Check Point® Software Technologies Ltd, the worldwide leader in securing the Internet, today announced the detection of evolving phishing and bot attacks by Check Point Threat Emulation Software Blade. The attacks used new exploit variants of vulnerability (CVE-2012-0158) to target employees at several large global organizations. And by using Check Point’s new threat emulation sandboxing technology, the attacks were discovered before anti-virus signatures were made available.
The attacks started with phishing emails purporting to be from Citibank or Bank of America. The emails, which contained subject lines such as “Merchant Statement”, invite recipients to open an infected Microsoft Word attachment. Instead of a legitimate statement, the attachment contains malware that if opened, automatically executes, infects recipient computers, and renders them under the control of a larger bot network. The malware can open network ports, steal user credentials, such as logins and passwords, and act as a self-propagating spam bot ready to execute any new attack instructions and spread malicious emails to other targets a unique aspect of these attacks.
“Cybercriminals are constantly launching new attacks, distributing thousands of new malware variants every day,” said Dorit Dor, vice president of products at Check Point Software Technologies. “Traditional anti-virus solutions are not enough when it comes to dealing with unknown threats.”
“Organizations need a multi-layered security solution that includes Threat Emulation technology capable of detecting and preventing against new attacks and variants of existing ones. Our sandboxing technology closes the gap between the time new attacks are launched and when AV updates are made available, providing the most effective threat prevention available today,” added Dor.
Check Point provides comprehensive protection against all types of threats. The Threat Emulation Software Blade prevents infections from undiscovered exploits, zero-day, and targeted attacks. This innovative solution quickly inspects suspicious files, emulates how they run to discover malicious behavior, and completely prevents malware from entering the network. Check Point Threat Emulation also immediately reports new threats to Check Point's ThreatCloud™ service which automatically shares the newly identified threats with other customers.
About Check Point Software Technologies Ltd
Check Point Software Technologies Ltd (checkpoint.com), the worldwide leader in securing the Internet, provides customers with uncompromised protection against all types of threats, reduces security complexity and lowers total cost of ownership. Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Today, Check Point continues to develop new innovations based on the Software Blade Architecture, providing customers with flexible and simple solutions that can be fully customized to meet the exact security needs of any organization. Check Point is the only vendor to go beyond technology and define security as a business process. Check Point 3D Security uniquely combines policy, people and enforcement for greater protection of information assets and helps organizations implement a blueprint for security that aligns with business needs. Customers include tens of thousands of organizations of all sizes, including all Fortune and Global 100 companies. Check Point's award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft.