Latest news with #malware
Forbes
7 hours ago
- Forbes
If You See These 2 Words On Your Phone, It May Be Hackers
There's a new hack targeting smartphones, and you need to beware in case you accidentally install one of these apps on your device. Fortunately, there's a telltale warning on screen. And if you know what to look for, you can keep yourself safe. The security team at Zimperium says it has been 'actively tracking this sophisticated banker trojan strain' for several months, watching as it has 'rapidly evolved in both its distribution methods and capabilities.' Once installed, it will steal your credentials, log your keystrokes and record your screen. It will can also install additional malware. The only way this malware can cause such havoc, Zimperium warns, is to 'heavily abuse' Android's Accessibility Services. These are restricted because they enable an app to control many of your phone's most sensitive features and functions. That's why you will see a specific warning when any of these permissions are requested. The popup you will see will ask whether you want to grant the specific app you have installed 'full control' of your phone. Unless this app is tailored to cater for very specific usability needs and you are well aware of that before it's installed, you must deny the permission request or better still fully uninstall the app. If you allow that level of access, the malware will 'begin executing its malicious actions in the background, including data theft and unauthorized control of the device.' Zimperium has watched the malware adapt and evolve as it has gained traction in the wild. 'The new functionalities include: displaying malicious UI overlays to steal PIN codes or unlock patterns, comprehensive screen recording capabilities, the ability to block the opening of specific applications, and advanced keylogging functionality.' Almost all of which require access to sensitive functions on your phone that no normal app will ever need or ask for. The good news is that this gives you something specific to look for, rather than relying on more subtle signs of an attack. Overlay malware presents a fake screen to you while hiding a real app's UI in the background. For example, it will overlay your banking app's login screen and maybe even its 2FA prompt. It can then capture whatever you enter into your phone. 'Captured credentials are secretly saved in the app's cache directory,' the researchers say, 'before being exfiltrated to the attacker's Command and Control (C2) server. The malware leverages Android's Accessibility Services to detect when a user opens a specific application, subsequently overlaying a fake UI tailored for that app.' Google has added more protections around Accessibility Services and developers are warned of the consequences of any abuse. But they remain a core tool in a malware developer's arsenal. You really do need to deny them by default. Every time.
Yahoo
13 hours ago
- Business
- Yahoo
Check Point Software Leads Email Security Rankings in 2025 GigaOm Radar Anti-Phishing Report
Check Point stands out for its advanced phishing and malware prevention capabilities, driven by innovations like Infinity AI Copilot and a forward-looking security roadmap REDWOOD CITY, Calif. , July 30, 2025 (GLOBE NEWSWIRE) -- Check Point Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and global leader of cyber security solutions, today announced that it has been recognized as a Leader and Outperformer for its Harmony Email & Collaboration security solution in GigaOm's latest Radar for Anti-Phishing report. According to GigaOm, Check Point has been recognized for its ability to deliver AI-first detection and enforcement in one seamless solution. 'We're honored to be recognized by GigaOm for our forward-looking roadmap and standout innovations,' said Gil Friedrich, GM of Workspace Security at Check Point Software. 'This acknowledgment highlights our commitment to redefining threat prevention across every communication channel and endpoint. Harmony Email & Collaboration is a highly comprehensive platform that stops phishing, business email compromise, malware, and advanced threats before they ever reach users.' The GigaOm Radar for Anti-Phishing evaluated 16 leading solutions, assessing key capabilities, emerging features, and business criteria to guide organizations in selecting the most effective protection for their specific needs. Check Point's Harmony Email & Collaboration earned the top scores in both emerging features and business criteria, highlighting its advanced defense against AI-driven phishing attacks. These top scores spotlight how Harmony Email & Collaboration combines unified cyber defense with easy deployment, simplified management, and a versatile vendor ecosystem, ensuring seamless integration across a wide range of customer environments. 'Check Point was classified as an Outperformer due to its strong continued development and focus on emerging threats,' said GigaOm analyst Paul Stringfellow. 