Check Point Software Technologies Ltd. (CHKP)
Chart Events
Performance Outlook
| Previous Close | 116.65 |
| Open | 116.75 |
| Bid | 118.59 x 1000 |
| Ask | 119.18 x 1100 |
| Day's Range | 116.75 - 119.17 |
| 52 Week Range | 100.66 - 139.26 |
| Volume | 1,025,023 |
| Avg. Volume | 1,405,551 |
| Market Cap | 16.077B |
| Beta (5Y Monthly) | 0.65 |
| PE Ratio (TTM) | 19.94 |
| EPS (TTM) | 5.96 |
| Earnings Date | Apr 26, 2021 |
| Forward Dividend & Yield | N/A (N/A) |
| Ex-Dividend Date | N/A |
| 1y Target Est | 132.69 |
- GlobeNewswire
Microsoft Continues to be Most Imitated Brand for Phishing Attempts in Q1 2021
Check Point Research issues Q1 Brand Phishing Report, highlighting the leading brands that hackers imitated in attempts to lure people into giving up personal dataSAN CARLOS, Calif., April 15, 2021 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its new Brand Phishing Report for Q1 2021. The report highlights the brands which were most frequently imitated by criminals in their attempts to steal individuals’ personal information or payment credentials during January, February and March. In Q1, Microsoft was again the brand most frequently targeted by cybercriminals, as it was in Q4 2020. Thirty-nine percent of all brand phishing attempts were related to the technology giant (down slightly from 43% in Q4), as threat actors continued to try to capitalize on people working remotely during the Covid-19 pandemic. DHL maintained its position as the second most impersonated brand, with 18% of all phishing attempts related to it, as criminals persisted in taking advantage of the growing reliance on online shopping. The report reveals that technology is still the most likely industry to be targeted by brand phishing, followed by shipping. However, banking has replaced retail in the top three industries this quarter, as two banking brands – Wells Fargo and Chase - are now in the top ten list, showing how threat actors are exploiting the surge in digital payments due to the pandemic, and the increased dependency on online banking, shopping and home deliveries, to try and trick users and commit financial fraud. “Criminals increased their attempts in Q1 2021 to steal peoples’ personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success,” said Omer Dembinsky, Data Research Manager at Check Point. “While security measures are often built into websites and apps, particularly with banking, it’s the human element that often fails to pick up on scams, and as such, cyber criminals are continuing to trick people using convincing emails purporting to be from trusted brands. As always, we encourage users to be cautious when divulging personal data and credentials, and to think twice before opening email attachments or links, especially emails that claim to be from companies, such as banking institutions, Microsoft or DHL, that are the most likely to be impersonated.” In a brand phishing attack, criminals try to imitate the official website of a well-known brand by using a similar domain name or URL and web page design to the genuine site. The link to the fake website can be sent to target individuals by email or text message, a user can be redirected during web browsing, or it may be triggered from a fraudulent mobile application. The fake website often contains a form intended to steal users’ credentials, payment details or other personal information. Top phishing brands in Q1 2021 Below are the top brands ranked by their overall appearance in brand phishing attempts: Microsoft (related to 39% of all brand phishing attempts globally)DHL (18%)Google (9%)Roblox (6%)Amazon (5%)Wells Fargo (4%)Chase (2%)LinkedIn (2%)Apple (2%)Dropbox (2%) DHL phishing email – malware example During the first quarter of 2021, we observed a malicious phishing email that used DHL’s branding and was trying to download the Agent Tesla RAT (Remote Access Trojan) to the user’s machine. The email which was sent from a webmail address and spoofed to appear as if it was sent from support@dhl.com, contained the subject, “DHL Import Clearance – Consignment : ”. The content asked to download an archive file “DHL-IVN.87463.rar”, which contains a malicious executable file that would cause the system to be infected with Agent Tesla. Wells Fargo phishing email – account theft exampleIn this phishing email, we see an attempt to steal a user’s Wells Fargo account information. The email which was sent from the spoofed email address noreply@cc.wellsfargo.com, contained the subject, “Your Online access has been disabled”. The attacker was trying to lure the victim to click on a malicious link, which redirects the user to a fraudulent malicious page that looks like the real Wells Fargo website . In the malicious link, the user was prompted to key in their username and their password. Check Point’s Brand Phishing Report is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime, which delivers threat data, and attack trends from a global network of threat sensors. The ThreatCloud database inspects over 3 billion websites and 600 million files daily, and identifies more than 250 million malware activities every day. Follow Check Point Research via:Blog: https://research.checkpoint.com/ Twitter: https://twitter.com/_cpresearch_ About Check Point Research Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. About Check Point Software Technologies Ltd.Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers its multilevel security architecture, Infinity Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes. MEDIA CONTACT:INVESTOR CONTACT:Emilie Beneitez LefebvreKip E. MeintzerCheck Point Software TechnologiesCheck Point Software Technologiespress@checkpoint.comir@us.checkpoint.com
- GlobeNewswire
March 2021’s Most Wanted Malware: IcedID Banking Trojan Enters Top 10 Following Covid-Related Campaign
