What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2015-09-22 12:32:33 | Check Point and AirWatch Partner to Secure the Future of the Mobile Enterprise (lien direct) | As cyberthreats become more sophisticated, it’s important to have a comprehensive mobile security strategy that ties into your broader security infrastructure. That strategy should include solutions that are easy to deploy, simple to manage, and transparent to the end user in order to achieve greater success and to maximize security. To help customers achieve that […] | |||
|
2015-09-21 19:56:32 | XCodeGhost: The First Wide-Scale Attack on iOS Apps Arrives (lien direct) | XcodeGhost is a compromised version of the iOS developer platform, Xcode. This unofficial version of Xcode was altered so that it injects malicious code into any app that was developed and compiled using it. How can an attacker use XcodeGhost? Infected apps are capable of receiving commands from the attacker through the server to perform […] | |||
|
2015-09-21 14:51:12 | BrainTest – A New Level of Sophistication in Mobile Malware (lien direct) | Check Point Mobile Threat Prevention has detected two instances of a mobile malware variant infecting multiple devices within the Check Point customer base. The malware, packaged within an Android game app called BrainTest, had been published to Google Play twice. Each instance had between 100,000 and 500,000 downloads according to Google Play statistics, reaching an […] | |||
|
2015-09-15 15:27:27 | (Déjà vu) Finding Vulnerabilities in Core WordPress: A Bug Hunter\'s Trilogy, Part III – Ultimatum (lien direct) | In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only 'Subscriber' user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS attacks on […] | Guideline | ||
|
2015-09-14 17:51:37 | The Problem with Traditional Sandboxing (lien direct) | Hackers have come to recognize and understand the usual methods of threat prevention, like antivirus, anti-bot and firewalls. While these are essential elements in a comprehensive security program, today's advanced hackers use their knowledge and insight to design malware and attacks capable of evading detection by these traditional methods. According to the Check Point 2015 […] | |||
|
2015-09-10 21:25:27 | Check Point IPS Protects Against Zero-Day Vulnerability in FireEye Appliances (lien direct) | On September 6th, researcher Kristian Erik Hermansen publically disclosed a zero-day vulnerability in FireEye appliances. This vulnerability impacts customers running HX 2.1.x and DMZ 2.1.x versions of the FireEye HX endpoint security platform, and appears to be concentrated in a PHP script on the appliance itself. If exploited, this vulnerability could lead to unauthorized remote […] | Guideline | ||
|
2015-09-10 14:08:58 | Analysis of the Sality Gambling Campaign (lien direct) | Check Point has a wide and global install base, from which we receive anonymized logs of millions of security incidents per day. At the end of July, one of our anomaly detection algorithms found the following domains in logs from approximately 15% of our sensors in Vietnam: blindzone.ivyro.net argentinaenimagenes.com imou.wz.cz burakcay.com All four of […] | |||
|
2015-09-09 18:02:34 | The Sandbox Evolved: An Advanced Solution to Defeat the Unknown (lien direct) | The modern threat landscape is one of constant evolution. Everything is changing before our eyes – the types of security threats we face, and especially the methods cybercriminals use to infiltrate networks and confiscate data. These new, ever-changing threats have become very complex, bringing new risks and uncertainties. Typically, signature-based protection like antivirus (AV) and […] | |||
|
2015-09-08 13:47:39 | WhatsApp “MaliciousCard†Vulnerabilities Allowed Attackers to Compromise Hundreds of Millions of WhatsApp Users (lien direct) | Introduction WhatsApp Web is a web-based extension of the WhatsApp application on your phone. The web application mirrors all messages sent and received, and fully synchronize your phone and your desktop computer so that users can see all messages on both devices. WhatsApp Web is available for most WhatsApp supported platforms, including Android, iPhone (iOS), Windows Phone […] | |||
|
2015-09-02 13:30:15 | Introducing Check Point SandBlast Zero-Day Protection (lien direct) | Cyber threats are continuing to evolve, and hackers are finding new ways to hide malware inside emailed documents, on websites as “drive by†exploits or in downloadable content. Many attacks begin by exploiting known vulnerabilities and modifying malware to have unrecognizable signatures to evade traditional security measures. By creating these new, unknown variants, hackers aim […] | |||
