Check Point Checkmates Cyber Security Podcasts

PhoneBoy talks with Tim Otis and Ray Schippers from the Check Point Incident Response Team about a recent investigation that led to APT41, which led to a discussion about attacks that "live off the land."

An excerpt of our Ask Me Anything with Check Point Founder and CEO Gil Shwed where we discuss how Covid-19 changed the cyber threat landscape.

PhoneBoy talks with fellow Cyber Security Evangelist Ashwin Ram about an idea for a talk he's putting together around lessons we've learned from dealing with Covid-19 in healthcare and how they can apply to Cyber Security.

PhoneBoy talks with fellow Cyber Security Evangelist Ashwin Ram about the mindset of Detection versus the Prevention mindset.

In this episode, PhoneBoy talks with Ray Schippers and Tim Otis from the Check Point Incident Response Team about phishing and where it can lead.

PhoneBoy's Conversation with Check Point Cyber Security Evangelist Ashwin Ram about his TechTalk on the cyber threats and opportunities (for malicious actors) in response to COVID-19.

PhoneBoy talks to Tim Otis and Raymond Schippers from Check Point's Incident Response Team about Ransomware: how it's getting into environments and what you can do about it.

PhoneBoy talks with Ray Schippers and Tim Otis from the Check Point Incident Response Team about recent exploits against Remote Access infrastructure and what steps you can take to protect it and your users.

Excerpt from our TechTalk: What's New In R80.40 Security Management.

PhoneBoy's conversation with Danny Shulman and Peter Elmer about HTTPS Inspection, which was covered in more detail in a TechTalk.

PhoneBoy Chats with Tomer Solé about Check Point's newest solution for securing SD-WAN: CloudGuard Connect

Joining Oded Awaskar in this episode are Tim Otis and Ray Schippers from the Check Point Incident Response team.In this episode, we deep dive into CVE-2019-0708 dubbed “BlueKeep”, which was disclosed in the May 2019 “Patch Tuesday” of Microsoft.We will share with you background on this vulnerability and reveal the “behind the scenes” of a security company when such a vulnerability is disclosed.The episode concludes with recommendations on how to secure your environment from BlueKeep and similar vulnerabilities.

Joining Oded Awaskar in this episode is Avigayil Mechtinger, a cyber analyst from Check Point's Mobile Security team, telling us about the recent PreAMo clicker campaign (13:10).In this episode, we also cover the following topics:A recent vulnerability discovered in Oracle WebLogic servers is being exploited to deliver the Sodinokibi ransomware (1:56).Check Point Research uncovered the activity of an Indonesian hacking group dubbed “plaNETWORK” (5:10).Over 200 online university campus stores were affected by a credit card skimming attack, dubbed “Mirrorthief” (7:00).Dell’s SupportAssist software was found vulnerable to remote code execution (9:50).     You may read the full PreAMo clicker campaign in the cp<r> blog.Both of the Threat Intelligence reports are located here and here.

Oded Awaskar is joined by Aseel Kayal, a malware analyst from Check Point's Threat Intelligence group who tells us about her latest research dealing with the Muddy Water APT group’s activity.In addition, we discuss these issues:Information regarding the operations and tools of the Iranian linked OilRig APT (APT 34) group has been disclosed online.Anubis, an Android banking Trojan, has evolved to contain encryption, RAT functionality and device locking capabilities which qualify it as Android ransomware.The relevant Threat Intelligence reports are located here and here.

The second episode of the CheckMates GO Podcast is out.Joining Oded Awaskar is Yoav Arad Pinkas and Hadar Wiesen, a security analyst in the Managed Security Service teamIn this episode we cover the following topics:The Georgia Institute of technology suffered a data breach, which exposed the personal information of both faculty and students.ShadowHammer – A supply chain hack of Asus which led to the installation of backdoors in numerous computers.The emergency tornado alarm system in Texas was compromised, creating panic amongst residents.Check Point researchers have discovered a vulnerability in one of Xiamoi’s built-in security applications that could allow an attacker to remotely hack the phone.You may read the full Xiaomi research in the cp<r> blog.Both of the Threat Intelligence Reports are located here and here.

In this podcast, Oded Awaskar and Yoav Arad Pinkas review the latest cyber & intelligence incidents from the past 2 weeks.On the agenda:“Simbad” – a mobile adware campaign spotted on Google’s Play Store by Check Point Researchers.‘Norsk Hydro’, an Aluminum company, “Hexion” and “Momentive”, two American chemicals companies have been hit by the LockerGoga ransomware.2 million emails of over 350,000 clients of the Oregon Department of Human Services (DHS) have been exposed after a successful spear phishing attack.Vulnerabilities found in implantable defibrillators expose patients to life-threatening hacks.You can find our full weekly Threat Intelligence reports here and here.Also, the full “Simbad” blog post can be found in the cp<r>esearch blog.