'It also delivered a comprehensive set of innovations, including Infinity AI Copilot and enhanced security with an extensive roadmap for continued development.' Moreover, GigaOm ranked Check Point as a leader in the following categories within its report: Advanced Threat Intelligence: Leverages ThreatCloud AI's 300+ machine learning features to analyze metadata, attachments, and behavior patterns, automatically blocking compromised accounts and extending phishing protection to mobile devices Seamless Ecosystem Integration: Within the Check Point Infinity Platform, Harmony Email & Collaboration easily connects with a wide range of security tools including and third-party platforms, enabling automated threat response and streamlined operations across the customer's existing security stack Flexible Consumption: Available in multiple packages with optional add-ons, including Incident Response as a Service, Security Awareness Training, DMARC Management, Browser Protection, and Email Archiving, allowing organizations to tailor protection to their needs Access a free copy of the GigaOm Radar for Anti-phishing by visiting our website and blog. You can also request a demo here. Follow Check Point via:X (Formerly known as Twitter): Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. ( is a leading protector of digital trust, utilizing AI-powered cyber security solutions to safeguard over 100,000 organizations globally. Through its Infinity Platform and an open garden ecosystem, Check Point's prevention-first approach delivers industry-leading security efficacy while reducing risk. Employing a hybrid mesh network architecture with SASE at its core, the Infinity Platform unifies the management of on-premises, cloud, and workspace environments to offer flexibility, simplicity and scale for enterprises and service Notice Regarding Forward-Looking StatementsThis press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding future growth, the expansion of Check Point's industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2024. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law. MEDIA CONTACT: INVESTOR CONTACT: Ana Perez Kip E. Meintzer Check Point Software Technologies Check Point Software Technologies press@ ir@ in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Fox News
14 hours ago
- Fox News
How AI is now helping hackers fool your browser's security tools
Cybercriminals continually seek new ways to expose you to phishing and scam sites designed to steal your credentials or install malware that can compromise your personal data and system. Although browsers and search engines like Chrome and Google Search actively scan and take action against spam and malicious sites, they rely on automated tools to manage the huge volume of threats. Recently, hackers have developed AI-powered cloaking software that enables them to bypass these scanners by showing benign pages to security systems while revealing harmful content only to real users. This advanced cloaking technique significantly increases the effectiveness and durability of phishing and malware sites, making it harder for traditional detection methods to protect you. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my As discovered by researchers at Slashnext, cybercriminals are adopting a new tactic that makes scam websites nearly invisible to the security systems meant to stop them. Known as web cloaking, the technique uses artificial intelligence to hide phishing pages, fake storefronts, and malware delivery sites from automated scanners while showing them only to human victims. Platforms like Hoax Tech and JS Click Cloaker are emerging as key players in this trend. While both market themselves as traffic filtering tools for digital marketers, they are also being used to protect criminal infrastructure. These services use advanced fingerprinting, machine learning, and real-time decision-making to control what each visitor sees. Hoax Tech analyzes hundreds of data points to build a digital fingerprint of every visitor, from their browser configuration and plugins to their geographic location and IP history. The company's AI engine, called Matchex, compares this data to a massive database of known crawlers and security scanners. If the system detects a suspicious visitor, it redirects them to a clean, harmless site. If it identifies the visitor as legitimate, it displays the actual scam content. JS Click Cloaker takes a similar approach but claims to evaluate over 900 parameters per visit. The system scans for behavioral anomalies and uses historical click data to decide whether to allow access to the real page. It also includes features like traffic splitting and A/B testing, giving its users a suite of tools more commonly seen in professional marketing software. At the core of both platforms is the "white page" and "black page" system. The system shows security scanners the white page, which looks benign and passes review. It serves human victims the black page, which contains the scam or malicious payload. This selective targeting allows phishing campaigns and fraudulent sites to stay live longer and avoid detection. Cybercriminals are increasingly adopting advanced cloaking tools to evade detection, which is making it harder for people to spot malicious websites. Still, there are steps you can take to reduce your risk: 1. Stick to trusted sources: Avoid clicking on links from unknown senders or sketchy websites, even if they appear in ads or social media posts. Type URLs directly when possible. 