What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-04-11 18:59:58 | Decrypting the Petya Ransomware (lien direct) | Petya is a relatively new ransomware variant that first appeared on the cyber-crime scene at the beginning of 2016. While Petya doesn't have an impressive infection rate like other ransomware such as CryptoWall or TeslaCrypt, it was immediately flagged as the next step in ransomware evolution. Petya's developers were not content with merely encrypting all […] | Tesla | ||
|
2016-04-11 18:59:15 | New Locky Variant Implements Evasion Techniques (lien direct) | Following Check Point's recent discovery of a new communication scheme implemented by the Locky ransomware, our research teams decided to take a closer look at the inner workings of this new variant and map any new features it introduces. When Locky first appeared, we thoroughly analyzed its logic, like many other industry researchers. Our analysis […] | |||
|
2016-04-11 14:00:44 | Security Management for Critical Infrastructure Environments (lien direct) | The mission of protecting industrial control systems (ICS) is so vital that it cannot be left to just any security solution. Every day we expect water to flow from our faucets, our lights and electricity to work and traffic lights to move traffic along quickly and efficiently. Interruptions in any of these essential systems, even […] | |||
|
2016-04-08 23:37:38 | Malvertising: When Advertising Becomes Dangerous (lien direct) | Over the last several months, the BBC, the New York Times, and other major news and commercial websites became victims of Malvertising attacks. What exactly is Malvertising? To understand this type of attack, we must go back to the malware basics. One of the most prominent ways malware spreads is by infecting websites and delivering […] | |||
|
2016-04-08 16:28:33 | (Déjà vu) Qihoo 360: Just the Tip of the Whitelisted Malware Iceberg (lien direct) | The Check Point Mobile Threat Prevention team has long stressed how dangerous it can be to get apps from sources other than the Apple App Store and Google Play. Even with well-known third-party app stores the problem of security has become more obvious than ever. A great example of this is Qihoo 360, a Chinese […] | |||
|
2016-04-06 22:04:25 | Ransomware: Cybercriminals New Attack of Choice (lien direct) | In recent years, we've seen banker malware as the most prominent threat in the cyber world. However, over the last six months there has been a major change in the cyber threat landscape. Banker malware has been replaced in many cases by the incoming wave of ransomware, which continues to attack users worldwide, severely impacting […] | |||
|
2016-04-06 15:00:51 | Congrats! More than 7000 applications in your database (lien direct) | Security managers will appreciate Check Point's Application Control Software Blade. With more than 7000 pre-defined and supported applications, Check Point provides the industry's strongest application security and identity control to organizations of all sizes. It enables IT teams to easily create granular policies—based on users or groups—to identify, block or limit usage of web applications, network protocols […] | |||
|
2016-04-05 14:00:48 | New Technology Strives to Keep Android Apps and Users Safe (lien direct) | Mobile applications are intended to be safe for use, protecting users' privacy. However, many of them are poorly designed, accessing unnecessary data and receiving superfluous permissions. In fact, this is done not only by malicious apps but by an astonishingly large portion of all applications. According to research conducted by Check Point of more than […] | |||
|
2016-04-04 18:26:27 | New Locky Ransomware Variant Implementing Changes in Communication Patterns (lien direct) | Recently, Check Point published a detailed report describing Locky, an emerging new ransomware threat, which was first reported on February 16, 2016. New characteristics related to its communication have now been observed in the wild. In the past two weeks we have witnessed several changes in Locky communication patterns, as a part of a new […] | |||
|
2016-04-04 14:00:38 | It\'s Time to ReThink Security Management (lien direct) | “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.” R. Buckminster Fuller said those words decades ago, but they still ring true in present times, especially when it comes to the progression and innovation in technology. Here at Check Point, we do […] | |||
|
