Dangerous bug in WhatsApp could lead to disclosure of user data

Check Point specialists spoke about a dangerous bug they discovered in the WhatsApp image processing function, which could lead to the disclosure of user data. The problem helped to disable the application, in addition, by applying certain filters to a specially created image and sending it to a potential victim, an attacker could exploit the… Continue reading Dangerous bug in WhatsApp could lead to disclosure of user data

Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device

Check Point researchers reported that in April of this year, IT giant Amazon eliminated critical vulnerabilities in the Amazon Kindle. The problems could be used to gain full control over the device, allowed them to steal the Amazon device token and other confidential data stored on it. For a successful attack on a Kindle, just… Continue reading Vulnerabilities in Amazon Kindle Allowed Taking Full Control of the Device

Qualcomm Mobile Station Modem vulnerability threatens 40% of smartphones

More than a third of all smartphones in the world have been affected by a new vulnerability in Qualcomm Mobile Station Modem (MSM). This bug gives attackers access to call history, SMS messages, and even allows them to eavesdrop on conversations. MSM is a SoC that allows devices to connect to mobile networks. It was… Continue reading Qualcomm Mobile Station Modem vulnerability threatens 40% of smartphones

Check Point: Desperate Job Seekers Are Ready To Work For Cybercriminals

CheckPoint experts found that the number of job search ads on the darknet and on hacker forums is growing – job seekers that were desperate to find a job are now ready to work for cybercriminals. Check Point reports that a new trend has emerged at the beginning of 2021: not hackers do not post… Continue reading Check Point: Desperate Job Seekers Are Ready To Work For Cybercriminals

Hackers majorly use Microsoft and DHL brands in phishing attacks

Hackers majorly use the Microsoft and DHL brands in phishing attacks. In Q4 2020, cybercriminals used more brands from the tech industry, followed by shipping and retail businesses. Information security researchers from the Check Point Software team said that phishers love the Microsoft brand. 43% of all attempts at phishing attacks were associated with it… Continue reading Hackers majorly use Microsoft and DHL brands in phishing attacks

About 8% of apps in the Google Play Store are vulnerable to a bug in the Play Core library

Check Point experts warned that developers of many popular Android applications forgot to make an important update and now their product is vulnerable to a bug in the Play Core library. So, according to the company, about 8% of all applications in the Google Play Store use old and unsafe versions of the Play Core… Continue reading About 8% of apps in the Google Play Store are vulnerable to a bug in the Play Core library

New Pay2Key ransomware encrypts corporate networks in just an hour

A number of companies and large corporations in Israel have been targeted by cyberattacks using a new ransomware called Pay2Key. The first attacks were recorded by specialists from Check Point at the end of October this year, and now their number has increased. According to experts, criminals usually carry out attacks after midnight, when companies… Continue reading New Pay2Key ransomware encrypts corporate networks in just an hour

In August, the updated Qbot Trojan first entered the top of the most widespread malware

Check Point has released its monthly Global Threat Index for August 2020. According to the researchers, the updated Qbot Trojan (aka QuakBot, Qakbot, and Pinkslipbot) first entered the TOP of the most widespread malware in the world, where it took tenth place. Experts discovered Qbot in 2008; over the years, it has evolved from an… Continue reading In August, the updated Qbot Trojan first entered the top of the most widespread malware

Vulnerabilities in Amazon Alexa opened access to user data for outsiders

In June this year, researchers from Check Point discovered a number of dangerous vulnerabilities that opened for attacks the Amazon Alexa virtual assistant and its users. The problem was in CORS and XSS bugs, which affected several Amazon subdomains, and in configuration issues. By exploiting these bugs, attackers could gain access to personal data (usernames,… Continue reading Vulnerabilities in Amazon Alexa opened access to user data for outsiders

Google cloud services are used for phishing

Attackers, whose main goal is to steal various credentials, are increasingly turning to public cloud services to host decoy files and phishing pages. Even Google services are now being used for phishing. Check Point experts warn that earlier this year they discovered a campaign, which was abusing Google cloud services. The scammers have developed an… Continue reading Google cloud services are used for phishing