|
2015-08-31 13:02:11 | Global XMPP Android Ransomware Campaign Hits Tens of Thousands of Devices (lien direct) | Introduction Ransomware has been a well-known method of attack in the PC world for quite some time. Many PC-based ransomware variants have been thoroughly covered and their malicious payloads described by security researchers. In the past few years, however, a new breed of ransomware has appeared. This time, the target platforms are no longer workstations, […] | |||
|
2015-08-27 14:40:07 | Leadership, Validation, Innovation and Continuous Improvement (lien direct) | From 1,300 known viruses in 1997 to over 100,000 new malware variants created each day in today's world, the business of threats has become an industry operating at a dizzying velocity. Combatting today's industrial production of threats requires a unified, multi-layer threat prevention solution with an integrated sandbox. A multilayer solution makes it more difficult […] | |||
|
2015-08-25 13:20:31 | Certifi-gate Found in the Wild on Google Play (lien direct) | New Insights on the Extent, Exploitation, and Mitigation of This New Threat Three weeks ago, Check Point publicly disclosed Certifi-gate, a new vulnerability on Android. Using anonymous data collected from the Certifi-gate scanner, an app that tells users if their devices are vulnerable, Check Point uncovered some startling new information: An instance of Certifi-gate was […] | |||
|
2015-08-18 13:30:47 | JavaScript Hooking as a Malicious Website Research Tool (lien direct) | One of the top Internet threats today is drive-by download attacks which originate from exploits kits, hacked websites, spam campaigns and more. As browsers are the main tool for navigating the web, the main attack vectors are browser vulnerabilities, plugin and extension vulnerabilities, as well as some OS vulnerabilities. We have been playing with […] | |||
|
2015-08-17 13:55:10 | What You Can (and Can\'t) Do Against Ransomware (lien direct) | It happens very quickly: one moment your files are there, and the next they’re not. All you did was download some “useful†software, or run an email attachment that you got from a colleague. The next thing you know, all your files have had their extensions changed to something nonsensical, and their contents have been […] | |||
|
2015-08-12 17:51:48 | SSH Decryption Opens Door to Very Old Security Vectors (lien direct) | Secure Shell, or SSH, is a cryptographic (encrypted) network protocol for initiating text-based shell sessions on remote machines in a secure way. SSH uses the client-server model with public host key fingerprints in order to prevent MiTM (Man in The Middle) attacks. Cybercriminal usage It's very common for hackers to use SSH in order […] | |||
|
2015-08-11 18:46:37 | (Déjà vu) Finding Vulnerabilities in Core WordPress: A Bug Hunter\'s Trilogy, Part II – Supremacy (lien direct) | In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only 'Subscriber' user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS […] | Guideline | ||
|
2015-08-10 15:02:44 | An Update on the Stagefright Vulnerability (lien direct) | What is Stagefright? Stagefright is a vulnerability in the Android media library that allows attackers to send a multimedia text messages that enable them to steal information off of a device. How can an attacker use Stagefright? Using a victim's phone number, an attacker only has to send the malware-infected multimedia file to a device […] | |||
|
2015-08-06 16:46:02 | Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned (lien direct) | (This post was edited to include additional remediation advice on August 10, 2015.) Check Point today released details about Certifi-gate, a previously unknown vulnerability in the architecture of popular mobile Remote Support Tools (RSTs) used by virtually every Android device manufacturer and network service provider. The Check Point mobile threat research team disclosed its findings […] | |||
|
2015-08-06 13:30:28 | Introducing Check Point Mobile Threat Prevention (lien direct) | [Click here to learn more about today’s Certifi-gate Threat Advisory.] Introducing Check Point Mobile Threat Prevention We're more mobile than we've ever been, so it's no surprise that smartphones and tablets aren't our second screens, they're our first. These devices move massive amounts of data around the clock and around the world, and while some […] | |||
