What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-06-24 16:00:54 | Effective Security Management in a Software Defined World (lien direct) | Software defined infrastructure (SDx) along with use of private and public clouds completely transforms the way IT departments manage enterprise data centers and workloads. Automation is a key component of software defined networking (SDN), bringing network, server, security management and other IT functions or teams together. In the past when organizations deployed new applications, the application […] | |||
|
2016-06-23 13:00:27 | The Infamous Nuclear Exploit Kit Shuts Down (lien direct) | In a seeming response to the recent Check Point investigative report, the Nuclear Exploit Kit shut down its entire infrastructure and ceased operation. Background The Nuclear Exploit Kit, one of the largest attack infrastructures observed in the wild today, was recently the subject of a thorough investigation conducted by the Check Point Threat Intelligence and […] | |||
|
2016-06-22 16:24:33 | Intel Spot On with CET (lien direct) | Intel has recently published a specification for a new technology meant to detect and block malware at the processor level. The technology, developed with the help of Microsoft, is called Control-flow Enforcement Technology (CET), and its main purpose is to prevent any attempt to use Return-Oriented Programming (ROP) or Jump-Oriented Programming (JOP) for exploits. This […] | |||
|
2016-06-20 13:00:58 | Cerber Ransomware Targets U.S., Turkey and the UK in Two Waves (lien direct) | New ransomware families appear on a regular basis, each with a different method of operation. The Cerber ransomware, which has a sophisticated implementation process, uses a very interesting tactic in its attacks. It operates in surges with relatively low activity in between them. We have detected two such spikes in Cerber's activity, the first in […] | |||
|
2016-06-17 16:45:03 | Tales from the Trenches: Modern Malware Requires Modern Investigation Techniques (lien direct) | The Check Point Incidence Response team was called in to assist a company who suffered a severe breach in their network, which was not previously protected by Check Point's advanced protections. The team began to investigate and was extremely impressed by the malware's tactics and sophisticated evasion techniques. The malware's evasive nature required the team […] | |||
|
2016-06-17 15:23:37 | In The Wild: Mobile Malware Implements New Features (lien direct) | Malware developers just won't stand still. They continue developing malware as they go, sometimes to adapt to the changing threat landscape, and sometimes simply to improve their capabilities. Recently, two examples of such advancements presented themselves, one in Triada's code and one in Viking Horde's. Triada's Trident is Getting Stronger As if the original malware […] | |||
|
2016-06-15 15:00:37 | Trust No One – A Cyberworld Survival Guide (lien direct) | Cybercriminals are professional scammers; their specialty is tricking users into helping them achieve their malicious goals. Attackers use many different tactics, including spam, phishing emails, and fake ads. In each case, the unsuspecting user plays an active role in his own victimization when he clicks a link or opens an attachment. Recently, an unconventional campaign […] | |||
|
2016-06-08 16:51:11 | Hack In The Box: Mobile Attackers Are Listening In (lien direct) | While most mobile attacks require some level of interaction with the user, Man-in-The-Middle (MiTM) attacks can achieve their goal without the user ever knowing they occurred. This type of attacks allows attackers to eavesdrop, intercept and alter traffic between your device and any other counterpart. There are several ways by which hackers can execute such […] | |||
|
2016-06-07 07:01:21 | (Déjà vu) FACEBOOK MaliciousChat (lien direct) | Check Point disclosed details about a vulnerability found in Facebook Messenger, both in the online and mobile application. Following Check Point's responsible disclosure, Facebook promptly fixed the vulnerability. What is this vulnerability? The vulnerability allows a malicious user to change a conversation thread in the Facebook Online Chat & Messenger App. By abusing this vulnerability, […] | |||
|
2016-06-06 13:00:23 | Zcrypt: The Ransomware Virus Hybrid (lien direct) | A recent piece of ransomware has emerged that is causing quite the stir. The reason – it is in fact a virus and can infect users even through USB devices. The technology itself is not new, but when implemented by ransomware the results could be severe. Given this, now is a good time for people […] | |||
|
2016-06-03 16:21:04 | In The Wild: Never a Dull Moment with Mobile Malware (lien direct) | Mobile malware learns fast. Every time new security measures come along, malware somehow manages to find a way to overcome them. This week we bring you such a story, with further details about Viking Horde, a botnet found by Check Point on Google Play. The malware is capable of bypassing even Android's latest OS security […] | |||
|
2016-06-01 15:47:49 | Hack In The Box: Mobile Malware Goes In For The Kill (lien direct) | For attackers, installing a Trojan on your mobile device is the best way to attack it. Mobile malware provides attackers with a full arsenal of capabilities they can use to conduct several types of attacks including surveillance, info-stealing, ransomware, fraud, and much more. Surveillance malware, for instance, can track location, extract call logs, files, and […] | |||
|
2016-05-29 19:00:53 | OEMs Have Flaws Too: Exposing Two New LG Vulnerabilities (lien direct) | Check Point disclosed today two vulnerabilities (CVE-2016-3117, CVE-2016-2035) which can be used to elevate privileges on LG mobile devices to attack them remotely at the LayerOne 2016 conference in Los Angeles. LG issued fixes for both vulnerabilities which Check Point made LG aware of before disclosing them publicly. These vulnerabilities are unique to LG devices which […] | |||
|
2016-05-27 17:16:35 | Check Point Named a Leader in the 2016 Gartner Magic Quadrant for Enterprise Network Firewalls (lien direct) | Today's enterprise networks are more complex than ever. Cloud computing, floods of connected devices and highly mobile workforces put a ton of pressure on security teams to keep networks and data protected. At the same time, the tools and techniques used by cybercriminals to target enterprise data continues to rapidly evolve. When reflecting on the […] | |||
|
2016-05-27 14:00:25 | Attacks on SMB are a sure thing, according to the latest Verizon report (lien direct) | It's not surprising that small businesses are much more vulnerable to cyberattacks vs. large enterprises. The 2016 Data Breach Investigations Report reveals just how much (Check Point contributed to the report). The report covers a large number of SMBs. 521 small businesses were surveyed and 447 confirmed they suffered a security breach with data loss […] | |||
|
2016-05-27 13:00:42 | CryptXXX Ransomware: Simple, Evasive, Effective (lien direct) | CryptXXX emerged a few weeks ago and it's been sneaky! It's most impressive feature is the simplicity of its evasion techniques, which are giving it an advantage over most security systems. This has resulted in a very low detection rate for new samples and a high success rate on the malware's part. According to the […] | |||
|
2016-05-26 13:00:16 | Spam-Riding Dropper Packs a One-Two Ransomware, Adware Punch (lien direct) | The Most Trusty Attack Vector Shady random strangers on the internet often have an uncanny ability to make you believe that you should have expected to hear from them. You may be savvy enough to brush off the 'Nigerian Prince in Distress' and the 'Thousands of Hot Singles in Your Area Waiting to Meet You' […] | |||
|
2016-05-25 23:20:09 | Weaponized WordPress Tools (lien direct) | WordPress is a free, open source content management system (CMS) for creating websites, and is considered to be the most popular blogging system in use. WordPress’ appeal to website developers stems from its free plugins and themes that are easily installed over the basic platform. These add-ons allow WordPress users to personalize and expand their websites and blogs. […] | |||
|
2016-05-25 16:57:39 | Hack In The Box: Malware Disguises Itself To Infiltrate Your Device (lien direct) | No user would intentionally allow malware onto a mobile device, so it's obvious why malicious apps disguise themselves to trick users into inviting them in. In many cases, malware tries to persuade the user into going even further by asking for various permissions that can enable malicious actions. Malware tries to do as much damage […] | |||
|
2016-05-24 19:00:26 | TeslaCrypt Ransomware Shuts Down: One Down, Plenty to Go (lien direct) | In a surprising turn of events, the creators of the notorious TeslaCrypt ransomware shut down their operation and revealed the master key for decrypting all files. They even said they are sorry, as displayed in the image below. Figure 1: TeslaCrypt Shut Down Message The motive behind this step remains unclear. The attackers could […] | Tesla | ||
|
