In the grand scheme of cybersecurity, the design issue in Foxit PDF Reader was really very minor. But it revealed a much larger and more impactful phenomenon that we’ll probably have to deal with for as long as there are computers around: the instinct to click ‘Ok’.저자 PI Media

Once every year, Check Point releases an annual report reviewing the biggest events and trends in cybersecurity. In this episode we'll break down the latest iteration, focusing on its most important parts, to catch you up on what you need to know most in 2024.저자 PI Media

For years now, Iran’s state-sponsored hackers have been some of the most prolific in the world. But prolific does not necessarily mean sophisticated -- its attacks haven’t quite impressed in the way that the U.S., Russia, and China’s do. But in a campaign recently uncovered by CheckPoint, one Iranian APT unleashed tools and tactics unlike anything …

Once a year, Check Point Research releases a “mid-year report”: a summary of the first half of the calendar year in cybersecurity, including all of the major changes, trends, and events that defined January through June. Obviously a lot happens in that time, and so the reports end up rather long. Which is why, sometimes, we’ll do one of these episo…

Between corporations, governments, and the rest of us, billions are spent every year trying to secure cyberspace. Which makes it almost unbelievable to think that just one, simple policy change from one company -- with almost no cost to anybody, and no effort involved -- could alter the entire course of cyberspace. And yet, that is exactly what hap…

For all the ridiculous spam calls in the world, but a small percentage of them are actually, legitimately, convincing. According to the Korean government, “voice phishing” compromises nearly 200 Korean citizens every day, with average financial losses around 8,500 dollars worth of Korean won. If it’s that successful, surely, the scammers are doing …

In July 2021, several prominent human rights activists in Azerbaijan received the same phishing email that delivered them spyware, capable of causing significant harm to their personal and professional lives. But that was only the beginning of a story in which the domestic surveillance toolbox is fired in the midst of a small-scale cyberwar in the …

In 2022, government APTs wiped out entire computer systems, hackers turned good software evil, and ransomware evolved into something entirely new. In this episode we'll review the biggest stories, most important trends, and cutting insights from the last year in cybersecurity.저자 PI Media

Today's AI can beat humans at Jeopardy, chess, recognizing faces and diagnosing medical conditions. As of last Fall it can write malware, too. In fact, it can write an entire attack chain: phishing emails, macros, reverse shells, you name it. What do we do now?저자 PI Media

Earlier this Fall, some users of the OpenSea trading platform posted dire messages to Twitter: all of the NFTs in their wallets were gone. Thousands of dollars worth of investments had suddenly disappeared. Soon it became clear: they were never getting their money back. This wasn’t just a glitch, it was a hack. But how?…

For decades, hacktivism has been associated with groups like Anonymous. Recently, though, something has changed. An entirely new kind of hacktivist has arisen: one with more resources, capabilities and power than anything we've seen before.저자 PI Media

Every year, ordinary people lose money in blockchain hacks. Could it be that this technology is simply insecure by nature? Or is there something we’re all missing -- something that can save this industry, and the millions of people who’ve invested their hard-earned money into it, from squandering billions of dollars every year?…

How was the use of cyber manifested in the Russia-Ukraine war? Will Microsoft block VB macros? We'll discuss all this and more while reviewing the Mid-Year Cyber Attack Trends report of 2022.저자 PI Media

On March 23rd, 2022, individuals working at the most important defense research institutes in Russia all received variations of the same email. The messages appeared to be quite official, regarding sanctions for Ukraine. In reality they were traps, planted by a mysterious foreign APT.저자 PI Media

Five years ago today, the world witnessed the most destructive ransomware attack ever. Its name was Wannacry, and it changed everything. What happened, how has ransomware evolved since, and have we learned our lesson? Or could something just like it happen again?저자 PI Media

