What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-03-21 15:00:07 | Lessons learned from the uKnowKids breach (lien direct) | Nothing is as important as our children. We will do anything we possibly can to protect them. Some parents even use apps to make sure their kids are safe, but this can turn out to be a double-edged sword. Recently, the database of the uKnowKids app was breached, and sensitive user information was leaked. But […] | |||
|
2016-03-21 14:00:45 | Optimizing Security Management with Unified Policy (lien direct) | Today, cyber security is becoming more complicated as organizations' networks are increasingly dynamic and often extend beyond the perimeter. In addition, a company's security profile has transformed to encompass all aspects of the work environment – applications, documents, electronic data, public and private clouds, virtualized environments, users, and endpoints and mobile devices. All business units […] | |||
|
2016-03-15 18:35:38 | Physical Attack Can Breach Cryptographic Security for Mobile Devices (lien direct) | Researchers from the Check Point Institute for Information Security at Tel Aviv University have discovered that the encryption mechanism used for securing money transfers on mobile phones can be broken using a simple piece of $2 equipment. Cryptographic software, intended to protect sensitive data on mobile phones, uses a digital signature algorithm, called ECDSA. This […] | |||
|
2016-03-14 17:40:48 | Over the Garden Wall: Is iOS Security As Secure As You Think? (lien direct) | Apple is known to be very keen on securing its users' devices to protect them from attacks, but many different attack vectors have managed to bypass the security features of iOS. Today’s post provides a high-level overview of the six most common types of attacks that impact iOS devices. We’ll follow-up on these with a […] | |||
|
2016-03-14 14:00:15 | Rethinking Security Operations (lien direct) | As recently as a few years ago, managing security was relatively straightforward, since the business and network environment was relatively static. However, with the emergence of disruptive technologies such as cloud, mobility and potentially the Internet of Things (IoT), the pace of business and network changes has accelerated to the point where security teams now […] | |||
|
2016-03-11 18:39:10 | President Obama\'s Cybersecurity Plan – Tackling a New Era of Security (lien direct) | The White House recently released the CNAP – Cybersecurity National Action Plan. This is a big step forward for securing the U.S., as it urges a 35 percent increase in cybersecurity expenses in the upcoming budget. The plan includes several policy points which are worth some discussion. Acknowledging the importance of multi-factor authentication Single […] | |||
|
2016-03-10 20:34:16 | Threat Alert – KeRanger MAC OSX Ransomware (lien direct) | Overview A new ransomware dubbed 'KeRanger' was discovered on March 4, 2016. The malware is distributed via the Transmission BitTorrent installer version 2.90 for OSX. Unlike most ransomwares, the targeted operating system is Mac OSX, which makes KeRanger the first active ransomware to target this operating system. The compromised Transmission installer includes an executable disguised […] | |||
|
2016-03-08 17:51:41 | Top Malware Families Found in January 2016 Show DDoS on the Rise (lien direct) | Distributed denial of service (DDoS) attacks are common threats that companies of all sizes have to continuously face. The size of DDoS attacks targeting businesses has been getting bigger every year, and from the amount of cyberattacks that occurred in January, it's critical that organizations protect themselves against such attacks. Back in December 2015, […] | |||
|
2016-03-07 23:27:49 | Why Visibility Is Critical to Your Security Management Program (lien direct) | Today, managing security can be a complex endeavor. The growing complexity of networks, business requirements for innovation and rapid delivery of services and applications require a new approach to managing security. Traditional security management approaches of multiple point products, manual change processes, monolithic policies and data silos no longer work. Security needs to be agile, […] | |||
|
2016-03-07 16:00:50 | Targeted SSL Stripping Attacks Are Real (lien direct) | Having access to the Internet is critical for on-the-go professionals. So the convenience of open Wi-Fi hotspots often outweighs the risk these connections may not be safe. Recently, a senior executive and Mobile Threat Prevention customer at a large financial company connected her iPad to a local hotspot while traveling for business. But when she […] | |||