Check Point Research reports that IcedID has entered the global malware index for the first time, taking second place, after exploiting the COVID-19 pandemic to lure new victimsSAN CARLOS, Calif., April 13, 2021 (GLOBE NEWSWIRE) -- Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, has published its latest Global Threat Index for March 2021. Researchers report that the IcedID banking trojan has entered the Index for the first time, taking second place, while the established Dridex trojan was the most prevalent malware during March, up from seventh in February. First seen in 2017, IcedID has been spreading rapidly in March via several spam campaigns, affecting 11% of organizations globally. One widespread campaign used a COVID-19 theme to entice new victims into opening malicious email attachments; the majority of these attachments are Microsoft Word documents with a malicious macro used to insert an installer for IcedID. Once installed, the trojan then attempts to steal account details, payment credentials, and other sensitive information from users’ PCs. IcedID also uses other malware to proliferate, and has been used as the initial infection stage in ransomware operations. “IcedID has been around for a few years now but has recently been used widely, showing that cyber-criminals are continuing to adapt their techniques to exploit organizations, using the pandemic as a guise,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point. “IcedID is a particularly evasive trojan that uses a range of techniques to steal financial data, so organizations must ensure they have robust security systems in place to prevent their networks being compromised and minimize risks. Comprehensive training for all employees is crucial, so they are equipped with the skills needed to identify the types of malicious emails that spread IcedID and other malware.” CPR also warns that “HTTP Headers Remote Code Execution (CVE-2020-13756)” is the most common exploited vulnerability, impacting 45% of organizations globally, followed by “MVPower DVR Remote Code Execution” which impact 44% of organizations worldwide. “Dasan GPON Router Authentication Bypass (CVE-2018-10561)” is on the third place in the top exploited vulnerabilities list, with a global impact of 44%. Top malware families*The arrows relate to the change in rank compared to the previous month. This month, Dridex is the most popular malware with a global impact of 16% of organizations, followed by IcedID and Lokibot affecting 11% and 9% of organizations worldwide respectively. ↑ Dridex - Dridex is a Trojan that targets the Windows platform and is reportedly downloaded via a spam email attachment. Dridex contacts a remote server and sends information about the infected system. It can also download and execute arbitrary modules received from the remote server.↑ IcedID - IcedID is a banking Trojan spread by email spam campaigns and uses evasive techniques such as process injection and steganography to steal user financial data.↑ Lokibot - Lokibot is an Info Stealer distributed mainly by phishing emails and is used to steal various data such as email credentials, as well as passwords to CryptoCoin wallets and FTP servers. Top exploited vulnerabilities This month “HTTP Headers Remote Code Execution (CVE-2020-13756)” is the most common exploited vulnerability, impacting 45% of organizations globally, followed by “MVPower DVR Remote Code Execution” which impacts 44% of organizations worldwide. “Dasan GPON Router Authentication Bypass (CVE-2018-10561)” is in third place with a global impact of 44%. ↑ HTTP Headers Remote Code Execution (CVE-2020-13756) - HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine.↑ MVPower DVR Remote Code Execution - remote code execution vulnerability exists in MVPower DVR devices. A remote attacker can exploit this weakness to execute arbitrary code in the affected router via a crafted request.↑ Dasan GPON Router Authentication Bypass (CVE-2018-10561) - authentication bypass vulnerability exists in Dasan GPON routers. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system. Top mobile malwares Hiddad took first place in the most prevalent mobile malware index, followed by xHelper and FurBall. ↑ Hiddad - Hiddad is an Android malware, which repackages legitimate apps and then releases them to a third-party store. Its main function is to display ads, but it can also gain access to key security details built into the OS.↑ xHelper - A malicious application seen in the wild since March 2019, used for downloading other malicious apps and display ads. The application is capable of hiding itself from the user, and can even reinstall itself after being uninstalled.↑ FurBall - FurBall is an Android MRAT (Mobile Remote Access Trojan) which is deployed by APT-C-50, an Iranian APT group connected to the Iranian government. This malware was used in multiple campaigns dating back to 2017, and is still active today. Among FurBall’s capabilities are; stealing SMS messages and mobile call logs, recording calls and surroundings, collecting media files, tracking locations, and more. Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database inspects over 3 billion websites and 600 million files daily, and identifies more than 250 million malware activities every day. The complete list of the top 10 malware families in March can be found on the Check Point blog. Follow Check Point Research via:Blog: https://research.checkpoint.com/ Twitter: https://twitter.com/_cpresearch About Check Point Research Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs. About Check Point Software Technologies Ltd.Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Check Point’s solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and advanced targeted threats. Check Point offers a multilevel security architecture, “Infinity Total Protection with Gen V advanced threat prevention”, this combined product architecture defends an enterprise’s cloud, network and mobile devices. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes. MEDIA CONTACT: INVESTOR CONTACT:Emilie Beneitez Lefebvre Kip E. MeintzerCheck Point Software Technologies Check Point Software Technologiespress@checkpoint.com ir@us.checkpoint.com
