Tag Archives: Check Point Software

Security Never Sleeps- Equifax Breach, DU Data Siphon

Equifax Discloses Earlier Cybersecurity Incident, But No Details

“March breach is still shaded with uncertainty”

Equifax Inc. hired cybersecurity experts to deal with an incident on its corporate networks in March, two months before the massive hack began that it has said led to the potential compromise of personal data belonging to 143 million U.S. consumers.

Infrared signals in surveillance cameras let malware jump network air gaps

“Many networks disconnected as precaution”

Researchers have been successful in creating malware that can jump airgaps by using the infrared capabilities of an infected network’s surveillance cameras to transmit data to and from attackers. The malware prototype could be a crucial ingredient for attacks that target some of the world’s most sensitive networks that were previously thought to be safe. Militaries, energy producers, and other critical infrastructure providers frequently disconnect such networks from the Internet as a precaution.

Chinese Mobile Antivirus App Caught Siphoning User Data

“Secret data theft”

Google has removed, and then reinstated, one of the most popular mobile antivirus apps on the Play Store. The move was taken after security firm Check Point discovered that DU Antivirus Security, created by the DU Group, was secretly collecting device data from users’ smartphones. Over 10 million downloads occurred without proper security precautions.

Enterprise IT security planning: Five ways to build a better strategy

“Helpful tips for a competent defense”

Those buzzwords recommended for building a successful digital business, such as flexibility, agility and openness, don’t always fit nicely with more sober requirements like the needs of a corporate security policy. So, how can IT leaders create an approach to information security that is fit for the modern business? ZDNet speaks to five experts about the key issues CIOs face.

  1. Make cybersecurity your number one priority
  2. Understand the importance of making a commitment
  3. Embed a culture of risk management across the business
  4. Apply measures that are fit for the open world
  5. Create a long-term strategy for system integrity

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 147

“Huge security hole in many products”
The second largest world producer of IoT devices, Dahua, has released a software update that has gaping security deficiencies in several of popular products including DVR’s and cameras. These internet connected gadgets are vulnerable to login bypasses and remote access to various systems. Additionally, code is available online that would allow exploitation of massive numbers of these types of ‘smart’ devices online by one user, creating DDoS attack concerns among security researchers.
“General technology concerns ease”
The stockpiling of zero-day vulnerabilities by various intelligence agencies to use in offensive capabilities for cyber battle is not quite as dangerous as once predicted, says a new RAND study. Tactical benefits accrued from the collection of the data result in greater outcomes from public disclosure.
 
“Malicious software not part of official ROM”
Check Point Software Technologies posted a blog last Friday detailing the installation of malware of several android devices sold to two firms. The malware was added somewhere along the supply chain, but was not included by the official ROM made by the manufacturer. Many of the phones affected with a ROM using system privileges, meaning that a complete re-installation of all software programs to remedy the problem.
Enjoy your read? Check out our other content here.