|
2016-03-02 15:33:57 | (Déjà vu) Locky Ransomware (lien direct) | Locky is a new ransomware which encrypts the victim's files and then demands a ransom paid in Bitcoins to decrypt these files. The main infection method is email messages with an attached Word document that contains a malicious macro. The macro runs a script which downloads the malware's executable file, installs it on the victim's […] | |||
|
2016-03-01 14:00:56 | Announcing R80 Security Management (lien direct) | May you live in interesting times. While it's debatable this phrase originated as a Chinese curse – I've had my share of inventive Chinese curses hurled at me while growing up in Asia and this one certainly never came up – it does appear that Security teams are currently living in interesting and challenging times. […] | |||
|
2016-02-29 14:05:57 | “Recommended” for Security Effectiveness and Value 5 Years in a Row by NSS Labs (lien direct) | The Next Generation Firewall (NGFW) is the cornerstone of any effective network security strategy. However as the threat landscape continues to evolve and grow in sophistication, NGFW solutions should prove effective at protecting against new and unknown threats as well as continue safeguarding against previously known threats. But that begs the question: how do customers […] | |||
|
2016-02-26 17:11:11 | The Mobile World is an Amazing Place – Mobile World Congress 2016 (lien direct) | Mobile World Congress may be in the rearview mirror, but it’s still top of mind. The week was filled with flashy device unveilings, exciting new accessories, lots of talk about advances in Internet-connected technologies, festive late-night parties, and even a surprise guest appearance by Facebook CEO Mark Zuckerberg. The event in Barcelona exposed how far mobile […] | |||
|
2016-02-25 14:00:07 | Check Point and IBM: A Collaborative Approach to Information Security (lien direct) | Security is hard. Internal and external customers demand continuous availability, and the business often initiates plans without consulting security teams. This often leaves the security practitioner in the challenging position of having to slow business initiatives or insert security controls after network, application or system designs are complete. To help address this issue, Check Point […] | |||
|
2016-02-24 18:08:18 | Adwind – Malware-as-a-Service Reincarnation (lien direct) | Executive Summary Adwind Remote Access Tool, known by various names due to its many reincarnations, is a backdoor fully implemented in Java and therefore cross-platform. It is a highly popular tool used in both massive spam campaigns and targeted attacks against financial institutions worldwide. In all versions (Frutas, Adwind, AlienSpy, UNRECOM and JSocket), it has […] | |||
|
2016-02-22 18:02:16 | Check Point Threat Alert: Locky Ransomware (lien direct) | Locky is a new type of ransomware which encrypts the victim's files and then demands a ransom to be paid in bitcoins in order to decrypt these files. The main infection method is spam emails with an attached Word document that contains a malicious macro. The malicious macro runs a script which downloads the malware's […] | |||
|
2016-02-22 07:00:57 | Join Check Point at Mobile World Congress 2016 (lien direct) | Everything today really is mobile. From the smartphones in our pockets to the infrastructure that powers our connected lives, mobile technology makes our world faster, smarter, and even a little bit more fun. But all of these advances are exposing all of us to new risks, and cyber attacks against mobile are on the rise […] | |||
|
2016-02-19 16:00:35 | (Déjà vu) In the Wild: Mobile Security Observations from the Check Point Research Team (lien direct) | Time goes by fast, and mobile malware develops faster still. In the past few weeks, our mobile security team encounters several instances of innovative new malware. Whether these are complex chains of action or new methods of communication with C&C servers, it's clear that mobile cyber threats advance quickly. The Check Point Mobile Threat Prevention […] | |||
|
2016-02-19 15:00:34 | Smoking Is Bad For You (lien direct) | We recently spotted what seemed to be another spam campaign, yet a deeper investigation revealed something more sinister. In this case, the chain of infection usually begins with a file named: “iodex.php”. A simple google search for inurl:“iodex.php” returned the following results: Other files, including “lagins.php”, “foq.php” and “cigarettesdd.php” were spotted as well. The cigarette […] | |||