- GlobeNewswire
Check Point Software’s Mobile Security Report 2021 Shows Almost Every Organization Globally Experienced a Mobile Malware Attack during the Past Year
New report uncovers the latest threats to enterprise mobile devices, from malicious apps to ransomware attacks, and for the first time, attacks exploiting corporate Mobile Device Management 97% of organizations in 2020 faced mobile threats that used multiple attack vectors46% of organizations had at least one employee download a malicious mobile applicationAt least 40% of the world’s mobile devices are inherently vulnerable to cyberattacks SAN CARLOS, Calif., April 12, 2021 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cybersecurity solutions globally, has published its 2021 Mobile Security Report. The report examines the latest emerging threats targeting enterprise mobile devices, and gives a comprehensive overview of the major trends in mobile malware, device vulnerabilities, and in nation-state cyber-attacks. It also shows how organizations can protect themselves against today’s and tomorrow’s complex mobile threats and how these threats are likely to be evolving. The move to mass remote working during the COVID-19 pandemic saw the mobile attack surface expand dramatically, resulting in 97% of organizations facing mobile threats from several attack vectors. With 60% of workers forecast to be mobile by 2024, mobile security needs to be a priority for all organizations. Highlights of the Check Point Research Mobile Security Report 2021include: All enterprises at risk from mobile attacks: Almost every organization experienced at least one mobile malware attack in 2020. Ninety three percent of these attacks originated in a device network, which attempts to trick users into installing a malicious payload via infected websites or URLs, or to steal users’ credentials.Nearly half of organizations impacted by malicious mobile apps: Forty six percent of organizations had at least one employee download a malicious mobile application that threatened their organization’s networks and data in 2020.Four in ten mobiles globally are vulnerable: Check Point’s Achilles research showed that at least 40% of the world’s mobile devices are inherently vulnerable to cyberattacks due to flaws in their chipsets, and need urgent patching.Mobile malware on the rise: In 2020, Check Point found a 15% increase in banking Trojan activity, where users’ mobile banking credentials are at risk of being stolen. Threat actors have been spreading mobile malware, including Mobile Remote Access Trojans (MRATs), banking trojans, and premium dialers, often hiding the malware in apps that claim to offer COVID-19 related information.APT groups target mobile devices: Individuals’ mobiles are a very attractive target for various APT groups, such as Iran’s Rampant Kitten, which has conducted elaborate and sophisticated targeted attacks to spy on users and steal sensitive data “As we have seen in 2020, the mobile threat landscape has continued to expand with almost every organization now having experienced an attack,” said Neatsun Ziv, VP Threat Prevention at Check Point Software. “And there are more complex threats on the horizon. Cybercriminals are continuing to evolve and adapt their techniques to exploit our growing reliance on mobiles. Enterprises need to adopt mobile security solutions which seamlessly protect devices from today’s advanced cyber threats, and users should be careful to use only apps from official app stores to minimize their risk.” During 2020, Check Point discovered a new and highly significant attack, in which threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than 75% of its managed mobile devices – exploiting the solution, which is intended to control how mobiles are used within the enterprise. Check Point’s 2021 Mobile Security Report is based on data that was collected from January 1st, 2020 through December 31st, 2020, from 1,800 organizations that use Check Point Harmony Mobile, Check Point’s mobile threat defense solution. It also draws on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime, which delivers threat data and attack trends from a global network of threat sensors; from Check Point Research's (CPR) investigations over the last 12 months and on recent survey reports from external organizations. For more details, download the full report https://pages.checkpoint.com/mobile_security_report_2021.html Follow Check Point via:Twitter: http://www.twitter.com/checkpointswFacebook: https://www.facebook.com/checkpointsoftwareBlog: http://blog.checkpoint.comYouTube: http://www.youtube.com/user/CPGlobalLinkedIn: https://www.linkedin.com/company/check-point-software-technologies About Check Point Software Technologies Ltd.Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading provider of cyber security solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware and other types of attacks. Check Point offers its multilevel security architecture, Infinity Total Protection with Gen V advanced threat prevention, which defends enterprises’ cloud, network and mobile device held information. Check Point provides the most comprehensive and intuitive one point of control security management system. Check Point protects over 100,000 organizations of all sizes. MEDIA CONTACT:INVESTOR CONTACT:Emilie Beneitez LefebvreKip E. MeintzerCheck Point Software TechnologiesCheck Point Software Technologiespress@checkpoint.comir@us.checkpoint.com