2016-04-01 19:00:08 | Angler EK Malvertising via Hacked Revive Adserver (lien direct) | Malware are spread by various methods such as phishing emails, malicious URLs, and more. One of the most prominent methods is using exploit kits, such as the infamous Angler Exploit Kit (EK), to spread malware to users when they visit infected sites. To cast as wide a net as possible, malware writers try to infect […] | |||
|
2016-04-01 16:47:58 | Check Point Threat Alert: Ransomware Campaigns Using .JS Inside Archives (lien direct) | Recently there is noticeable increase in using JavaScript files inside archives as a means to avoid detection in ransomware campaigns. The campaigns, which distribute various ransomware payloads, generate thousands of spear phishing emails with a demand for payment within 48 hours. These phishing emails include attached archive files (zip / rar) which contain malicious JavaScript […] | |||
|
2016-03-31 13:00:12 | SideStepper: Bypassing the iOS Gatekeeper to Attack iPhone and iPad Devices (lien direct) | Check Point disclosed details about SideStepper, a vulnerability that can be used to install malicious enterprise apps on iPhone and iPad devices enrolled with a mobile device management (MDM) solution. The Check Point mobile research team presented details about this vulnerability at Black Hat Asia 2016 in Singapore on April 1, 2016. Click here to download the report. […] | |||
|
2016-03-29 17:30:19 | Over the Garden Wall: Enterprise Apps Are An Unguarded Path Into iOS (lien direct) | iOS is supposed to be a secure environment where only certified code can run. That’s why Apple uses its app review to scrutinize each and every app before it makes it onto the App Store. However, there are other paths to distribute apps to iOS devices without going through Apple's review. The first is using […] | |||
|
2016-03-29 14:00:48 | Unsecure Routers Pose a Serious Risk to Small Businesses (lien direct) | Today, business cannot operate without an internet connection. Business leaders are more empowered than ever with the resources attainable with the internet, and by keeping security in mind, businesses can make the most of the internet while knowing their data is secure. For many small businesses their survival is dependent on the internet, making it […] | Guideline | ||
|
2016-03-28 18:20:27 | Check Point Threat Alert: SamSam and Maktub Ransomware Evolution (lien direct) | Executive Summary New and evolving ransomware campaigns, dubbed 'SamSam' and 'Maktub', use techniques not commonly observed in previously known ransomware. SamSam spreads by targeting and infecting servers that contain unpatched vulnerabilities. Maktub and Samsam do not communicate with a C&C server to encrypt files on an infected computer. SamSam's primary target is the healthcare industry. […] | |||
|
2016-03-28 14:00:51 | Security Management Innovation in Financial Services (lien direct) | The financial industry is one of the leaders in adopting new technology to service and protect its customers, and recent developments in technology have given the industry countless opportunities to do so even more. Digital systems are now the beating heart of many areas of the financial services business, opening up new communication links across […] | Guideline | ||
|
2016-03-25 14:00:47 | In The Wild: Mobile Security Observations from the Check Point Research Team (lien direct) | Special thanks to malware analysts Nikita Kazymirsky and Hod Gavriel who contributed to this blog post. Mobile malware learns fast. Many times, these malwares imitate behaviors and trends first seen in the PC world. However, mobile users are much less aware of mobile malware than PC malware. This allows mobile malware to gain momentum and […] | |||
|
2016-03-23 19:52:51 | New TeslaCrypt Ransomware Spikes on Leap Day, Attempting to Catch Users Off-Guard (lien direct) | In reviewing recent anomalies in our threat traffic, Omri Givoni, who heads up our Threat Prevention Cloud Group, noticed a spike of more than 100,000 events in our detections on leap day, February 29th, 2016. Zeroing in on the event, we isolated one SHA1 7429b5b4c239cb5380b6d7e4ffa070c4f92f3c79, which strangely did not show any incidents either before or […] | Tesla | ||
|
2016-03-22 15:00:43 | Over the Garden Wall: Jailbreaking Is A Threat to Consumers and Enterprises (lien direct) | With good reason, Apple is sensitive about the integrity and security of iOS which is purpose-built as a closed and protected environment. This design gives iOS strict control of any code executed on an iPhone or iPad. There are, however, several ways used to bypass Apple's security by design. One of these methods is jailbreaking. […] | |||
|