|
2016-02-18 15:00:01 | The Return of the Brazilian Banker Trojan (lien direct) | Brazil. It is known as the land of carnivals, beaches, coconuts – and vicious phishing campaigns. These campaigns have long been considered a national threat; on average, a Brazilian organization receives over 1000 phishing attacks per month. Check Point research team often uses various Brazilian phishing malwares as part of our research training program. In […] | |||
|
2016-02-17 17:00:53 | (Déjà vu) Millions of AirDroid Users Exposed to Severe Vulnerability (lien direct) | Check Point alerted AirDroid that its Android device manager app is vulnerable to phone data hijacking and malicious code execution by remote attackers. A new vulnerability in the AirDroid App was revealed by Check Point. This vulnerability affects the 50 million AirDroid users around the globe. AirDroid is a device manager app which […] | |||
|
2016-02-16 16:00:11 | Future-Proof Security Management (lien direct) | Cyber security is about more than stopping threats; it is also about maintaining a robust and flexible security infrastructure that can scale and evolve to keep pace with the business. It is a trite but true claim – your security is only as strong as your ability to manage it. In my line of […] | |||
|
2016-02-12 16:44:30 | Love is in the air (along with malware in your email): Facebook email redirection used to overcome spam filtering (lien direct) | Every year in the middle of February, much of the world takes a brief moment to focus on love. I'm pretty sure there is an element we could trace back to greeting card suppliers, florists, or purveyors of fine chocolates, but maybe that is just the cynic in me. But what strikes me as interesting […] | |||
|
2016-02-11 20:50:21 | Campaign Targeting WordPress: Users being Redirected to Angler Exploit Kit (lien direct) | In the past week, a massive campaign targeting WordPress-based websites has been reported by several security vendors, including Sucuri and Malwarebytes. In the previous iteration, unsuspecting victims were redirected to domains hosting ads which, if clicked, sent them to the Nuclear Exploit Kit landing page. Check Point security analysts have recently observed a change in […] | |||
|
2016-02-11 15:00:23 | Managing the Complex Ecosystem of Healthcare Security (lien direct) | Healthcare is one of several industries that has made tremendous strides with integrating advanced technology into their medical environments. Doctors can now communicate with their patients in a number of different ways, including email, updates through text messages, automated prescriptions, as well as communicating through customized portals, specific to that healthcare environment, to conveniently send […] | |||
|
2016-02-10 15:00:05 | Too Much Freedom is Dangerous: Understanding IE 11 CVE-2015-2419 Exploitation (lien direct) | It’s been a while since a pure JavaScript vulnerability was widely used by exploit kits. The last few years mostly gave us IE Use-After-Free vulnerabilities. When those were dealt with by Microsoft’s IsolatedHeap and MemoryProtection mechanisms, introduced in the middle of 2014, the stage was clear for Flash to take over. Now, as Flash is […] | |||
|
2016-02-09 14:00:53 | Introducing Check Point SandBlast Agent (lien direct) | As the modern workplace continues to evolve, it becomes increasingly important that individual end-user devices are protected from advanced threats. In most organizations today, endpoint device protection is still limited to traditional antivirus solutions that only detect previously known threats and techniques. Hackers today utilize sophisticated malware variants and new zero-day attacks to target end […] | |||
|
2016-02-04 19:35:10 | HummingBad: A Persistent Mobile Chain Attack (lien direct) | Check Point Mobile Threat Prevention has detected a new, unknown mobile malware that targeted two customer Android devices belonging to employees at a large financial services institution. Mobile Threat Prevention identified the threat automatically by detecting exploitation attempts while examining the malware in the MTP emulators. The infection was remediated after the system notified the […] | |||
|
2016-02-03 21:00:35 | Super Bowl Cybercrime (lien direct) | Super Bowl 50 is coming to my hometown and, along with it, over a million devoted fans who'll pack events, concerts and restaurants from San Francisco to Santa Clara. That week they, along with fellow fans across the nation, will go nuts for anything related to the ultimate football showdown. They'll don team t-shirts and […] | |||
