Check Point

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows /

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,” […]

React to this headline:

Loading spinner

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe, Adobe Reader, Check Point, Don't miss, Expmon, Hot stuff, News, PoC, security update, vulnerability /

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) 2024-09-12 at 15:16 By Zeljka Zorz Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory

React to this headline:

Loading spinner

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) Read More »

Check Point to Acquire External Cyber Risk Management Firm Cyberint

Acquisition, Check Point, Funding/M&A, M&A Tracker, Threat Intelligence /

Check Point to Acquire External Cyber Risk Management Firm Cyberint 2024-08-28 at 16:01 By Mike Lennon Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings. The post Check Point to Acquire External Cyber Risk Management Firm Cyberint appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Check Point to Acquire External Cyber Risk Management Firm Cyberint Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing /

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Loading spinner

Network of ghost GitHub accounts successfully distributes malware Read More »

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

APT, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, News, spear-phishing, Trend Micro, Windows /

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks 2024-07-16 at 16:46 By Zeljka Zorz The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro’s

React to this headline:

Loading spinner

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks Read More »

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

0-day, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, Morphisec, MS Office, News, vulnerability /

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) 2024-07-10 at 15:46 By Zeljka Zorz CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li

React to this headline:

Loading spinner

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) Read More »

Find out which cybersecurity threats organizations fear the most

Check Point, Code42, ConnectWise, cyber risk, CyberArk, cybersecurity, Don't miss, Entrust, Hot stuff, Jumio, McAfee, Mimecast, News, Ping Identity, Proofpoint, report, survey, Trellix, Veeam Software /

Find out which cybersecurity threats organizations fear the most 2024-06-19 at 06:31 By Help Net Security This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike. Cyber insurance isn’t the answer for ransom payments Veeam | 2024 Ransomware Trends Report | June 2024 Ransomware remains

React to this headline:

Loading spinner

Find out which cybersecurity threats organizations fear the most Read More »

Exploitation of Recent Check Point VPN Zero-Day Soars

Check Point, exploited, Vulnerabilities /

Exploitation of Recent Check Point VPN Zero-Day Soars 2024-06-06 at 16:46 By Ionut Arghire GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day. The post Exploitation of Recent Check Point VPN Zero-Day Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Exploitation of Recent Check Point VPN Zero-Day Soars Read More »

Find out which cyber threats you should be concerned about

Abnormal Security, Arctic Wolf Networks, At-Bay, BitSight, Cato Networks, Check Point, Cisco, Claroty, Corvus Insurance, cybercrime, cybersecurity, Delinea, Don't miss, Egress, GitGuardian, Hot stuff, Imperva, Mimecast, News, NTT Security, Proofpoint, ReliaQuest, report, SecurityScorecard, Socure, Sophos, SpyCloud, survey, Thales, threat, Trustpair, Verizon, VikingCloud, VIPRE Security, Zscaler /

Find out which cyber threats you should be concerned about 2024-06-05 at 06:01 By Help Net Security This article includes excerpts from various reports that offer statistics and insights into the current cyber threat landscape. Human error still perceived as the Achilles’ heel of cybersecurity Proofpoint | 2024 Voice of the CISO | May 2024

React to this headline:

Loading spinner

Find out which cyber threats you should be concerned about Read More »

PoC Published for Exploited Check Point VPN Vulnerability

Check Point, exploited, Malware & Threats, VPN /

PoC Published for Exploited Check Point VPN Vulnerability 2024-06-03 at 15:46 By Ionut Arghire PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

PoC Published for Exploited Check Point VPN Vulnerability Read More »

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)

0-day, Check Point, CISA, CVE, Don't miss, enterprise, Hot stuff, News, Rapid7, WatchTowr /

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 2024-05-31 at 14:32 By Zeljka Zorz Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations’ network. “The vulnerability is particularly critical

React to this headline:

Loading spinner

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) Read More »

