Tag: Check Point Blog

A Deep Dive Into the Vulnerabilities Found In America’s Largest Internet-Connected Exercise-as-a-Service Company. Highlights: Check Point security experts unveil vulnerabilities found in internet-connected workout equipment such as Peloton. Exploiting these vulnerabilities could potentially grant threat actors access to user databases,…

Read more →

  What happens when you need to set up a container environment quickly? You may use a popular platform called Docker Hub to find an application that can be rapidly deployed. Then, let’s say you find an image that looks…

Read more →

Malicious package previously removed are still accessible through jsdelivr and results in phishing attack Highlights: CloudGuard Spectral detected a malicious package on NPM that applied a phishing attack to gain its user’s credentials To do so, the package relied on…

Read more →

Highlights Cyber criminals are using Facebook to impersonate popular generative AI brands, including ChatGPT, Google Bard, Midjourney and Jasper Facebook users are being tricked into downloading content from the fake brand pages and ads These downloads contain malicious malware, which…

Read more →

Highlights Cyber criminals are using Facebook to impersonate popular generative AI brands, including ChatGPT, Google Bard, Midjourney and Jasper Facebook users are being tricked into downloading content from the fake brand pages and ads These downloads contain malicious malware, which…

Read more →

This week, the Biden-Harris Administration announced the US Cyber Trust Mark, a new label to help consumers easily understand which smart devices are less vulnerable to cyberattacks. In the US, Statista estimates there will be 5.4 billion Internet of Things…

Read more →

Our latest Brand Phishing Report for Q2 2023 highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during April, May and June 2023. Last quarter global technology company…

Read more →

Cybercriminals tend to adapt their tactics to the never-ending changes in the business landscape, and the rise of remote and hybrid work arrangements has certainly provided them with a wealth of opportunities. The growing use of personal devices for business…

Read more →

We are proud to announce that Check Point Software has been named as a finalist for the highly prestigious 2023 CRN Tech Innovator Awards! We are thrilled to receive this recognition, and even more excited that we have been chosen…

Read more →

Highlights: · Check Point Software Technologies’ Zero-Phishing AI Engine now scaled and improved to identify and block access to which impersonate local and global brands across multiple languages and countries. · New domains are inspected immediately upon registration for pre-emptive…

Read more →

Highlights Q2 2023 saw an 8% surge in global weekly cyberattacks, with organizations facing an average of 1258 attacks per week Education and Research experiencing highest number of attacks per week 1 out of every 44 organizations worldwide experience a…

Read more →

Preventing leakage of sensitive and confidential data when using Generative AI apps Security Risk Assessment Like all new technologies, ChatGPT, Google Bard, Microsoft Bing Chat, and other Generative AI services come with classic trade-offs, including innovation and productivity gains vs.…

Read more →

Gartner has just released its latest report on “Gartner Critical Capabilities for Network Firewalls” and the results are in – Check Point scored highest and is ranked first for the Public Cloud Security Use Case! “We see this is an…

Read more →

Check Point is announcing two new offerings for Microsoft customers—and if you’re a Microsoft and/or Check Point channel partner, you’ll want to come by our virtual booth! At Microsoft Inspire, a virtual event held July 18-19, Check Point will showcase…

Read more →

Here’s a quick-fire question: do you know where all your sensitive data is? As businesses of all sizes generate, accumulate, store, and process more data records in more places than ever, it’s increasingly challenging to classify and track all that…

Read more →

Highlights ·  Check Point Research (CPR) in collaboration with Claroty Team82 uncovered major security vulnerabilities in the popular QuickBlox platform, used for telemedicine, finance and smart IoT devices ·  If exploited, the vulnerabilities could allow threat actors to access applications’…

Read more →

Highlights: Check Point Research (CPR) releases an analysis of Google’s generative AI platform ‘Bard’, surfacing several scenarios where the platform permits cybercriminals’ malicious efforts Check Point Researchers were able to generate phishing emails, malware keyloggers and basic ransomware code CPR…

Read more →

When it comes to cloud computing, security is one of the most important considerations. Moreover, even the best cloud security must be easy and intuitive to deploy, configure, use and maintain. Customers of Oracle Cloud Infrastructure (OCI) can streamline their…