2. Use strong antivirus software: A strong antivirus software can help analyze suspicious links and sites before you open them. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at 3. Use security-focused browsers: Built-in protections in browsers like Firefox and Brave can help block suspicious scripts and trackers. 4. Keep your software updated: Regular updates to your browser, operating system, and antivirus software ensure you have the latest security patches. 5. Be cautious with login pages: If a site asks for your credentials unexpectedly, verify the URL and domain name carefully. Cloaked phishing pages can look nearly identical to the real thing. 6. Enable two-factor authentication (2FA): Even if your credentials are stolen, 2FA can act as a final line of defense against account takeover by requiring a pin which is generated through an authenticator app or is sent to your phone or email. AI-powered cloaking is making it increasingly difficult to track and take down malicious sites. The result is a fast-growing market for what is essentially cloaking-as-a-service. These tools are inexpensive, easy to use, and designed to work at scale. For cybercriminals, cloaking is no longer a fringe tactic but a core part of their toolkit. While you may still be unaware of these tools, they are already reshaping how digital fraud operates behind the scenes. Do you think browsers and search engines are doing enough to protect you from advanced scams like these? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
The Independent
2 days ago
- The Independent
Mobile phone users warned to ‘stop before you tap' amid malicious apps threat
Mobile users are being urged to 'stop before you tap' in a warning about malicious apps that trick people into downloading malware onto their phone, putting their personal and finance information at risk. Anti-fraud, cybersecurity and finance organisations are highlighting a 'surge' in Android malware. They want people to be on the lookout for unexpected updates or 'strange' app requests. Malicious apps may mimic legitimate tools to steal banking details. The Cyber Defence Alliance (CDA), UK Finance, Cifas, and ThreatFabric have joined forces to highlight the problem. In some cases, malicious apps may look like file managers, PDF readers, phone cleaners, or even browsers like Google Chrome, the organisations said. Once installed, they can appear harmless but later activate harmful features through hidden updates. Criminals may use techniques which overlay fake login screens on top of real banking apps to steal login credentials. Deceptive 'busy' or 'waiting' screens may be displayed to mask fraudulent activity. People may also be prevented from exiting the app or restarting their device. They may find that excessive permissions such as 'accessibility' access are requested. People are being urged by the organisations to be vigilant particularly when being prompted to re-authenticate during a banking session; encountering unresponsive banking apps showing 'busy' messages, installing generic-looking apps such as file managers or phone cleaners; receiving unexpected prompts to install or update Chrome; and being asked to grant unusual permissions, particularly accessibility access. International crime groups are at heart of mobile attacks, the organisations said, adding that users in general should be vigilant. Han Sahin, CEO of ThreatFabric, said: 'Just as we've learned to be cautious with links, we now need the same vigilance when installing apps. This is the logical next step in staying safe, and public awareness is crucial.' Garry Lilburn, operations director at CDA, said: 'This crime highlights the growing prevalence and sophistication of mobile malware. 'As we work to better understand and disrupt this evolving threat, it's crucial that financial consumers stay vigilant, follow recommended security tips, and take a moment to verify what's in front of them – before becoming the next victim of this highly targeted fraud.' Dianne Doodnath, principal of economic crime at UK Finance, said: 'We encourage customers to stay alert to all threats of fraud, including the potential for criminals to trick people into downloading malware onto phones which could put your personal and finance information at risk of theft. 'It's important that you keep your phone security system up-to-date and always download from trusted sources to ensure you're protected from the risk of fraud and data harvesting.' Mike Haley, CEO of Cifas, said: 'The surge in Android malware is not just a tech issue – it's a growing threat to consumers and to banking services we all rely on. Criminals are evolving their tactics faster than ever, using deception and stealth to bypass traditional security measures. 'The best defence is awareness. If something feels off – an unexpected update, a strange app request – stop before you tap and always seek a second opinion. Education and vigilance are our frontline tools in the fight against fraud.' Here are some suggestions from the organisations to help mobile users stay safe: 1. Only download apps from trusted sources. 2. Check app reviews and developer information before installing. 3. Keep your device's operating system and apps up to date. 4. Report suspect apps or activity to your bank immediately. 5. Be wary of apps requesting unnecessary permissions.