|
2016-02-03 14:00:32 | Size Doesn\'t Matter in Cybersecurity (lien direct) | Has the landscape of small business security improved over the last few years? This is the question I’m asking myself as we roll into 2016. As a former IT administrator for my friend’s small drafting company, which involved a wide breadth of IT related tasks from managing their five desktop computers to securing their network […] | |||
|
2016-02-02 22:00:57 | The Cat & Mouse Game Continues: Cybercriminals Adapt to Advanced Security Measures (lien direct) | A new type of Android malware is capable of stealing one-time passcodes that are part of the two-factor authentication (2FA), according to a recent report. Let's break it down a bit: What are one-time passcodes? One-time passcode are a relatively new security measure that is supposed to provide more comprehensive protection for users. The idea […] | |||
|
2016-02-02 14:00:16 | eBay Platform Exposed to Severe Vulnerability (lien direct) | Check Point alerts eBay to an online sales platform vulnerability which allows cyber criminals to distribute phishing and malware campaigns. eBay, the online auction and e-commerce giant, has locations in over 30 countries and serves more than 150 million active users worldwide. As a successful company with a massive customer base, it's no surprise that […] | |||
|
2016-02-02 02:00:34 | Check Point Threat Alert: Exploit Kits (lien direct) | An exploit kit is a malicious toolkit whose purpose is to identify vulnerabilities in client machines. These vulnerabilities are then exploited in order to upload and execute malicious code on the client. Exploit kits also provide a user interface for an attacker to gain information on success rates and other statistics, as well control the […] | |||
|
2016-02-01 19:07:08 | JSPatch Vulnerability Digs Under Apple\'s Garden Walls (lien direct) | One of the reasons iPhones are considered more secure is the thorough vetting each and every app on the Apple App Store. This inspection is supposed to ensure no malicious apps infiltrate the guarded platform from which almost all users download apps. Of course, there have been several cases in which malicious code managed to […] | |||
|
2016-01-26 14:00:23 | A Major Step Ahead in Network Security (lien direct) | It's January 2016 and my New Years' resolution is still fresh in my mind. In addition to visiting the gym more frequently and losing some of my “holiday” weight, I am also resolute that this year will be another big year of cyber security headlines and major breaches, even though network security spending continues to […] | |||
|
2016-01-19 15:00:03 | Something is Cooking in Brazil (lien direct) | Looking at the global cyber landscape, we can see many campaigns and persistent threats occurring at different locations around the world. One example that has not drawn much attention is Brazil's nationwide fraud campaigns. These come in different forms, beginning with simple phishing scams whose aim is to intercept and harvest credentials from unsuspecting users. […] | |||
|
2016-01-18 15:00:39 | Ukraine Power Outage Demonstrates Infrastructure Vulnerability (lien direct) | The night before Christmas Eve, the Ivano-Frankivsk region in western Ukraine, an area the size of Connecticut, experienced a power blackout due to what was later identified as a cyberattack. The attack was said to have targeted the power company Prykarpattyaoblenergo, and affected at least 80,000 people, which is approximately half of the region's population. […] | |||
|
2016-01-15 15:00:16 | Check Point Threat Alert: Cryptowall 4 (lien direct) | Executive Summary Ransomware is a type of malware that restricts access to an infected computer system and demands a ransom payment to remove the restriction. Some ransomware encrypt the files on the system’s hard drive, while others may simply lock the system and display threatening messages to force the user to pay. Cryptowall is a […] | |||
|
2016-01-14 20:18:59 | Check Point Threat Alert: BlackEnergy Trojan (lien direct) | Executive Summary BlackEnergy malware has been around since 2007, first appearing as a simple DDoS tool. In 2014, it made a comeback as a highly sophisticated and customized malware, featuring support for proxy servers and a wide range of system operations. Observed targets on 2014 are mostly Ukrainian governmental institutes but also include those from […] | |||
|
