New GandCrab Decryptor Unlocks Files of Updated Ransomware

Yet another free decryptor is available for GandCrab ransomware victims. The tool, released Tuesday, is the third decryptor update in the past year that thwarts the prolific and fast-evolving GandCrab ransomware. Europol police announced availability of the update, which now unlocks data encrypte...

Flaws in RDP protocols leaving machines prone to remote code execution

By Waqas Major Security Flaws Identified in RDP Protocols making Machines Prone to Remote Code Execution and Reverse RDP Attacks. Check Point researchers have identified that three remote desktop protocol RDP tools, which are probably the most popular ones for Windows, macOS, and Linux systems, a...

Flaws in Popular RDP Clients Allow Malicious Servers to Reverse Hack PCs

You've always been warned not to share remote access to your computer with any untrusted people for many reasons—it's basic cyber security advice, and common sense, right? But what if I say, you should not even trust anyone who invites or offers you full remote access to their computers? Security...

Remote Desktop Protocol Clients Rife with Remote Code-Execution Flaws

UPDATE LAS VEGAS — Multiple critical vulnerabilities in the commonly used Remote Desktop Protocol RDP would allow a malicious actor to achieve remote code-execution over a client’s computer. According to Check Point research released Tuesday at the CPX360 event in Las Vegas, both open-source and...

Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits Exploit Title: Check Point ZoneAlarm Local Privilege Escalation Exploit Author: Chris Anastasio Vendor Homepage: https://www.zonealarm.com/software/free-antivirus/ Software Link: Vulnerable Versions included in repo Version: ZoneAlarm Free...

Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation

Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation Exploit Title: Check Point ZoneAlarm Local Privilege Escalation Date: 1/16/19 Exploit Author: Chris Anastasio Vendor Homepage: https://www.zonealarm.com/software/free-antivirus/ Software Link: Vulnerable Versions included in repo Versio...

Check Point ZoneAlarm 8.8.1.110 - Local Privilege Escalation

Exploit Title: Check Point ZoneAlarm Local Privilege Escalation Date: 1/16/19 Exploit Author: Chris Anastasio Vendor Homepage: https://www.zonealarm.com/software/free-antivirus/ Software Link: Vulnerable Versions included in repo Version: ZoneAlarm Free Antivirus + Firewall version: 15.3.064.1772...

Fortnite Hacked Via Insecure Single Sign-On

Epic Games patched a bug that could have allowed hackers to break into millions of Fortnite accounts and steal virtual currency or resell virtual goods. The vulnerability is tied to an insecure Fortnite application program interface API used by players to log into their accounts using third-party...

Check Point CloudGuard Controller fails to connect to a VMware vCenter Data Center in R80.20.M2

...

IT consultancy firm caught running ransomware decryption scam

By Waqas Ransomware has become a persistent threat to users globally but for cybercriminals, it is a lucrative business. Recently, IT security researchers at Check Point unearthed a sophisticated ransomware decryption scam in which a Russian IT consultant company has been caught scamming ransomwa...

DJI Patches Forum Bug That Allowed Drone Account Takeovers

Leading commercial drone maker DJI patched a cross-site scripting bug impacting its forums that could have allowed a hacker to hijack user accounts and gain access to sensitive online data, ranging from flight images, bank card data, flight records and even real time camera images. The...

400% increase in cryptomining malware attacks against iPhones

By Waqas It wouldn’t be wrong to state that Apple has become the apple of the eyes of cryptomining enthusiasts and cybercriminals. According to Check Point’s latest Global Threat Index, the company is being targeted more frequently in cryptomining malware attacks. The report discloses some...

Dark Web Azorult Generator Offers Free Binaries to Cybercrooks

A malicious build-it-yourself platform for the Azorult info-stealing malware has debuted on the Dark Web. The online builder, which its authors have named Gazorp, allows cybercriminals to generate their very own strains of Azorult, along with the apparatus to control it. And, it’s free. “Threat...

Lucy Gang Debuts with Unusual Android MaaS Package

There’s a fresh bloom in the malware-as-a-service garden: Researchers have uncovered a new Russian-speaking threat actor hawking a proprietary cyber-weapon dubbed “Black Rose Lucy.” The offering is a malware-as-a-service MaaS bundle with two parts, consisting of a controlling web interface which...

Critical Out-of-Band Patch Issued for Adobe Acrobat Reader

Adobe released patches for seven flaws in an unscheduled update for its Acrobat Reader and DC product, which could lead to arbitrary code execution. The patches, released Wednesday, come one week after Adobe’s regularly-scheduled September update. The flaws addressed include one “critical”...

Fortnite Android App Falls Victim to Man-in-the-Disk Flaw

Epic Games has patched a critical man-in-the-disk MiTD flaw for the Android version of the wildly popular Fortnite game – although controversy has swirled after Google decided to ignore a 90-day disclosure request from the gaming company. The issue exists in the Fortnite Installer, which download...

Check Point response to Bleichenbacher oracle cryptographic attack (IKEv1/IKEv2)

...

Check Point response to SegmentSmack (CVE-2018-5390) and FragmentSmack (CVE-2018-5391)

...

Hackers can compromise your network just by sending a Fax

What maximum a remote attacker can do just by having your Fax machine number? Believe it or not, but your fax number is literally enough for a hacker to gain complete control over the printer and possibly infiltrate the rest of the network connected to it. Check Point researchers have revealed...

Linux kernel IP fragment re-assembly vulnerable to denial of service

Overview The Linux kernel, versions 3.9+, IP implementation is vulnerable to denial of service conditions with low rates of specially modified packets. Description CWE-400: Uncontrolled Resource Consumption 'Resource Exhaustion' - CVE-2018-5391The Linux kernel, versions 3.9+, is vulnerable to a...