2016-05-24 13:00:58 | The Scripting Threat: How Admin Tools Became Dominant in the Malware Attack Lifecycle (lien direct) | Malware have increasingly adopted scripts as a major technique, replacing file-based execution. This transition took place mainly to avoid signature-based detection employed by many security vendors. To understand how this is achieved, one must first understand what scripting really is. Scripting languages are programs that support automated execution of tasks, which could be executed manually […] | |||
|
2016-05-20 19:00:50 | In The Wild: Malware in Google Play is as Prevalent and Pesky as Ever (lien direct) | Not a week passes without new malware found on Google Play and this week was no different. Among the malware found are both new and old samples, including a known malicious banker and a new type of malware making its first appearance on Google Play. Also, Google has patched more vulnerabilities, which is no coincidence […] | |||
|
2016-05-20 16:00:34 | Spear Phishing 2.0 Adds Social Engineering & VM Evasion (lien direct) | Spear phishing attacks are a rising threat faced by organizations. These well-planned attacks can deceive even the most cautious users. Unlike old-fashioned mass phishing attempts, these attacks are directed at specific individuals or companies and are tailor-made to fit their target. Used for a wide variety of reasons from stealing personal information or credentials to […] | |||
|
2016-05-19 15:00:00 | Everyday Malware Poses a Risk to Critical Infrastructure (lien direct) | Many people believe that only state-sponsored attacks can endanger critical infrastructure. They claim that such elaborate malware capable of targeting the inner workings of Industrial Control Systems (ICS) are not the work of simple hackers. This flawed perception completely disregards the fact that ICS can fall victim to the most banal malware – and in […] | |||
|
2016-05-18 15:52:35 | Hack In The Box: How Attackers Manipulate Root Access and Configuration Changes (lien direct) | Securing iOS and Android smartphones and tablets is still a relatively new concept. Taking control of a mobile device was once considered an unlikely threat because it was hard to do. However, malware has moved forward, making attacks a more imminent threat. One of the causes for this is malware's advances in attack capabilities. Technical […] | |||
|
2016-05-17 18:35:27 | Inside Nuclear\'s Core: Unraveling a Ransomware-as-a-Service Infrastructure (lien direct) | The Check Point Research team has uncovered the entire operation of one of the world's largest attack infrastructures. Exploit Kits are a major part of the Malware-as-a-Service industry, which facilitate the execution of ransomware and banking trojans, among others. Their creators rent them to cybercriminals who use them to attack unsuspecting users. Nuclear is one of the […] | |||
|
2016-05-17 14:00:53 | Introducing Check Point SandBlast™ Cloud (lien direct) | The increasing adoption of cloud-based email tools such as Microsoft Office 365™ allows businesses to efficiently communicate and collaborate, without investing resources in managing and maintaining their own dedicated IT infrastructure. However, the shift to cloud-based tools also brings with it an array of security risks, including sophisticated attacks like spear-phishing and ransomware that use […] | |||
|
2016-05-12 17:15:07 | The Notorious TeslaCrypt V3 Ransomware: A Comprehensive Analysis (lien direct) | As the current wave of ransomware rages on, one stands out in its ability to adapt: TeslaCrypt. Although it emerged only in 2015, we are currently witnessing the malware's third generation. Since its debut, it has transformed itself, fixing its flaws and vastly improving its ability to evade detection. It has also expanded its distribution […] | Tesla | ||
|
2016-05-12 16:53:08 | (Déjà vu) Hack In The Box: System Vulnerabilities Can Leave Mobile Devices Exposed (lien direct) | System vulnerabilities are a major threat facing users and enterprises today, and these need to be remedied thoughtfully. Since these vulnerabilities don't require social engineering schemes to become exposed, and because they have an alarmingly high success rate, they are also one of the easiest ways to attack Android and iOS devices. The constant release […] | |||
|
2016-05-09 19:00:30 | Viking Horde: A New Type of Android Malware on Google Play (lien direct) | The Check Point research team uncovered a new Android malware campaign on Google Play it calls Viking Horde. Viking Horde conducts ad fraud, but can also be used for other attack purposes such as DDoS attacks, spam messages, and more. At least five instances of Viking Horde managed to bypass Google Play malware scans so […] | |||