Check Point VPN Attacks Involve Zero-Day Exploited Since April

Check Point, exploited, Featured, Malware & Threats, VPN, vulnerability, Zero-Day /

Check Point VPN Attacks Involve Zero-Day Exploited Since April 2024-05-30 at 12:46 By Eduard Kovacs The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Check Point VPN Attacks Involve Zero-Day Exploited Since April Read More »

Attackers are probing Check Point Remote Access VPN devices

Check Point, Cisco, Don't miss, enterprise, Hot stuff, News, VPN /

Attackers are probing Check Point Remote Access VPN devices 2024-05-28 at 12:46 By Zeljka Zorz Attackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday. Their ultimate goal is to use that access to discover and pivot to other enterprise assets

React to this headline:

Loading spinner

Attackers are probing Check Point Remote Access VPN devices Read More »

Check Point VPN Targeted for Initial Access in Enterprise Attacks

Check Point, Identity & Access, VPN /

Check Point VPN Targeted for Initial Access in Enterprise Attacks 2024-05-28 at 12:31 By Eduard Kovacs Check Point is warning customers that threat actors are targeting insecure VPN instances for initial access to enterprise networks.  The post Check Point VPN Targeted for Initial Access in Enterprise Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Check Point VPN Targeted for Initial Access in Enterprise Attacks Read More »

Cloud security incidents make organizations turn to AI-powered prevention

Check Point, cloud security, cybersecurity, News, report, survey /

Cloud security incidents make organizations turn to AI-powered prevention 2024-05-16 at 06:31 By Help Net Security Cloud security incidents are alarmingly on the rise, with 61% of organizations reporting breaches within the last year, marking a significant increase from 24% the year before, according to Check Point. This trend underscores the escalating risk landscape in

React to this headline:

Loading spinner

Cloud security incidents make organizations turn to AI-powered prevention Read More »

How attackers deliver malware to Foxit PDF Reader users

Check Point, Don't miss, Foxit, Hot stuff, Malware, News, PDF /

How attackers deliver malware to Foxit PDF Reader users 2024-05-15 at 16:31 By Zeljka Zorz Threat actors are taking advantage of the flawed design of Foxit PDF Reader’s alerts to deliver malware via booby-trapped PDF documents, Check Point researchers have warned. Exploiting the issue The researchers have analyzed several campaigns using malicious PDF files that

React to this headline:

Loading spinner

How attackers deliver malware to Foxit PDF Reader users Read More »

Check Point boosts security in Harmony Email & Collaboration

Check Point, Industry news /

Check Point boosts security in Harmony Email & Collaboration 2024-04-12 at 13:01 By Industry News Check Point announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners. Since 2023, Check Point has released over 75 new features for Harmony Email &

React to this headline:

Loading spinner

Check Point boosts security in Harmony Email & Collaboration Read More »

Infosec products of the month: March 2024

Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio, DataDome, Delinea, Drata, Exabeam, GitGuardian, GitHub, GlobalSign, Legato Security, Legit Security, Malwarebytes, News, Ordr, Pentera, Portnox, Regula, Sentra, Sonatype, Spin.AI, Tenable, Tufin, Viavi Solutions, Zoom /

Infosec products of the month: March 2024 2024-04-01 at 05:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Cado Security, Check Point, CyberArk, Cynerio, DataDome, Delinea, Drata, Exabeam, GitGuardian, GitHub, GlobalSign, Legato Security, Legit Security, Malwarebytes, Ordr, Pentera, Portnox, Regula,

React to this headline:

Loading spinner

Infosec products of the month: March 2024 Read More »

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware

backdoor, Check Point, Don't miss, exploit, Hot stuff, Linux, Malware, News, vulnerability, Windows /

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware 2024-03-12 at 11:01 By Helga Labus A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among the exploited vulnerabilities are also two recently discovered Ivanti Connect Secure VPN flaws that are widely

React to this headline:

Loading spinner

Hackers leverage 1-day vulnerabilities to deliver custom Linux malware Read More »

Optimized by Optimole
Scroll to Top