Read more →

Check Point Research reported that multipurpose Trojan Qbot has been the most prevalent malware so far in 2023. Meanwhile, SpinOk mobile Trojan took top spot in June for the first time and ransomware was rife following MOVEit zero-day vulnerability Our…

Read more →

Highlights: Amazon prime related phishing campaigns grew 16- folds higher in June, compared to May. The overall increase in all Amazon related phishing was 8% During this period, there were almost 1,500 new domains related to the term “Amazon” of…

Read more →

Highlights: Check Point Research uncovers a targeted campaign carried out by a Chinese threat actor targeting foreign and domestic policies- focused government entities in Europe The campaign leverages HTML Smuggling, a technique in which attackers hide malicious payloads inside HTML…

Read more →

Do you ever cover the credit card reader with your hand so no one can see the PIN? Of course you don’t; non-contactless is so 2019. But if you did, you’d do it to prevent prying eyes from viewing your…

Read more →

How Check Point’s new MIND’s CISO Academy course can help For modern-day CISOs, the growing cyber threats and security breaches waiting around every corner are not the only concern anymore. Today, the need to stay ahead of the curve and up…

Read more →

How Check Point’s new MIND’s CISO Academy course can help For modern-day CISOs, the growing cyber threats and security breaches waiting around every corner are not the only concern anymore. Today, the need to stay ahead of the curve and up…

Read more →

By: Michal Ziv, Or Mizrahi, Danil Golubenko Highlights: A modified version of the popular messaging app Telegram found to be malicious The malware within the malicious app can sign up the victim for various paid subscriptions, perform in-app purchases and…

Read more →

Highlights Check Point Research examines security and safety aspects of GPT-4 and reveals how limitations can be bypassed Researchers present a new mechanism dubbed “double bind bypass”, colliding GPT-4s internal motivations against itself Our researchers were able to gain illegal…

Read more →

“If you want to keep a secret, you must also hide it from yourself.” You might be surprised to learn that this wise quote comes from George Orwell’s famous 1984, not a ‘how to code’ textbook. Although if developers want…

Read more →

With more than 347 billion emails sent and received every day, email plays an important role in connecting us in our professional and personal lives. And yet, email remains an easy target for cyber criminals looking for a way into…

Read more →

Highlights: Check Point Research (CPR) puts a spotlight on a Chinese state sponsored APT malware propagating via infected USB drives The new malware version shows malware spreading rampantly via USB, crossing network borders and physical continents with ease CPR calls…

Read more →

Serverless computing or function-based computing, is a way by which customers can develop backend systems or event-driven pipelines without worrying about the underlying infrastructure, which is managed by the cloud provider. It is billed based on the invocations and the…

Read more →

By Gal Yogev Highlights:  Facebook groups are hosting scammers who offer tools for creating phishing pages, facilitating brand impersonation and victim deception. Check Point researchers have identified numerous Facebook pages playing host to these hacker groups, aiding the exchange and…

Read more →

Highlights: Check Point Research (CPR) detected an ongoing phishing campaign that uses legitimate services for credential harvesting and data exfiltration in order to evade detection. HTML files are one of the most common attack vectors and are used by attackers…

Read more →

PyPI, the official repository for Python packages, has recently announced that it has suspended new users and new project registrations. This announcement might be related to an interesting attack that shows how a seemingly harmless Python script can hide a…

Read more →

It’s become painfully obvious that cybersecurity is critical to enabling clinicians to provide quality care to their patients. This week, a hospital in Illinois is closing its doors after a devastating ransomware attack. Recent cyberattacks against CommonSpirit Health compromised the…

Read more →

What does it take to secure your cloud network during and after your cloud migration? This question is growing even more complex as most organizations migrate to hybrid-cloud and multi-clouds, which are now in use among 76 percent of enterprises,…

Read more →

Highlights: Check Point has recently identified and blocked a massive global scale phishing campaign leveraged malicious PDF files The campaign was identified and blocked by a New AI powered engine which provides accurate and precise identification of malicious PDF’s without…

Read more →

What is MOVEit? MOVEit is a managed file transfer (MFT) software solution developed by Progress Software Corporation (formerly Ipswitch). It is designed to securely transfer files within or between organizations. MOVEit offers a centralized platform for managing file transfers, providing…

