Search the Community
Showing results for tags 'check point'.
Found 3 results
duddy posted a topic in Security & Privacy NewsSpike in mobile banking malware, WhatsApp too vulnerable: Check Point Malware attacks on mobile phones have definitely increased. Last year, we saw an increase of 50 per cent in mobile banking malware, like, Banker. It is as easy to send malware on WhatsApp as it is via other mediums as well. “It is as easy to send malware on WhatsApp as it is via other mediums,” Venugopal N, Director of Security Engineering at Check Point Software Technologies told indianexpress.com in an interaction, adding that in the case of Jeff Bezos, it was a zero vulnerability. He also revealed that there has been an increase of 50 per cent in banking mobile malware attacks overall, including in India, that can potentially steal a user’s financial data and even funds from their bank accounts. Venugopal shared more insights on what exactly happened in the Bezos case, the rise of banking malware and potential threats as well as what users can do to stay safe. Excerpts from the interaction: Has there been an increase in mobile malware? In India, which ones are the most common? Malware attacks on mobile phones have definitely increased. Last year, we saw an increase of 50 per cent in mobile banking malware, like, Banker. According to our threat intelligence sources, more than 35 per cent of organisations in India have been impacted by a mobile attack in 2019. In India, a lot of malware that we see tend to steal photographs, contact info on the mobile phone. And there’s adware that’s the most common type sitting on your phone and generating ads to make money for someone else. There is also malware that are able to launch surveillance on your phone, look at your GPS location and steal your personal data as well but that’s not as prevalent in India. What can banking mobile malware potentially do? Banking malware is widespread and what we have also seen is that its sophistication is increasing. It can potentially steal your financial data if you are using your mobile phone to make payments, steal your credentials and even funds from bank accounts. We are also talking credential theft and surveillance operations which means that somebody can really monitor your GPS location or take control of your microphone on your phone without the user actually knowing something like this is actually happening. Then, of course, we have contact information on our phones that can also be rummaged through this attack. How vulnerable is WhatsApp? What happened in the Jeff Bezos case? It is as easy to send malware on WhatsApp as it is via other mediums as well. But WhatsApp has actively patched a lot of vulnerabilities in the recent past and they are doing it on a regular basis. If you look at WhatsApp, there are about 65 billion messages that are sent on the app every day. Encryption to a large extent helps as it is designed in such a way that only the person to whom you are communicating can read the message and nobody in between. But what we’ve seen in the recent past is the fact that there are often new vulnerabilities that are exploited. That’s what happened in the Jeff Bezos case as well. It was a zero vulnerability. In this particular case, while the message was sent on WhatsApp, it was a video file that was sent and while opening the video file, the malware that was on the file was transmitted on the phone. What are the best security practices that mobile users can adopt? The most important thing is, give the same amount of importance to your mobile phone that you give to your laptop. Have a security solution in place. Do not download apps from third-party app stores. While even the App Store and Play Store also tend to have malware, we know we are cutting down on 50 per cent of the problems if you do not connect to the Internet and download apps. Do not open each and every file, links if you do not know who the sender is. It could be a file on your messaging apps or emails. Finally, you also need to keep in mind what kind of Wi-Fi networks you connect to as man-in-the-middle attacks can be launched via Wi-Fi networks. Avoid connecting to public, free Wi-Fi networks. How common is phishing through emails? People also tend to use their emails on mobiles. So it’s not just browsing websites or downloading apps or getting malware over messaging apps. Phishing attacks through emails would be that somebody could launch a malware to the mailbox and that malware is active via the mailbox to the mobile as well. One aspect is that you tend to open a link that comes in a mail and then you are taken to a particular website and asked to update your information. People are using that data to steal information about you. The most important thing is, try not to open all the mails if you know that some are spam mails. It is more about being educated to do something like this. Source
** WinRAR versions released in the last 19 years impacted by severe security flaw! ** Catalin Cimpanu Image: Check Point // Composition: ZDNet WinRAR, one of the world's most popular Windows file compression applications, has patched last month a severe security flaw that can be abused to hijack users' systems just by tricking a WinRAR user into opening a malicious archive. The vulnerability, discovered last year by security researchers from Check Point Software, impacts all WinRAR versions released in the last 19 years. On its website, the WinRAR team boasts of having a userbase of over 500 million users, all of whom are most likely impacted. The good news for all WinRAR users is that WinRAR devs released an update to fix the issue last month. According to a Check Point technical write-up that takes a deep dive into WinRAR's inner workings, the vulnerability resides in the UNACEV2.DLL library included with all WinRAR versions. This library is responsible for unpacking archives in the ACE format. Check Point researchers discovered a way to build malicious ACE archives that when decompressed used coding flaws in this library to plant malicious files outside the intended decompression path destination. For example, Check Point researchers were able to use this vulnerability to plant malware in a Windows PC's Startup folder, malware that would execute after the next reboot, infecting and taking over the PC. A proof-of-concept demo video recorded by the Check Point team is available below. https://www.youtube.com/watch?v=R2qcBWJzHMo WinRAR devs released WinRAR 5.70 Beta 1 on January 28 to address this vulnerability --tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers. Because devs lost access to the UNACEV2.DLL library source code around 2005, they opted to drop support for ACE archive formats altogether. In the coming months and years, because of WinRAR's extremely large userbase, users should be aware that malware operators will most likely attempt to exploit this vulnerability. Home users should take care not to open any ACE archives they receive via email unless they've updated WinRAR first. System administrators at large corps should also warn employees about opening these files without having updated WinRAR first, as well. Exploit vendors have already shown interest in buying vulnerabilities in file compression utilities last year, offering to pay as much as $100,000 for a remote code execution flaw in WinRAR, 7-Zip, WinZip (on Windows) or tar (on Linux). The reason is that these types of apps are almost always installed on corporate or home computers, and are an ideal attack surface for hackers or government entities. -- Source
steven36 posted a topic in Security & Privacy NewsEnterprise cybersecurity solutions provider Check Point Software Technologies on Monday announced that it has acquired ForceNock, an Israel-based company specializing in securing web applications and APIs. Founded in 2017, ForceNock has developed patent-pending web application and API protection (WAAP) technology that leverages machine learning, behavioral analysis, and reputation-based analysis. Check Point says it plans on integrating this technology into its Infinity total protection solution. “Check Point is committed to providing the most comprehensive security architecture to prevent current and future generations of cyber attacks. The growing usage of platforms – Cloud, Network, Mobile, Endpoint and IoT – requires complete, simple to deploy and easy to use security technologies,” said Dr. Dorit Dor, VP of products at Check Point. “Incorporating ForceNock’s technology into our Infinity Architecture will enable us to continue to provide the highest level of security for our customers worldwide and strengthens our machine learning protection capabilities,” Dor added. Financial terms of the deal have not been disclosed. Check Point has acquired a significant number of companies in the past years, including PointSec, NFR Security, Nokia Security Appliances, FaceTime Communications, Liquid Machines, Dynasec, SofaWare, Hyperwise, Lacoon Mobile Security and, most recently, Dome9 Security. Source