2016-03-21 15:00:07 | Lessons learned from the uKnowKids breach (lien direct) | Nothing is as important as our children. We will do anything we possibly can to protect them. Some parents even use apps to make sure their kids are safe, but this can turn out to be a double-edged sword. Recently, the database of the uKnowKids app was breached, and sensitive user information was leaked. But […] | |||
|
2016-03-21 14:00:45 | Optimizing Security Management with Unified Policy (lien direct) | Today, cyber security is becoming more complicated as organizations' networks are increasingly dynamic and often extend beyond the perimeter. In addition, a company's security profile has transformed to encompass all aspects of the work environment – applications, documents, electronic data, public and private clouds, virtualized environments, users, and endpoints and mobile devices. All business units […] | |||
|
2016-03-15 18:35:38 | Physical Attack Can Breach Cryptographic Security for Mobile Devices (lien direct) | Researchers from the Check Point Institute for Information Security at Tel Aviv University have discovered that the encryption mechanism used for securing money transfers on mobile phones can be broken using a simple piece of $2 equipment. Cryptographic software, intended to protect sensitive data on mobile phones, uses a digital signature algorithm, called ECDSA. This […] | |||
|
2016-03-14 17:40:48 | Over the Garden Wall: Is iOS Security As Secure As You Think? (lien direct) | Apple is known to be very keen on securing its users' devices to protect them from attacks, but many different attack vectors have managed to bypass the security features of iOS. Today’s post provides a high-level overview of the six most common types of attacks that impact iOS devices. We’ll follow-up on these with a […] | |||
|
2016-03-14 14:00:15 | Rethinking Security Operations (lien direct) | As recently as a few years ago, managing security was relatively straightforward, since the business and network environment was relatively static. However, with the emergence of disruptive technologies such as cloud, mobility and potentially the Internet of Things (IoT), the pace of business and network changes has accelerated to the point where security teams now […] | |||
|
2016-03-11 18:39:10 | President Obama\'s Cybersecurity Plan – Tackling a New Era of Security (lien direct) | The White House recently released the CNAP – Cybersecurity National Action Plan. This is a big step forward for securing the U.S., as it urges a 35 percent increase in cybersecurity expenses in the upcoming budget. The plan includes several policy points which are worth some discussion. Acknowledging the importance of multi-factor authentication Single […] | |||
|
2016-03-10 20:34:16 | Threat Alert – KeRanger MAC OSX Ransomware (lien direct) | Overview A new ransomware dubbed 'KeRanger' was discovered on March 4, 2016. The malware is distributed via the Transmission BitTorrent installer version 2.90 for OSX. Unlike most ransomwares, the targeted operating system is Mac OSX, which makes KeRanger the first active ransomware to target this operating system. The compromised Transmission installer includes an executable disguised […] | |||
|
2016-03-08 17:51:41 | Top Malware Families Found in January 2016 Show DDoS on the Rise (lien direct) | Distributed denial of service (DDoS) attacks are common threats that companies of all sizes have to continuously face. The size of DDoS attacks targeting businesses has been getting bigger every year, and from the amount of cyberattacks that occurred in January, it's critical that organizations protect themselves against such attacks. Back in December 2015, […] | |||
|
2016-03-07 23:27:49 | Why Visibility Is Critical to Your Security Management Program (lien direct) | Today, managing security can be a complex endeavor. The growing complexity of networks, business requirements for innovation and rapid delivery of services and applications require a new approach to managing security. Traditional security management approaches of multiple point products, manual change processes, monolithic policies and data silos no longer work. Security needs to be agile, […] | |||
|
2016-03-07 16:00:50 | Targeted SSL Stripping Attacks Are Real (lien direct) | Having access to the Internet is critical for on-the-go professionals. So the convenience of open Wi-Fi hotspots often outweighs the risk these connections may not be safe. Recently, a senior executive and Mobile Threat Prevention customer at a large financial company connected her iPad to a local hotspot while traveling for business. But when she […] | |||