2016-01-08 20:10:02 | Turkish Clicker: Check Point Finds New Malware on Google Play (lien direct) | The Check Point research team has discovered an extensive malware campaign on the Google Play™ store. Check Point Mobile Threat Prevention detected the first samples of malware we call “Turkish Clicker” on several customer devices. The malicious code was found in the apps “Fruit Life,” “City HD Wallpapers,” and “Adiyef Puzzle.” Google has removed all […] | |||
|
2016-01-07 14:01:47 | You\'re watching TV – Is it also watching you? (lien direct) | The Internet of Things (IoT) revolves around machine-to-machine communication, and it's growing exponentially. Sure, it sounds like a great idea when we can use smart devices to connect to the Internet at a moment's notice. However, most consumers don't fully understand the security vulnerabilities. Let's take a look at EZCast. It's an HDMI dongle-based TV […] | |||
|
2016-01-04 21:16:48 | CHECK POINT THREAT ALERT: SHODAN (lien direct) | EXECUTIVE SUMMARY Shodan (https://www.shodan.io/) is a search engine that uses a variety of filters to find devices, such as computers, routers, and servers, which are connected to the Internet. Shodan collects data mostly on web servers (HTTP port 80), but there is also data about FTP (21), SSH (22), Telnet (23), SNMP (161) and SIP […] | |||
|
2015-12-30 19:32:57 | (Déjà vu) In The Wild: Mobile Cybercrime Goes Big in 2015 (lien direct) | Cybercriminals made significant advances in the sophistication and number of attacks on mobile devices in 2015. As we head into a new year — and into new uncertainties for mobile security — let's remember a few of the most spectacular attacks to help us better understand what to be aware of in the months to […] | |||
|
2015-12-29 15:00:58 | Check Point Threat Alert: Outlook OLE Vulnerability (lien direct) | Object Linking and Embedding (OLE), developed by Microsoft, allows users to embed and link to documents and other objects. However, a Remote-Command-Execution vulnerability was found in Microsoft Office that allows remote attackers to execute arbitrary code via a crafted email message processed by Outlook. Microsoft Outlook has a sandbox bypass vulnerability which allows an attacker […] | |||
|
2015-12-21 21:00:01 | Check Point Threat Alert: Joomla RCE Zero-Day (lien direct) | On December 14, a new version of Joomla, an open-source content management system (CMS) which allows you to build websites and powerful online applications, was released to patch a critical 0-Day Remote Command Execution (RCE) vulnerability that affects all versions from 1.5 to 3.4. The vulnerability is due to lack of validation of input objects […] | |||
|
2015-12-19 00:00:16 | Angler EK Pushing TeslaCrypt (lien direct) | In recent weeks, we have witnessed a very large up rise in TeslaCrypt infection attempts. TeslaCrypt is a relatively new ransomware, first reported in the beginning of 2015. Although it is not the most sophisticated malware, it is continuously maintained and updated by its authors, and still manages to spread through various infection vectors. In […] | Tesla | ||
|
2015-12-10 15:00:08 | Check Point\'s Security Predictions for 2016: PoS (lien direct) | The holiday season is here, and the retail industry is preparing for shoppers who are rushing to take advantage of sales and purchase gifts in-store or online. However, continuous point-of-sales (PoS) attacks have been making headlines in the last few years. In 2013, Target confirmed a massive credit card data breach that affected 40 million […] | |||
|
2015-12-03 19:00:45 | Singapore Mobile Device Users Are Under Cyber Attack (lien direct) | On December 1, 2015, the Association of Banks in Singapore (ABS) announced information about a Trojan designed to steal financial information from mobile device users. Check Point researchers retrieved samples of this malware and conducted an in depth analysis. This banking malware is actually a tweaked version of an existing financial infostealer called “GMBot†(SHA256: […] | |||
|
2015-12-03 14:00:57 | Check Point Names Julie Parrish as Chief Marketing Officer (lien direct) | Check Point today announced the appointment of Julie Parrish as the company's Chief Marketing Officer. As the newest member of our executive team, Parrish will lead the company’s global marketing organization, overseeing strategic initiatives to drive awareness and demand for the Check Point's expanding portfolio of industry-leading security solutions. Prior to joining Check Point, Parrish […] | Guideline |
To see everything:
Our RSS (filtrered)