Globe and Mail
3 days ago
- Business
- Globe and Mail
Booz Allen Automates Malware Analysis With Vellox Reverser
Booz Allen Hamilton (NYSE: BAH) today announced Vellox Reverser™, an AI-enabled cloud product that protects organizations from malware as cyberattacks grow increasingly insidious. The service uses a network of peer-to-peer nodes that collaboratively deconstruct complex malware binaries and produce actionable defensive recommendations in minutes instead of days or weeks. Advanced persistent threats and malicious actors increasingly use AI and other sophisticated tools to create tailored malware variants that evade detection. When static and dynamic analysis falls short, teams traditionally turn to manual reverse engineering, which requires highly specialized skills and is a time-consuming process that limits scalability and response times. The Vellox Reverser product uses AI agents and patented algorithms developed over decades of cyber defense tradecraft with U.S. government agencies. It builds swarm intelligence to automate deep analysis and provide malware defense at speed and scale. 'Booz Allen has decades of cyber tradecraft from our work protecting the most sensitive branches of the U.S. government, and we've encoded that expertise into Vellox Reverser,' said Mujtaba Hamid, executive vice president of product at Booz Allen. 'We are bringing advanced, mission-grade technology in a commercial-grade product offering that improves security and reduces costs. This reflects Booz Allen's commitment to advanced technology innovation as the leading provider of AI and cybersecurity to the federal government.' Vellox Reverser is a cloud-native product built on Amazon Web Services (AWS), which is architected to be the most secure cloud environment. It allows cybersecurity teams in both the public and private sectors to analyze and defend against complex malware. 'We support hundreds of incident response cases each year across a diverse set of organizations, including many within the Fortune 100. Vellox Reverser enhances our ability to move quickly by using AI agents that unpack and analyze malware with the precision of a seasoned reverse engineer,' said Andrew Turner, executive vice president and head of Booz Allen's global commercial business. 'When every minute counts, Vellox Reverser helps our clients reduce risk, limit disruption, and respond with confidence.' Starting today, users are invited to register for a public preview of the Vellox Reverser product at Black Hat USA . During this preview phase, participants will have the opportunity to explore Vellox Reverser's innovative capabilities and provide valuable feedback. Registration is limited, so interested users are encouraged to sign up for a demo at Black Hat . The general availability of Vellox Reverser is planned for fall 2025. About Booz Allen Hamilton Booz Allen is an advanced technology company delivering outcomes with speed for America's most critical defense, civil, and national security priorities. We build technology solutions using AI, cyber, and other cutting-edge technologies to advance and protect the nation and its citizens. By focusing on outcomes, we enable our people, clients, and their missions to succeed—accelerating the nation to realize our purpose: Empower People to Change the World ® . With global headquarters in McLean, Virginia, our company employs approximately 33,400 people globally as of June 30, 2025, and had revenue of $12.0 billion for the 12 months ended March 31, 2025. To learn more, visit . (NYSE: BAH) Forward-Looking Statements Certain statements contained in this release include 'forward-looking statements' within the meaning of the Private Securities Litigation Reform Act of 1995. Examples of forward-looking statements include statements that do not directly relate to any historical or current fact. In some cases, you can identify forward-looking statements by terminology such as 'may,' 'will,' 'could,' 'should,' 'forecasts,' 'expects,' 'intends,' 'plans,' 'anticipates,' 'projects,' 'outlook,' 'believes,' 'estimates,' 'predicts,' 'potential,' 'continue,' 'preliminary,' or the negative of these terms or other comparable terminology. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we can give you no assurance these expectations will prove to have been correct. These forward-looking statements relate to future events or our future financial performance and involve known and unknown risks, uncertainties and other factors that may cause our actual results, levels of activity, performance or achievements to differ materially from any future results, levels of activity, performance or achievements expressed or implied by these forward-looking statements. A number of important factors could cause actual results to differ materially from those contained in or implied by these forward-looking statements, including those factors discussed in our filings with the Securities and Exchange Commission (SEC), including our Annual Report on Form 10-K for the fiscal year ended March 31, 2025, which can be found at the SEC's website at . All forward-looking statements attributable to us or persons acting on our behalf are expressly qualified in their entirety by the foregoing cautionary statements. All such statements speak only as of the date made and, except as required by law, we undertake no obligation to update or revise publicly any forward-looking statements, whether as a result of new information, future events or otherwise. BAHPR-CO View source version on
