FIREBALL – The Chinese Malware of 250 Million Computers Infected

June 1, 2017 6:00 am

  Check Point Threat Intelligence and research teams recently discovered a high volume Chinese threat operation which has infected over 250 million computers worldwide. The installed malware,  Fireball, takes over target browsers and... Click to Read More

BROKERS IN THE SHADOWS: Analyzing vulnerabilities and attacks spawned by the leaked NSA hacking tools

May 25, 2017 9:39 am

  Background Rarely does the release of an exploit have such a large impact across the world. With the recent leak of the NSA exploit methods, we saw the effects of powerful tools... Click to Read More

The Judy Malware: Possibly the largest malware campaign found on Google Play

May 25, 2017 6:00 am

  Check Point researchers discovered another widespread malware campaign on Google Play, Google’s official app store. The malware, dubbed “Judy”, is an auto-clicking adware which was found on 41 apps developed by a... Click to Read More

Hacked in Translation – from Subtitles to Complete Takeover

May 23, 2017 6:00 am

May 23, 2017 Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s... Click to Read More

April’s Most Wanted Malware: Exploit Kit Attacks Continue, While Slammer Worm Resurfaces Again

May 17, 2017 6:00 am

May 17, 2017 Check Point’s latest Global Threat Impact Index detected a continued increase in the number of organizations being targeted with Exploit Kits, as Rig EK became the most prevalent form of... Click to Read More

Check Point Reveals Global WannaCry Ransomware Infection Map at CPX Europe 2017

May 17, 2017 6:00 am

Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. With a new Check Point WannaCry Ransomware Infection Map, the researchers were able to track 34,300 attack... Click to Read More

WannaCry – New Kill-Switch, New Sinkhole

May 15, 2017 12:00 pm

Check Point Threat Intelligence and Research team has just registered a brand new kill-switch domain used by a fresh sample of the WannaCry Ransomware. In the last few hours we witnessed a stunning... Click to Read More

WannaCry – Paid Time Off?

May 14, 2017 11:29 am

Let us open with a TL;DR – DO NOT pay the ransom demanded by the WannaCry ransomware! Now, let us explain why: As of this writing , the 3 bitcoin accounts associated with... Click to Read More

Global Outbreak of WannaCry

May 12, 2017 12:08 pm

[Updated May 17, 2017] On May 12, 2017 the Check Point Incident Response Team started tracking a wide spread outbreak of the WannaCryp ransomware. We have reports that multiple global organizations are experiencing... Click to Read More

JAFF – A New Ransomware is in town, and it’s widely spread by the infamous Necurs Botnet

May 11, 2017 7:47 am

May 11, 2017 Necurs, one of the largest botnets, went offline during the holiday period of 2016 and through the beginning of 2017. However it returned only to shortly peak late in April,... Click to Read More

DiamondFox modular malware – a one-stop shop

May 10, 2017 6:00 am

May 10, 2017 Check Point researchers have conducted a thorough investigation of the DiamondFox malware-as-a-service in collaboration with Terbium Labs, a Dark Web Data Intelligence company. The report includes a review of the... Click to Read More

Update – OSX/Dok Campaign

May 4, 2017 10:00 am

May 4, 2017 Research by: Ofer Caspi Our ongoing investigation of the OSX/DOK campaign has led us to detect several new variants of this malware. These new variants have the same functionality as... Click to Read More

OSX Malware is Catching Up, and it wants to Read Your HTTPS Traffic (updated)

April 27, 2017 11:03 am

April 27, 2017 Research by: Ofer Caspi People often assume that if you’re running OSX, you’re relatively safe from malware. But this is becoming less and less true, as evidenced by a new... Click to Read More

Check Point Discloses Vulnerability that Allowed Hackers to Take over Hundreds of Millions of WhatsApp & Telegram Accounts

March 15, 2017 6:00 am

March 15, 2017 One of the most concerning revelations arising from the recent WikiLeaks publication is the possibility that government organizations can compromise WhatsApp, Telegram and other end-to-end encrypted chat applications. While this... Click to Read More

2016 H2 Global and Regional Threat Intelligence Trends

February 21, 2017 6:00 am

February 21, 2017 Introduction New, sophisticated threats continue to emerge on a daily basis across multiple platforms: social media, mobile platforms, email, and web pages. At the same time, prominent malware and attack... Click to Read More