|
2016-03-02 15:33:57 | (Déjà vu) Locky Ransomware (lien direct) | Locky is a new ransomware which encrypts the victim's files and then demands a ransom paid in Bitcoins to decrypt these files. The main infection method is email messages with an attached Word document that contains a malicious macro. The macro runs a script which downloads the malware's executable file, installs it on the victim's […] | |||
|
2016-03-01 14:00:56 | Announcing R80 Security Management (lien direct) | May you live in interesting times. While it's debatable this phrase originated as a Chinese curse – I've had my share of inventive Chinese curses hurled at me while growing up in Asia and this one certainly never came up – it does appear that Security teams are currently living in interesting and challenging times. […] | |||
|
2016-02-29 14:05:57 | “Recommended” for Security Effectiveness and Value 5 Years in a Row by NSS Labs (lien direct) | The Next Generation Firewall (NGFW) is the cornerstone of any effective network security strategy. However as the threat landscape continues to evolve and grow in sophistication, NGFW solutions should prove effective at protecting against new and unknown threats as well as continue safeguarding against previously known threats. But that begs the question: how do customers […] | |||
|
2016-02-26 17:11:11 | The Mobile World is an Amazing Place – Mobile World Congress 2016 (lien direct) | Mobile World Congress may be in the rearview mirror, but it’s still top of mind. The week was filled with flashy device unveilings, exciting new accessories, lots of talk about advances in Internet-connected technologies, festive late-night parties, and even a surprise guest appearance by Facebook CEO Mark Zuckerberg. The event in Barcelona exposed how far mobile […] | |||
|
2016-02-25 14:00:07 | Check Point and IBM: A Collaborative Approach to Information Security (lien direct) | Security is hard. Internal and external customers demand continuous availability, and the business often initiates plans without consulting security teams. This often leaves the security practitioner in the challenging position of having to slow business initiatives or insert security controls after network, application or system designs are complete. To help address this issue, Check Point […] | |||
|
2016-02-24 18:08:18 | Adwind – Malware-as-a-Service Reincarnation (lien direct) | Executive Summary Adwind Remote Access Tool, known by various names due to its many reincarnations, is a backdoor fully implemented in Java and therefore cross-platform. It is a highly popular tool used in both massive spam campaigns and targeted attacks against financial institutions worldwide. In all versions (Frutas, Adwind, AlienSpy, UNRECOM and JSocket), it has […] | |||
|
2016-02-22 18:02:16 | Check Point Threat Alert: Locky Ransomware (lien direct) | Locky is a new type of ransomware which encrypts the victim's files and then demands a ransom to be paid in bitcoins in order to decrypt these files. The main infection method is spam emails with an attached Word document that contains a malicious macro. The malicious macro runs a script which downloads the malware's […] | |||
|
2016-02-22 07:00:57 | Join Check Point at Mobile World Congress 2016 (lien direct) | Everything today really is mobile. From the smartphones in our pockets to the infrastructure that powers our connected lives, mobile technology makes our world faster, smarter, and even a little bit more fun. But all of these advances are exposing all of us to new risks, and cyber attacks against mobile are on the rise […] | |||
|
2016-02-19 16:00:35 | (Déjà vu) In the Wild: Mobile Security Observations from the Check Point Research Team (lien direct) | Time goes by fast, and mobile malware develops faster still. In the past few weeks, our mobile security team encounters several instances of innovative new malware. Whether these are complex chains of action or new methods of communication with C&C servers, it's clear that mobile cyber threats advance quickly. The Check Point Mobile Threat Prevention […] | |||
|
2016-02-19 15:00:34 | Smoking Is Bad For You (lien direct) | We recently spotted what seemed to be another spam campaign, yet a deeper investigation revealed something more sinister. In this case, the chain of infection usually begins with a file named: “iodex.php”. A simple google search for inurl:“iodex.php” returned the following results: Other files, including “lagins.php”, “foq.php” and “cigarettesdd.php” were spotted as well. The cigarette […] | |||
|