The Conti group tallied over 700 victims, including many multi-million-dollar corporate, government and healthcare organizations. Then, in their most publicized move yet, they put their full backing behind the Russian invasion of Ukraine. One anonymous researcher decided enough was enough. They hacked the hackers, and leaked the innermost details o…

Did you know that in 2021 there has been a 40% increase in weekly average number of cyber attacks compared to 2020? That is just one of the fascinating findings in the report published by Check Point due to the Cybersecurity Awareness Month. In this episode we will talk about the interesting findings and their implication.…

You own some pretty "smart" computers. The laptop on your desk, the phone in your pocket, the system that runs your car. But you're also surrounded by "dumb" computers--simple machines, like your alarm clock, your computer mouse, your refrigerator. We all know that smart computers can be hacked, but what about the dumb ones? Could someone hack your…

It seemed like a totally normal day--people went to work, to school, to get away for an early weekend. Then, across the country of Iran, trains began to freeze in place. The system for tracking them went down. And, on display screens in stations across the country, a message was posted: the country was under attack...…

In this episode of “Cyber Academy" we will talk about the CVE database. What's a CVE? What do the numbers attached to the CVE mean? Are they random or not? Why do we need to catalogue CVEs? What is the connection between CVEs and dictionaries, phonebooks and the deep blue sea? Who is Mitre? and what do you do if you discover a CVE all by yourself? …

Check Point Research (CPR) finds security flaws in Atlassian, a platform used by 180,000 customers worldwide to engineer software and manage projects. With just one click, an attacker could have used the flaws get access to the Atlassian Jira bug system and get sensitive information such as security issues on Atlassian cloud, Bitbucket and on premi…

In this episode of "Cyber Academy" we will talk about viruses, worms and trojans. What is the difference between these three types of malware and what they have in common. We will talk about their evolvement since the early days of the internet till today. How in the past there was a clear distinction between them and today classifying them is a bi…

Last May, in one of the most brazen attacks ever attempted, cybercriminals from Eastern Europe shut down the supply of gasoline to most of the east coast of the United States. Past the many millions of people affected, and the many millions of dollars lost, it was a message: that ransomware can have world-altering consequences. It wasn't that long …

In this episode of “Cyber Academy, we will talk about Botnets. What are Botnets used for? How does the Botmaster, the attacker, control the bots he has under his control? We will talk about the different aspects of this modern-day crime. For example how it's connected to spam mail or bitcoins. Are Botnets an ingenious way to make "easy money" or do…

Would you use a computer without any kind of antivirus? Would you put your personal photos on that device? Use it to text and email? Access your bank? It turns out: you're probably already doing all of these things. The most sensitive, least protected device in your life is in your pocket right now.저자 PI Media

In our previous episodes, you heard the term "vulnerabilities" more than once. But what exactly does it mean? What stands behind this big word? For such terms and questions, we create the format of "Cyber Academy''. In each "Cyber Academy' episode, we’ll bring you a single topic - usually a basic term, an idea or a technology related to cybersecuri…

In 2020 hospitals were hit with ransomware, corporations with phishing attacks, and we saw one of the biggest hacks ever conceived: the SolarWinds breach. It was a groundbreaking year, so in this episode we're summarizing the most important things you need to know. A SparkNotes for cybersecurity in 2020.…

When the Pfizer and Moderna vaccines were first approved, almost nobody could get one. Meanwhile, on the darknet, cybercriminals were offering deals on mass shipments. Most people still aren't inoculated today, yet the darknet market for vaccines is thriving.Is the darknet getting vaccines while the rest of us can't? What's actually going on?…

In the summer of 2016, a group of anonymous hackers hacked into the NSA and released some of the most powerful exploits ever developed. The ramifications of that leak would be felt for years to come, in some of the most destructive cyber attacks on record. But even all these years later there are mysteries yet unsolved, and stories that seem to con…

The recent SolarWinds breach was one of the most sophisticated, complex cyber operations in history. By the end 18,000 companies, including a dozen U.S. federal agencies, were compromised. How did the hackers pull it off?저자 PI Media