Read more →

We’re proud to be named a Leader in The Forrester Wave™: Enterprise Email Security, Q2 2023 report. Harmony Email & Collaboration (HEC) received the highest score possible in nine criteria, including email filtering and malicious email detection, content analysis and…

Read more →

In the last year, Check Point and AWS have strengthened their partnership by leaps and bounds. The Check Point release of CloudGuard CNAPP on AWS Marketplace and the upcoming CloudGuard Network Security-as-a-Service offering are just the beginning. In the last…

Read more →

Check Point Research reported on a new version of shellcode-based downloader GuLoader featuring fully encrypted payloads for cloud-based delivery.   Our latest Global Threat Index for May 2023 saw researchers report on a new version of shellcode-based downloader GuLoader, which…

Read more →

Introduction Many organizations are transitioning to Azure Virtual WAN as their preferred networking service. Their objective is to reduce the operational effort required for connectivity and to reduce possible misconfiguration issues. However, the challenge they face lies with their need…

Read more →

Highlights: Check Point Research identified a backdoor used for highly targeted espionage attacks in Libya. The new backdoor, dubbed “Stealth Soldier,” specializes in surveillance functions like file exfiltration, screen recording, keystroke logging, and stealing browser information. The infrastructure associated with…

Read more →

Highlights: Check Point Research (CPR) warns about online phishing scams related to summer vacations 1 in every 83 new summer vacation related domain registered in the previous month was malicious or suspicious CPR provides examples of vacation-related scams and tips…

Read more →

Most business and cybersecurity leaders believe that geopolitical instability will lead to a catastrophic cyber event within two years. Global cyber attacks rose by 38% in 2022 on the year, pushing cybersecurity to the top of the agenda at a…

Read more →

Since opening the Check Point Cyber Center in January 2023, thousands of young people have already visited to learn about the history and future of cyber security. Located in our Tel Aviv headquarters, the Cyber Center is an educational hub,…

Read more →

Check Point MIND organization has recently finalized all arrangements to add OffSec’s “OSCP / OSEP / OSDA Course & Certification Bundle” to MIND’s Learning and Training portal. This course will be the fourth training product offered by Check Point’s official…

Read more →

Last Wednesday, Microsoft issued a warning claiming Chinese state-sponsored hackers have compromised “critical” cyber infrastructure in a variety of industries, including government and communications organizations. “The United States and international cybersecurity authorities are issuing this joint Cybersecurity Advisory (CSA) to…

Read more →

We are very pleased to announce the general availability of CloudGuard Network Security for Azure Virtual WAN on May 18. This integration provides Azure customers with an industry-leading cloud firewall – enabling them to confidently migrate to Azure with maximum…

Read more →

An Upgraded Line of DDoS Security Appliances with Zero-Day DDoS Protection, Industry-Leading Threat Performance, and Scalable Management with Enriched Visibility Join us on May 31st to learn more about how Check Point DDoS Protector X can help keep you protected…

Read more →

Check Point Research Sees Illicit Sale of Premium Subscriptions on the Dark Web Netflix, the globally renowned streaming and entertainment platform, recently discontinued one of its popular features: shared accounts. This controversial decision caused a significant user exodus, with Netflix…

Read more →

As organizations move their operations to the cloud, they face a difficult challenge in ensuring secure configurations and consistent security posture across multiple cloud services and platforms. In addition, they must do all of this in a way that does…

Read more →

Highlights: 58% of local governments are facing ransomware attacks. $2.07 million is the average ransom demand. Save the Date – May 30th: Protect local government services & data. Register Here: APAC|EMEA|AMER At a Royal Mail distribution office in Ireland, on Wednesday…

Read more →

Channel partners recognized for their outstanding achievements in 2022 Check Point Software Technologies has proudly announced the winners of the Check Point Channel Awards 2022 at an exclusive gala dinner event held on May 15th in London. The partner awards…

Read more →

Although the Internet has been with us for 50 years now, we still repeat basic mistakes such as using weak passwords, avoiding updates, or browsing unsecured pages that open the doors of our devices to cyber threats. Nowadays we cannot…

Read more →

Highlights: CloudGuard Spectrals detected malicious extensions on the VSCode marketplace Users installing these extensions were enabling attackers to steal PII records and to set remote shell to their machines Once detected, we’ve alerted VSCode on these extensions. Soon after notification,…