|
2016-05-06 18:24:23 | (Déjà vu) In The Wild: Mobile Malware Follows in the Steps of its PC Cousins (lien direct) | Mobile Security Observations from the Check Point Research Team Mobile malware is still a growing phenomenon and, in many cases, follows the lead set by predecessors in the PC world. This week the Check Point research team encountered different mobile malware that adopted techniques previously known only in the PC world. This is not a […] | Guideline | ||
|
2016-05-05 14:30:00 | The Unknown Threats Will Get You, Every Time (lien direct) | Craig Dunaway didn’t see it coming. His company, restaurant chain Penn Station, had done everything possible to secure its sensitive data and that of its customers. Even still, Dunaway, the president of Penn Station, would learn in 2012 about an unusual security breach. Malware secretly uploaded to Penn Station’s network had been stealing credit card […] | |||
|
2016-05-04 18:27:28 | Hacking Elections (lien direct) | There are many different motives for hacking an organization. Most attacks are categorized as cybercrime, and this involves credential theft, ransomware or any form of financially motivated attacks. Another form of cyber attacks are classified as cyber espionage and include state espionage and spouse tracking, for example. Cyber war is another motive for attacks, mostly […] | |||
|
2016-05-02 14:00:21 | A New Approach to Security (lien direct) | Changing with the times is frequently overlooked when it comes to data center security. Technology is becoming increasingly dynamic, but most data centers are still using archaic security measures to protect their network which isn't going to stand a chance against today's sophisticated attacks. Recent efforts to upgrade these massive security systems are still falling […] | |||
|
2016-04-29 15:02:54 | In The Wild: Breaking Mobile Security Paradigms… Again (lien direct) | Security researchers have shattered the mobile security paradigm once again. They've managed to bypass Android two-factor authentication, and iOS is proven vulnerable again both to exploits and malware. It has become very clear: traditional defenses are simply not enough. Users must implement advanced measures to stay safe. Two Factor Authentication Bypass: There’s No Place to Hide […] | |||
|
2016-04-28 15:05:35 | (Déjà vu) Marcher Marches On: The Anatomy of a Banker Malware (lien direct) | Not very often do we have the chance to observe the full flow of an attack. Usually, we can analyze the malware itself and, in some cases, we manage to identify the infiltration vector. But today we're laying out the full attack flow of the infamous Marcher mobile banker malware. Overview The Marcher banker malware […] | |||
|
2016-04-26 16:00:55 | Check Point Threat Alert: CryptXXX Ransomware (lien direct) | CryptXXX ransomware has been observed in the wild as of March 2016, delivered via the Angler Exploit Kit and spread through the Bedep trojan. The ransomware is demanding a $500 ransom to be paid in order to recover the encrypted files on a machine, and provides the victim the possibility to decrypt one file for […] | |||
|
2016-04-26 14:00:44 | Digging Deeper: How Ransomware and Malware use Microsoft Windows\' Known Binaries (lien direct) | Since Windows 7 is the most popular operating system (OS) among PCs, many malware choose to target it. Malware often do so by using Windows' very own artifacts. During 2015, Windows artifacts were increasingly abused for malicious operations. For attackers, this is an effective technique, since these artifacts are always present in a Windows environment. […] | |||
|
2016-04-25 15:00:27 | (Déjà vu) Android Security 2015 Year In Review: What Isn’t Google Telling You? (lien direct) | For the second year in a row, Google released its annual report which details “how Google Services protect the Android ecosystem.” On the surface, the Android Security 2015 Year In Review is a compelling argument for how Google's advances in mobile security give users greater confidence that Android can protect sensitive data on smartphones and tablets. […] | |||
|
2016-04-22 14:47:07 | (Déjà vu) In The Wild: Google Can\'t Close the Door on Android Malware (lien direct) | Mobile Security Observations from the Check Point Research Team After its presentations about “SideStepper” and trends in mobile attacks in BlackHat Asia, the Check Point mobile research team wasn't surprised to find that the trends it pointed out continue. Google Play has been infiltrated by malware yet again, and as our colleague Avi Bashan pointed […] | |||
|
