Check Point VPN Flaw Exploited Since Early May
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
Stay updated on the latest Check Point trends in information security. Expert insights, updates, and analysis on Check Point cyber threats and solutions.
Search across headline titles and summaries.
Background for this topic.
Check Point delivers network security solutions such as firewalls, VPNs, endpoint protection, and cloud security management designed to enforce access controls and monitor traffic across on-premises and cloud environments. These systems help organizations detect and block unauthorized access, malware, and other cyber threats by applying centralized security policies and real-time inspection of network activity.
Security risks include vulnerabilities in Check Point software that may allow privilege escalation or remote code execution if unpatched. Misconfigurations in gateways or management consoles can expose sensitive network segments or credentials. Maintaining up-to-date patches, securely configuring management interfaces, and integrating threat intelligence feeds into Check Point platforms are critical practices to reduce attack surfaces and enhance detection of evolving threats targeting network perimeters and endpoints.
Weekly headline count for the current query.
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
The security vendor counters that none of the information came directly from its systems but rather was acquired over a period of time by targeting individuals.
The South American-based advanced persistent threat group is using an exploit with a "high infection rate," according to research from Check Point.
Four companies — Avaya, Check Point, Mimecast, and Unisys — have been charged by the SEC for misleading disclosures in the aftermath of the 2020 SolarWinds compromise.
Cisco's deal to acquire Robust Intelligence will make it possible to use red team algorithms to assess risk in AI models and applications, while Check Point’s acquisition of Cyberint will add threat intelligence to its SOC platform.
One monitoring firm has detected exploitation attempts targeting CVE-2024-24919 from more than 780 unique IP addresses in the past week.
Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place.
Gil Shwed will assume the position of executive chairman once a new CEO is appointed.
Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains.
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.
Integrated OT solution streamlines the auditing of firewalls for misconfigurations and conflicting rules.