|
2015-08-05 14:24:41 | Threat Alert: BIND DNS Server TKEY Vulnerability (lien direct) | Recent Bind9 Vulnerability could be used to shut down large parts of the Internet  The Check Point Incident Response Team (CPIRT) has received numerous reports of automated scans across the internet attempting to exploit the recently released BINDS DNS TKEY Vulnerability (CVE-2015-5477). This vulnerability allows a denial of service attack (DoS) against BIND DNS […] | |||
|
2015-08-04 13:30:05 | Finding Vulnerabilities in Core WordPress: A Bug Hunter\'s Trilogy, Part I (lien direct) | In this series of blog posts, Check Point vulnerability researcher Netanel Rubin tells a story in three acts – describing his long path of discovered flaws and vulnerabilities in core WordPress, leading him from a read-only 'Subscriber' user, through creating, editing and deleting posts, and all the way to performing SQL injection and persistent XSS […] | Guideline | ||
|
2015-07-30 15:00:55 | Check Point to Uncover Certifi-gate, A New Android Threat, at Black Hat USA 2015 (lien direct) | Check Point to Uncover A New Threat to Millions of Android Devices Seizing control of and stealing information from Android devices is nothing new for sophisticated hackers. But what if the vulnerabilities they depend on were being made available by those you trust most to protect your privacy and sensitive data? Join Check Point researchers […] | |||
|
2015-07-26 23:00:10 | Current Wave of Ransomware (lien direct) | Today, ransomware like Cryptolocker is hitting organizations around the globe. At Check Point, we can help prevent these ransomware attacks through a multi-layered approach to security. The current round of ransomware is coming in through two different methods: via malicious ads and via phishing links in e-mail. A common thread amongst both these methods of […] | |||
|
2015-07-21 17:10:05 | One Click Office Exploit – Introducing the Office Exploit Builder (lien direct) | A new threat called “office exploit builder†allows attackers to generate stealth MS Office files (Word & Excel formats) with macros to download and execute malicious code on a victim's machine. Cybercriminals are increasingly using this “office exploit builder†and similar exploit builders. As a launching pad for attacks, these methods have proven successful […] | |||
|
2015-07-21 16:42:10 | SwiftKey Leaves Samsung Devices Susceptible to Cybercrime (lien direct) | A vulnerability in the SwiftKey virtual keyboard pre-installed on the Samsung Galaxy S4 Mini, S4, S5 and S6 could let hackers take complete control of these devices, researchers discovered recently. This is because the keyboard, which is designed to accept and install language updates via HTTP (and not HTTPS) fails to properly validate the file, […] | |||
|
2015-07-16 18:07:18 | Some Lessons from the Hacking Team Breach (lien direct) | Reactions to the breach at Hacking Team, as described in Steve Ragan's recent blog post, have ranged from shock that a security company could be so deeply exposed to glee at these surveillance specialists getting a taste of their own medicine. The data exposed in the breach, as well as the breach itself, are […] | |||
|
2015-07-13 15:27:10 | Threat Alert: OPM Tools (lien direct) | EXECUTIVE SUMMARY -The breach in the U.S. Office of Personnel Management (OPM) had compromised the personal information of millions of Americans. -There were two attacks by suspected Chinese hackers on personnel data and applications for security clearances. -The massive data breach is now believed to have affected well over 10 million separate users. -This alert […] | |||
|
2015-07-10 18:18:03 | Adware or APT – SnapPea Downloader – An Android Malware that implements 12 different exploits (lien direct) | On June 4th 2015, Check Point discovered multiple instances of a sophisticated mobile malware campaign. The malware was previously inaccurately categorized as part of simple Adware campaign rather than the relatively advanced threat it actually is. Subsequent research by our mobile security specialists has found that the campaign consists of a set of malicious applications […] | |||
|
2015-07-09 14:26:28 | Check Point Threat Alert: Hacking Team (lien direct) | EXECUTIVE SUMMARY Hacking Team is an Italian company that provides security services and tools to governments and law enforcement organizations. The company experienced a data breach on Monday, July 6th, resulting in 400 GB of its documents being leaked. Source code stolen from Hacking Team has revealed new zero day vulnerabilities in […] | |||