2016-04-21 18:02:36 | Forrester Names Check Point a \'Leader\' in Automated Malware Analysis (lien direct) | Organizations are facing the latest variants of sophisticated malware every day, and it is evident that traditional solutions are no longer effective in detecting and stopping these new threats. At Check Point, we continuously strive to deliver advanced security solutions that protect businesses against known, unknown and zero-day attacks. That is why we are pleased […] | |||
|
2016-04-20 22:00:41 | Top 4 Ways Employees Compromise their Corporate Data via Cloud Services (lien direct) | Recent research by Gartner showed that “Through 2020, 95% of cloud security breaches will be the customer's fault.” Massive cloud adoption by enterprises has given rise to a shared responsibility approach in securing cloud usage, where the service provider undertakes the responsibility of the infrastructure and the customer takes responsibility of the users, content and […] | |||
|
2016-04-20 17:11:27 | Inside Nuclear\'s Core: Analyzing the Nuclear Exploit Kit Infrastructure (lien direct) | Malware use different methods to propagate. Exploit kits (EKs) have been one the most common platforms for infecting end-users in the past few years. While there are several different EKs out in the wild, there are a few that stand out. One of these is the Nuclear Exploit Kit, which was introduced in 2010. As […] | |||
|
2016-04-19 04:00:47 | Unleash the Power of Security for Businesses of All Sizes (lien direct) | When we introduced the 15000 and 23000 series appliances in January, giving our large enterprise and data center network customers a giant step ahead of cyber threats and malware, it raised a logical question: what about businesses of other sizes and their networks? After all, smaller organizations and branch offices are ripe targets for cybercriminals […] | |||
|
2016-04-15 18:36:33 | KOVTER RANSOMWARE – THE EVOLUTION: From Police Scareware to Click Frauds and then to Ransomware (lien direct) | In terms of cyber security research, the Kovter malware family is very interesting. A wide-spread malware found in different parts of the cyber landscape, Kovter underwent extensive changes both in its purpose and in the methods it uses. During 2013, Kovter acted as a police ransomware. In 2014 and 2015, it conducted “click fraud” attacks. […] | |||
|
2016-04-13 14:00:48 | The Next Battleground – Critical Infrastructure (lien direct) | Cyber threats have dramatically developed throughout the years. From simple worms to viruses, and finally to advanced Trojan horses and malware. But the forms of these threats are not the only things that have evolved. Attacks are targeting a wider range of platforms. They have moved from the PC to the Mobile world, and are […] | |||
|
2016-04-13 13:52:16 | Check Point Threat Alert: Badlock Vulnerability (lien direct) | EXECUTIVE SUMMARY An elevation-of-privilege vulnerability exists in Microsoft Windows and the Samba interoperability suite for Linux & UNIX. Attackers could launch a man-in-the-middle-attack and downgrade the authentication level of DCE/RPC channels, allowing them to impersonate authenticated users. Check Point's latest IPS update protects against this vulnerability with the “Microsoft Windows RPC Authentication Downgrade (MS16-047)” protection. […] | |||
|
2016-04-12 14:00:24 | New Technologies Pose New Threats (lien direct) | Technology has changed our lives for the better; there is no doubt about it. However, it also introduced various risks into them. In fact, this is one of the most interesting things about technology: its effect depends on the people behind it. Sadly, alongside inspiring figures who move technology, and the world forward, there is […] | |||
|
2016-04-11 18:59:58 | Decrypting the Petya Ransomware (lien direct) | Petya is a relatively new ransomware variant that first appeared on the cyber-crime scene at the beginning of 2016. While Petya doesn't have an impressive infection rate like other ransomware such as CryptoWall or TeslaCrypt, it was immediately flagged as the next step in ransomware evolution. Petya's developers were not content with merely encrypting all […] | Tesla | ||
|
2016-04-11 18:59:15 | New Locky Variant Implements Evasion Techniques (lien direct) | Following Check Point's recent discovery of a new communication scheme implemented by the Locky ransomware, our research teams decided to take a closer look at the inner workings of this new variant and map any new features it introduces. When Locky first appeared, we thoroughly analyzed its logic, like many other industry researchers. Our analysis […] |
To see everything:
Our RSS (filtrered)
