Check Point

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms

backdoor, Check Point, Don't miss, Heroku, Hot stuff, manufacturing sector, News, phishing /

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms 2025-08-29 at 14:19 By Zeljka Zorz A recently uncovered phishing campaign – carefully designed to bypass security defenses and avoid detection by its intended victims – is targeting firms in industrial manufacturing and other companies critical to various supply chains, Check Point […]

React to this headline:

Loading spinner

Attackers use “Contact Us” forms and fake NDAs to phish industrial manufacturing firms Read More »

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers

React to this headline:

Loading spinner

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Photos: Black Hat USA 2025

Black Hat USA 2025, Check Point, conferences, Don't miss, EasyDMARC, Elastic, Google, Gurucul, HackerOne, Keep Aware, News, Oleria, Pentera, Picus Security, SpyCloud, Stellar Cyber, Tines, Trend Micro, Veracode, VioletX, Vonahi Security /

Photos: Black Hat USA 2025 2025-08-07 at 11:38 By Help Net Security Here’s a look inside Black Hat USA 2025. The featured vendors are: Stellar Cyber, Vonahi Security, Gurucul, Check Point, HackerOne, EasyDMARC, Elastic, Google, Tines, Veracode, VioletX, Pentera, Keep Aware, Oleria, SpyCloud, Trend Micro and Picus Security. The post Photos: Black Hat USA 2025

React to this headline:

Loading spinner

Photos: Black Hat USA 2025 Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

React to this headline:

Loading spinner

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)

Adobe, Akamai, Check Point, Don't miss, Hot stuff, magento, Microsoft, MS Office, News, Patch Tuesday, security update, Tenable, Windows, Windows Server /

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) 2025-06-11 at 14:16 By Zeljka Zorz For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users are urged to update quickly. About CVE-2025-33053 CVE-2025-33053 is a remote code execution vulnerability

React to this headline:

Loading spinner

Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053) Read More »

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

0patch, APT, Check Point, Don't miss, enterprise, exploit, Government, HarfangLab, Hot stuff, News, phishing, vulnerability, Windows /

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed

React to this headline:

Loading spinner

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

7 ways to get C-suite buy-in on that new cybersecurity tool

Check Point, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, investment, News, opinion, resilience /

7 ways to get C-suite buy-in on that new cybersecurity tool 2025-04-03 at 08:34 By Help Net Security You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises to eliminate secrets in logs, reduce risks in CI/CD pipelines, and save

React to this headline:

Loading spinner

7 ways to get C-suite buy-in on that new cybersecurity tool Read More »

Check Point Responds to Hacking Claims

Check Point, cybercrime, data breach, Data leak, Featured, hacked, security company hacked /

Check Point Responds to Hacking Claims 2025-04-01 at 14:04 By Ionut Arghire Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact. The post Check Point Responds to Hacking Claims appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Check Point Responds to Hacking Claims Read More »

Cyble Sensors Detect Attacks on Check Point, Ivanti and More

Check Point, vulnerability /

Cyble Sensors Detect Attacks on Check Point, Ivanti and More 2025-01-20 at 17:01 By daksh sharma Cyble honeypots have detected vulnerability exploits on Check Point and Ivanti products, databases, CMS systems, and many other IT products. Overview Cyble honeypot sensors have detected new attacks on vulnerabilities in Check Point and Ivanti products, among dozens of

React to this headline:

Loading spinner

Cyble Sensors Detect Attacks on Check Point, Ivanti and More Read More »

Banshee Stealer variant targets Russian-speaking macOS users

Check Point, Don't miss, Hot stuff, macOS, Malware, News /

Banshee Stealer variant targets Russian-speaking macOS users 2025-01-09 at 19:48 By Zeljka Zorz The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point researcher Antonis Terefos. Banshee Stealer was first publicly profiled in August 2024, a month after its

React to this headline:

Loading spinner

Banshee Stealer variant targets Russian-speaking macOS users Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Check Point, Don't miss, GitHub, Hot stuff, Linux, macOS, Malware, malware detection, News, software development, Windows /

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

React to this headline:

Loading spinner

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

Infostealers increasingly impact global security

Check Point, cybercrime, cybersecurity, Malware, News, Ransomware /

Infostealers increasingly impact global security 2024-11-13 at 15:18 By Help Net Security Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the globe. Last month researchers discovered an infection chain

React to this headline:

Loading spinner

Infostealers increasingly impact global security Read More »

SEC fines tech companies for misleading SolarWinds disclosures

Avaya, Check Point, Compliance, cyber risk, Don't miss, Mimecast, News, SolarWinds, Unisys /

SEC fines tech companies for misleading SolarWinds disclosures 2024-10-25 at 15:07 By Help Net Security The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also

React to this headline:

Loading spinner

SEC fines tech companies for misleading SolarWinds disclosures Read More »

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows /

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,”

React to this headline:

Loading spinner

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe, Adobe Reader, Check Point, Don't miss, Expmon, Hot stuff, News, PoC, security update, vulnerability /

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) 2024-09-12 at 15:16 By Zeljka Zorz Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory

React to this headline:

Loading spinner

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) Read More »

Check Point to Acquire External Cyber Risk Management Firm Cyberint

Acquisition, Check Point, Funding/M&A, M&A Tracker, Threat Intelligence /

Check Point to Acquire External Cyber Risk Management Firm Cyberint 2024-08-28 at 16:01 By Mike Lennon Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings. The post Check Point to Acquire External Cyber Risk Management Firm Cyberint appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Check Point to Acquire External Cyber Risk Management Firm Cyberint Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing /

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Loading spinner

Network of ghost GitHub accounts successfully distributes malware Read More »

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

APT, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, News, spear-phishing, Trend Micro, Windows /

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks 2024-07-16 at 16:46 By Zeljka Zorz The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro’s

React to this headline:

Loading spinner

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks Read More »

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

0-day, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, Morphisec, MS Office, News, vulnerability /

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) 2024-07-10 at 15:46 By Zeljka Zorz CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li

React to this headline:

Loading spinner

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) Read More »

Scroll to Top