|
2015-07-08 15:00:31 | Stopping the Next Massive Cyberattack: 5 Steps to Stronger Security (lien direct) | The aftershocks of the 2014 breaches are still reverberating across the security landscape, and many organizations are starting to examine their own security programs, wondering how they can avoid becoming the next big breach story. It's possible to prevent and mitigate future attacks, but that can't happen relying on technology alone. By recognizing secure operations […] | |||
|
2015-07-07 14:00:18 | Who Really Controls Your Online Store? (lien direct) | Check Point researchers Avi Gimpel, Liad Mizrachi and Oded Vanunu recently discovered critical vulnerabilities in the osCommerce platform. These vulnerabilities can lead to a full system compromise, with an outside agent gaining control over the osCommerce administration panel and access to the data of the platform stores' members and customers. These vulnerabilities affect over 260,000 […] | Guideline | ||
|
2015-07-06 15:00:29 | Crime Marches On (lien direct) | What a long way we've come since the days of simply relying on firewalls. Just as threats have evolved-from an attack called Morris Worm to an attack called POODLE-so have the strategies and tools for both hackers and businesses, as the cyberwar rages on. When you look at the rate at which new malware is […] | |||
|
2015-07-02 19:54:00 | Matsnu: A Deep Dive (lien direct) | Check Point researcher Stanislav Skuratovich recently analyzed a malware called “Matsnuâ€, an x86 infector that acts as a backdoor after it infiltrates a computer system. This malware is able to upload and execute any code on the infected system. This uploaded code could potentially encrypt files on disc or steal sensitive data. The malware author(s) […] | |||
|
2015-06-30 16:22:47 | Stopping the Next Massive Cyberattack – Step 5: Incident Response Plans (lien direct) | The Do's and Don’ts of a Strong Incident Response Plan Check Point's 2015 Security Report revealed that 81% of organizations said they experienced a data loss incident in the previous year. If there's one conclusion we can draw from that, it's that preparing a strong incident response (IR) plan is more critical than ever. […] | |||
|
2015-06-26 16:51:08 | Microsoft Word Intruder RTF Sample Analysis (lien direct) | Background Check Point researchers obtained a sample of a malicious Word document that was used in an attack attempt against one of our customers. The sample itself is a Rich Text Format (RTF) file with a .DOC extension. Recently, there has been a resurgence of the trend to use malicious macro code inside office documents. However, […] | |||
|
2015-06-19 17:33:42 | Zero-Day Flaw Victimizes Apple iOS and OSX Apps (lien direct) | Researchers this week disclosed zero-day flaws in Apple's iOS and OSX operating systems that allowed them to raid password keychains, crack secure containers, and circumvent Apple App Store security checks. The group of six researchers from Indiana University, Peking University and Georgia Institute of Technology claims that almost 90% of the over 1,600 OSX apps […] | |||
|
2015-06-18 15:30:10 | Stopping the Next Massive Cyberattack – Step 4: Monitor (lien direct) | With the rise of cyber threats, ensuring your organization is protected against malicious attacks requires constant awareness and visibility into the network's security infrastructure. Monitoring network activity is essential to strengthening an organization's defense against cyberattacks, as it will allow the administrator to observe network and security performance while detecting any problems or failures that […] | |||
|
2015-06-16 17:56:55 | Check Point 2015 Security Report Paints a Picture of the Threat Landscape-And it\'s Not Pretty (lien direct) | This month, Check Point released its annual security report-a trove of statistics and trends culled from collaborative research and in-depth analysis of more than 300,000 hours of monitored network traffic, from more than 16,000 Threat Prevention gateways and one million smartphones. The bottom line, to state the obvious: Things are getting worse out there. Hackers […] | |||
|
2015-06-10 12:00:11 | Critical Infrastructure is at Risk! (lien direct) | Almost all of today's modern conveniences, such as electricity, transportation, water systems, and manufactured products, are managed by industrial control systems (ICS). Many of these systems are considered to be critical infrastructure and operate as the backbone of a nation’s economy, security and health. An attack on these systems and networks has the potential to […] | |||