Read more →

Highlights Check Point Research (CPR) exposes a malicious firmware implant for TP-Link routers which allowed attackers to gain full control of infected devices and access compromised networks while evading detection. CPR attributes the attacks to a Chinese state-sponsored APT group…

Read more →

57% of ransomware attacks leverage unpatched vulnerabilities. Are you protected? By Noa Goldstein, Product Marketing Manager and Bar Yassure, Harmony Endpoint Product Manager   Endpoint vulnerabilities represent a “hole in the fence” of an operating system or application, through which…

Read more →

Check Point Research uncovered a substantial malspam campaign for Trojan Qbot, which came in second in last month’s threat index. Meanwhile Internet-of-Things (IoT) malware Mirai made it back on the list for the first time in a year, and Healthcare…

Read more →

Brute-force attacks to obtain passwords have moved from CPUs to GPUs, improving their effectiveness by checking more than a million keys per second. Passwords now need new requirements to be truly secure: a minimum number of 12 characters, the use…

Read more →

Highlights Check Point Research (CPR) uncovered a fresh strain of malware that is cleverly disguised as popular Android applications from East Asia. The malware campaign is highly sophisticated and is directed at a variety of sectors in Eastern Asia. It…

Read more →

This week, United States Senators Maggie Hassan (D-NH), Chuck Grassley (R-IA), Ron Wyden (D-OR), and James Lankford (R-OK), raised their concerns over the potential use of artificial intelligence (AI) to create malicious phishing emails designed to trick Americans into sharing…

Read more →

Highlights Check Point Research (CPR) sees a surge in malware distributed through websites appearing to be related to ChatGPT Since the beginning of 2023,  1 out of 25 new ChatGPT-related domain was either malicious or potentially malicious CPR provides examples…

Read more →

We’re proud to be named a Leader in KuppingerCole’s Leadership Compass for SASE Integrated Suites with Harmony Connect SASE receiving strong positive ratings in security and usability, among other areas. “Organizations looking for rigorous security in a SASE solution should…

Read more →

Recently we covered the state of quantum computing and its potential societal benefits. Now we will cover the potential impact of quantum computing on cybersecurity and how we at Check Point Software are innovating to ensure our customers receive the…

Read more →

Highlights: Global weekly attacks rose by 7% in Q1 2023 versus same quarter last year, , with each organization facing an average of 1248 attacks per week. Education/Research sector faced the highest number of attacks, rising to an average of…

Read more →

Hacktivist attacks have been escalating across the world in recent years with reputed hacktivist groups growing in both size and influence. Last year, a Malaysia-linked hacktivist group attacked targets in India, seemingly in reprisal for a representative of the ruling…

Read more →

Serverless computing or function-based computing is a way by which customers can develop backend systems or event-driven pipelines without worrying about the underlying infrastructure, which is managed by the cloud provider. It is billed based on the invocations and the…

Read more →

The RSA Conference is just around the corner, and the Check Point team has a full agenda planned for you to make the most of your visit. In addition to the conference sessions, we will host breakout and theater sessions,…

Read more →

At Check Point, we understand that cybersecurity is more important than ever in today’s digital world. As businesses and individuals become more reliant on digital technology, they become more vulnerable to cyber threats such as hacking, phishing, and malware. To…

Read more →

Highlights: Check Point Research reveals new findings related to Phosphorus APT group, an Iranian APT group operating in the Middle East and North America.  CPR dubbed this activity cluster Educated Manticore Educated Manticore has substantially enhanced its toolkit by incorporating…

Read more →

This Earth Day 2023, people from around the world will come together to “Invest in Our Planet” to accelerate the transition to an equitable and prosperous green economy for all. From planting trees to cleaning up beaches to lobbying elected…

Read more →

Serverless computing or function-based computing is a way by which customers can develop backend systems or event-driven pipelines without worrying about the underlying infrastructure, which is managed by the cloud provider. It is billed based on the invocations and the…

Read more →

For many cloud security teams, prioritizing alerts on a day-to-day basis can be overwhelming and impossible to manage. For every cloud application, server, and workload added, the number of alerts piles up. Security teams have no time to go into…

Read more →

Cybercriminals are constantly finding new ways to exploit governments, major corporations and small to medium sized businesses. Motivated by political, financial, or social gain, criminal groups are taking advantage of both the rising geopolitical tensions and the volatile economic climate.…

Read more →