A man goes on Dubai T.V to discuss national security in the Middle East. 1,000 miles north, a social activist uses Telegram to organize anti-government activity. 5,000 miles north, an immigrant applies for a driver's license in Sweden. None of these people know one another, but they're all about to fall victim to the same attack. An attack that cha…

DNS is the phone book of the internet--it's how your computer knows where to go to reach the website you want to visit. It's no stretch to say that, without functioning DNS, the internet as we know it could not exist. So imagine what would happen if you could completely compromise it..저자 PI Media

Most people place their virtual assistants in their living room or bedroom. This makes it very easy to interact with cyberspace while you're laying around, watching T.V., or doing dishes. It also means that you're allowing a listening device into the most sensitive spaces in your home. What if somebody were able to take control of that device? To m…

When Gal Elbaz came across a modest GIF parser sitting in a remote corner of GitHub, he wasn't exactly looking for trouble. But he found it. What was so troublesome about this parser in particular? It wasn't popular, it was created by some unknown programmer, and it didn't have any extraordinary qualities. Except it was familiar. Gal had seen this …

Major tech companies understand that their brands are only as strong as they are safe to use, so they set bounties on vulnerabilities: hundreds of thousands of dollars, a million dollars, to any programmer who can find a hole in their sites. White hat hackers comb every line of code to try and earn the grand prize, and in return, the companies gain…

In 2015, Khalifa Haftar--a fierce military general, known as "Libya's most potent warlord"--began an operation to take over the state of Libya. He led an insurgent army, slowly taking over the country's southern lands, headed straight for the capital of Tripoli. All the while, 'Khalifa Haftar' on Facebook was publishing updates about the war, even …

A new kind of man-in-the-middle attack is emerging, and it may just be the most lucrative method of hacking ever conceived.저자 PI Media

The first publicized case of Ccoronavirus in the United States occurred in late February, 2020. Almost immediately, a different spread began: hackers, leveraging the global panic to spread new kinds of malicious cyber threats. Whether the new, COVID-related malware succeeded would depend on one question: does fear and uncertainty make us more hacka…

Phishing is the oldest trick in the book—we're all familiar with it by now. Yet for the past few years, Canadian companies had been falling victim to an ordinary phishing campaign. What made this threat different?저자 PI Media

It began with a "Google" security email. But the trail of breadcrumbs traced back to something much, much bigger: a laser-targeted hacking campaign that put its targets' lives in danger.저자 PI Media

Last year, iOS, Zynga, Facebook and Capital One were hacked. Personal information from over a billion people were exposed in data breaches, and new kinds of attacks we've hardly seen before came to dominate cyberspace. Check Point reviews the biggest trends, events and stories of the past year in its annual report, out now.…

The world's premier cyber espionage agency built one of the world's most advanced cyber tools. When it was leaked, most of the security sector was stunned. Hidden away at the other end of the world, however, a worthy adversary had already deployed the same attack tool. How'd they got their hands on it? And who's been spying on whom this whole time?…

The most popular video game in the world has a problem: a black market economy has developed around its in-game currency. Cybercriminals are hacking user accounts, juicing credit cards, and selling virtual currency for real-life dollars and cents. To ensure fun and safety for players, the cycle must be stopped. This podcast is produced by P.I. Medi…

The Middle East is a turbulent and explosive region, to put it mildly – and that is why when Aseel Kial, a Malware Analyst at CheckPoint, came across a new malware targeting ISIS operatives, she wasn't terribly surprised. The surprise came, however, when she found out who is behind the target attack, and the social engineering techniques they used.…

What happens if a single baby monitor can be hacked? Powerful ransomware has caused outages in hospitals across the world, putting thousands of lives in danger. Medical devices–insulin injectors, heart monitors, pacemakers–are the next targets. This podcast is produced by P.I. Media for Check Point.저자 PI Media