2016-02-18 15:00:01 | The Return of the Brazilian Banker Trojan (lien direct) | Brazil. It is known as the land of carnivals, beaches, coconuts – and vicious phishing campaigns. These campaigns have long been considered a national threat; on average, a Brazilian organization receives over 1000 phishing attacks per month. Check Point research team often uses various Brazilian phishing malwares as part of our research training program. In […] | |||
|
2016-02-17 17:00:53 | (Déjà vu) Millions of AirDroid Users Exposed to Severe Vulnerability (lien direct) | Check Point alerted AirDroid that its Android device manager app is vulnerable to phone data hijacking and malicious code execution by remote attackers. A new vulnerability in the AirDroid App was revealed by Check Point. This vulnerability affects the 50 million AirDroid users around the globe. AirDroid is a device manager app which […] | |||
|
2016-02-16 16:00:11 | Future-Proof Security Management (lien direct) | Cyber security is about more than stopping threats; it is also about maintaining a robust and flexible security infrastructure that can scale and evolve to keep pace with the business. It is a trite but true claim – your security is only as strong as your ability to manage it. In my line of […] | |||
|
2016-02-12 16:44:30 | Love is in the air (along with malware in your email): Facebook email redirection used to overcome spam filtering (lien direct) | Every year in the middle of February, much of the world takes a brief moment to focus on love. I'm pretty sure there is an element we could trace back to greeting card suppliers, florists, or purveyors of fine chocolates, but maybe that is just the cynic in me. But what strikes me as interesting […] | |||
|
2016-02-11 20:50:21 | Campaign Targeting WordPress: Users being Redirected to Angler Exploit Kit (lien direct) | In the past week, a massive campaign targeting WordPress-based websites has been reported by several security vendors, including Sucuri and Malwarebytes. In the previous iteration, unsuspecting victims were redirected to domains hosting ads which, if clicked, sent them to the Nuclear Exploit Kit landing page. Check Point security analysts have recently observed a change in […] | |||
|
2016-02-11 15:00:23 | Managing the Complex Ecosystem of Healthcare Security (lien direct) | Healthcare is one of several industries that has made tremendous strides with integrating advanced technology into their medical environments. Doctors can now communicate with their patients in a number of different ways, including email, updates through text messages, automated prescriptions, as well as communicating through customized portals, specific to that healthcare environment, to conveniently send […] | |||
|
2016-02-10 15:00:05 | Too Much Freedom is Dangerous: Understanding IE 11 CVE-2015-2419 Exploitation (lien direct) | It’s been a while since a pure JavaScript vulnerability was widely used by exploit kits. The last few years mostly gave us IE Use-After-Free vulnerabilities. When those were dealt with by Microsoft’s IsolatedHeap and MemoryProtection mechanisms, introduced in the middle of 2014, the stage was clear for Flash to take over. Now, as Flash is […] | |||
|
2016-02-09 14:00:53 | Introducing Check Point SandBlast Agent (lien direct) | As the modern workplace continues to evolve, it becomes increasingly important that individual end-user devices are protected from advanced threats. In most organizations today, endpoint device protection is still limited to traditional antivirus solutions that only detect previously known threats and techniques. Hackers today utilize sophisticated malware variants and new zero-day attacks to target end […] | |||
|
2016-02-04 19:35:10 | HummingBad: A Persistent Mobile Chain Attack (lien direct) | Check Point Mobile Threat Prevention has detected a new, unknown mobile malware that targeted two customer Android devices belonging to employees at a large financial services institution. Mobile Threat Prevention identified the threat automatically by detecting exploitation attempts while examining the malware in the MTP emulators. The infection was remediated after the system notified the […] | |||
|
2016-02-03 21:00:35 | Super Bowl Cybercrime (lien direct) | Super Bowl 50 is coming to my hometown and, along with it, over a million devoted fans who'll pack events, concerts and restaurants from San Francisco to Santa Clara. That week they, along with fellow fans across the nation, will go nuts for anything related to the ultimate football showdown. They'll don team t-shirts and […] |
To see everything:
Our RSS (filtrered)
