BROKERS IN THE SHADOWS – Part 2: Analyzing Petya’s DoublePulsarV2.0 Backdoor

July 3, 2017 5:58 pm

  Background In the wake of WannaCry, a new cyber threat has emerged from the NSA leak. Making use of previously exposed tools, Petya once again is engaged in another large scale attack.... Click to Read More

Preventing Petya – stopping the next ransomware attack

June 28, 2017 8:02 am

  Check Point’s Incident Response Team has been responding to multiple global infections caused by a new variant of the Petya malware, which first appeared in 2016 and is currently moving laterally within... Click to Read More

Threat Brief: Petya Ransomware, A Global Attack

June 27, 2017 8:35 am

  A worldwide attack erupted on June 27 with a high concentration of hits in Ukraine – including the Ukrainian central bank, government offices and private companies. The attack is distributing what seems to... Click to Read More

CrashOverride

June 21, 2017 6:00 am

  On June 20th Check Point published an IPS signature providing virtual patching for the Siemens SIPROTEC DoS vulnerability. This IPS signature can help protect against a new malware, CrashOverride, also known as... Click to Read More

Anatomy of the Jaff Ransomware Campaign

June 8, 2017 4:47 am

  Last month, Check Point researchers were able to spot the distribution of Jaff Ransomware by the Necurs Botnet. The ransomware was spread using malicious PDF files that had an embedded docm file,... Click to Read More

FIREBALL – The Chinese Malware of 250 Million Computers Infected

June 1, 2017 6:00 am

  Check Point Threat Intelligence and research teams recently discovered a high volume Chinese threat operation which has infected over 250 million computers worldwide. The installed malware,  Fireball, takes over target browsers and... Click to Read More

BROKERS IN THE SHADOWS: Analyzing vulnerabilities and attacks spawned by the leaked NSA hacking tools

May 25, 2017 9:39 am

  Background Rarely does the release of an exploit have such a large impact across the world. With the recent leak of the NSA exploit methods, we saw the effects of powerful tools... Click to Read More

The Judy Malware: Possibly the largest malware campaign found on Google Play

May 25, 2017 6:00 am

  Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a... Click to Read More

Hacked in Translation – from Subtitles to Complete Takeover

May 23, 2017 6:00 am

May 23, 2017 Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s... Click to Read More

April’s Most Wanted Malware: Exploit Kit Attacks Continue, While Slammer Worm Resurfaces Again

May 17, 2017 6:00 am

May 17, 2017 Check Point’s latest Global Threat Impact Index detected a continued increase in the number of organizations being targeted with Exploit Kits, as Rig EK became the most prevalent form of... Click to Read More