides “the perfect […] | |||
|
2017-03-02 18:10:54 | Check Point Honored as Coolest Cloud Security Vendor by CRN (lien direct) | We are very excited to announce today that CRN has named Check Point to its 100 Coolest Cloud Computing Vendors of 2017 list. This annual lineup recognizes the most innovative cloud technology suppliers in each of five categories: infrastructure, platforms and development, security, storage and software. Check Point is recognized as a cool vendor in […] | |||
|
2017-03-01 14:00:03 | Check Point R80 Just Made Neopharm\'s Security Management Simpler (lien direct) | It's becoming more challenging than ever to manage security across expanding networks, new technologies, and with growing business requirements. With the risk posed by modern threats, security teams need far more agility and visibility to efficiently manage it all. The Neopharm Group found what it needed-clear visibility, management efficiency and a way to reduce operational […] |
To see everything:
Our RSS (filtrered)