|
2015-06-09 14:04:37 | New Data: Volatile Cedar Malware Campaign (lien direct) | At the end of March, we published a blog post and a whitepaper about a cyber-espionage campaign dubbed “Volatile Cedar.†This campaign has successfully penetrated targets world-wide, using a variety of attack techniques, in particular, a custom-made malware implant codenamed Explosive. Let’s recap what we know: The Campaign: The Volatile […] | |||
|
2015-06-03 20:33:33 | Stopping the Next Massive Cyberattack – Step 3: Implement Security Controls (lien direct) | After assessing network strengths and weaknesses and building a properly segmented network, the next step to stronger security is to implement security controls. Cybercriminals are using sophisticated methods to attack specific targets and steal valuable information. The only defense against these attacks is an equally advanced security system where multiple layers work together to identify, […] | |||
|
2015-06-02 19:59:24 | New Vulnerabilities Discovered In WordPress (lien direct) | Not Just Another Broken Link… Introduction Check Point researcher Dikla Barda recently discovered critical vulnerabilities in two widely used WordPress plugins: the Broken Link Checker and the Download Manager. These vulnerabilities allow: Access to private data by unauthenticated users via Path Traversal. Execution of malicious code and theft of user sessions via a […] | |||
|
2015-05-27 17:36:39 | CapTipper – Malicious HTTP Traffic Explorer (lien direct) | The Problem  In recent years, the Internet has experienced a large number of “drive-by†attacks, mostly by exploit kits. Exploit kits are a type of malicious toolkit which exploit security holes, such as insecure or outdated software applications, for the purpose of spreading malware. When a victim visits a website whose server has been […] | ★★★★ | ||
|
2015-05-22 20:48:40 | Stopping the Next Massive Cyberattack – Step 2: Segmentation (lien direct) | When it comes to cybersecurity, conducting a thorough assessment of your current environment to identify potential weaknesses in your security network is only the first step toward a stronger security infrastructure. The next step is to segment the network. Segmentation is the process of separating a network into multiple sections, or segments, to better protect information […] | ★★★★★ | ||
|
2015-05-22 16:47:26 | (Déjà vu) Safari Bugs Buzzing, South Korea Spie on Teens, Apple Watch Time Out – Mobile Security Weekly (lien direct) | The post Safari Bugs Buzzing, South Korea Spie on Teens, Apple Watch Time Out – Mobile Security Weekly | ★★ | ||
|
2015-05-20 19:02:54 | Check Point Threat Alert: Logjam (lien direct) | Executive Summary A major flaw was discovered with SSL and was named “Logjam”. The flaw affects a number of fundamental web protocols. 8.4% of the Top 1 Million domains were initially vulnerable. SK106147 – Check Point Response to Logjam Vulnerability. DESCRIPTION The vulnerability affects an algorithm called the “Diffie-Hellman key exchange” which allows protocols […] | |||
|
2015-05-20 15:49:51 | Storm Kit – Changing the rules of the DDoS attack (lien direct) | Background Distributed denial of service (DDoS) is one of the most commonly used cybercriminal methods. It's easy, cheap and difficult to trace, and “service providers†can be found throughout the “dark†Web. As a result, the impact on e-commerce and other online business can be tremendous. According to a recent survey by Neustar, a DDoS […] | |||
|
2015-05-14 16:00:55 | Analysis of the Havij SQL Injection tool (lien direct) | Havij, an automatic SQL Injection tool, is distributed by ITSecTeam, an Iranian security company. The name Havij means “carrotâ€, which is the tool's icon. The tool is designed with a user-friendly GUI that makes it easy for an operator to retrieve the desired data. Such ease of use may be the reason behind the transition […] | |||
|
2015-05-12 19:17:20 | The 1st Step to Stopping the Next Massive Cyberattack: Assess (lien direct) | Given the ever-increasing sophistication of cybercrime methods, organizations must employ advanced assessment tools and practices to reduce or eliminate security gaps. The first step to a successful security posture is to know what your current security network looks like. It's hard to strengthen a security foundation when you don't know where the weaknesses are. […] |
To see everything:
Our RSS (filtrered)
