Check Point - Security Ticks

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

0patch, APT, Check Point, Don't miss, enterprise, exploit, Government, HarfangLab, Hot stuff, News, phishing, vulnerability, Windows / SecurityTicks

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed […]

React to this headline:

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

7 ways to get C-suite buy-in on that new cybersecurity tool

Check Point, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, investment, News, opinion, resilience / SecurityTicks

7 ways to get C-suite buy-in on that new cybersecurity tool 2025-04-03 at 08:34 By Help Net Security You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises to eliminate secrets in logs, reduce risks in CI/CD pipelines, and save

React to this headline:

7 ways to get C-suite buy-in on that new cybersecurity tool Read More »

Check Point Responds to Hacking Claims

Check Point, cybercrime, data breach, Data leak, Featured, hacked, security company hacked / SecurityTicks

Check Point Responds to Hacking Claims 2025-04-01 at 14:04 By Ionut Arghire Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact. The post Check Point Responds to Hacking Claims appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Check Point Responds to Hacking Claims Read More »

Cyble Sensors Detect Attacks on Check Point, Ivanti and More

Check Point, vulnerability / SecurityTicks

Cyble Sensors Detect Attacks on Check Point, Ivanti and More 2025-01-20 at 17:01 By daksh sharma Cyble honeypots have detected vulnerability exploits on Check Point and Ivanti products, databases, CMS systems, and many other IT products. Overview Cyble honeypot sensors have detected new attacks on vulnerabilities in Check Point and Ivanti products, among dozens of

React to this headline:

Cyble Sensors Detect Attacks on Check Point, Ivanti and More Read More »

Banshee Stealer variant targets Russian-speaking macOS users

Check Point, Don't miss, Hot stuff, macOS, Malware, News / SecurityTicks

Banshee Stealer variant targets Russian-speaking macOS users 2025-01-09 at 19:48 By Zeljka Zorz The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point researcher Antonis Terefos. Banshee Stealer was first publicly profiled in August 2024, a month after its

React to this headline:

Banshee Stealer variant targets Russian-speaking macOS users Read More »

Cybercriminals used a gaming engine to create undetectable malware loader

Check Point, Don't miss, GitHub, Hot stuff, Linux, macOS, Malware, malware detection, News, software development, Windows / SecurityTicks

Cybercriminals used a gaming engine to create undetectable malware loader 2024-11-27 at 20:33 By Zeljka Zorz Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine. The loader – dubbed

React to this headline:

Cybercriminals used a gaming engine to create undetectable malware loader Read More »

Infostealers increasingly impact global security

Check Point, cybercrime, cybersecurity, Malware, News, Ransomware / SecurityTicks

Infostealers increasingly impact global security 2024-11-13 at 15:18 By Help Net Security Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the globe. Last month researchers discovered an infection chain

React to this headline:

Infostealers increasingly impact global security Read More »

SEC fines tech companies for misleading SolarWinds disclosures

Avaya, Check Point, Compliance, cyber risk, Don't miss, Mimecast, News, SolarWinds, Unisys / SecurityTicks

SEC fines tech companies for misleading SolarWinds disclosures 2024-10-25 at 15:07 By Help Net Security The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also

React to this headline:

SEC fines tech companies for misleading SolarWinds disclosures Read More »

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows / SecurityTicks

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,”

React to this headline:

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Adobe, Adobe Reader, Check Point, Don't miss, Expmon, Hot stuff, News, PoC, security update, vulnerability / SecurityTicks

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) 2024-09-12 at 15:16 By Zeljka Zorz Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-45112 and CVE-2024-41869. Nothing in the advisory

React to this headline:

Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869) Read More »

Check Point to Acquire External Cyber Risk Management Firm Cyberint

Acquisition, Check Point, Funding/M&A, M&A Tracker, Threat Intelligence / SecurityTicks

Check Point to Acquire External Cyber Risk Management Firm Cyberint 2024-08-28 at 16:01 By Mike Lennon Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings. The post Check Point to Acquire External Cyber Risk Management Firm Cyberint appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Check Point to Acquire External Cyber Risk Management Firm Cyberint Read More »

Network of ghost GitHub accounts successfully distributes malware

automa, Check Point, Don't miss, GitHub, Hot stuff, Malware, News, phishing / SecurityTicks

Network of ghost GitHub accounts successfully distributes malware 2024-07-24 at 17:31 By Zeljka Zorz Check Point researchers have unearthed an extensive network of GitHub accounts that they believe provides malware and phishing link Distribution-as-a-Service. Set up and operated by a threat group the researchers dubbed as Stargazer Goblin, the “Stargazers Ghost Network” is estimated encompass

React to this headline:

Network of ghost GitHub accounts successfully distributes malware Read More »

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

APT, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, News, spear-phishing, Trend Micro, Windows / SecurityTicks

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks 2024-07-16 at 16:46 By Zeljka Zorz The zero-day exploit used to leverage CVE-2024-38112, a recently patched Windows MSHTML vulnerability, was wielded by an APT group dubbed Void Banshee to deliver malware to targets in North America, Europe, and Southeast Asia, threat hunters with Trend Micro’s

React to this headline:

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks Read More »

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

0-day, Check Point, CVE, Don't miss, Hot stuff, Internet Explorer, Morphisec, MS Office, News, vulnerability / SecurityTicks

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) 2024-07-10 at 15:46 By Zeljka Zorz CVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li

React to this headline:

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112) Read More »

Open-source Rafel RAT steals info, locks Android devices, asks for ransom

account hijacking, Android, Check Point, cyber espionage, Don't miss, Hot stuff, Malware, News, open source, Ransomware / SecurityTicks

Open-source Rafel RAT steals info, locks Android devices, asks for ransom 2024-06-24 at 14:46 By Zeljka Zorz The open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Check Point

React to this headline:

Open-source Rafel RAT steals info, locks Android devices, asks for ransom Read More »

Find out which cybersecurity threats organizations fear the most

Check Point, Code42, ConnectWise, cyber risk, CyberArk, cybersecurity, Don't miss, Entrust, Hot stuff, Jumio, McAfee, Mimecast, News, Ping Identity, Proofpoint, report, survey, Trellix, Veeam Software / SecurityTicks

Find out which cybersecurity threats organizations fear the most 2024-06-19 at 06:31 By Help Net Security This article compiles excerpts from various reports, presenting statistics and insights on cybersecurity threats faced by businesses and individuals alike. Cyber insurance isn’t the answer for ransom payments Veeam | 2024 Ransomware Trends Report | June 2024 Ransomware remains

React to this headline:

Find out which cybersecurity threats organizations fear the most Read More »

Exploitation of Recent Check Point VPN Zero-Day Soars

Check Point, exploited, Vulnerabilities / SecurityTicks

Exploitation of Recent Check Point VPN Zero-Day Soars 2024-06-06 at 16:46 By Ionut Arghire GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day. The post Exploitation of Recent Check Point VPN Zero-Day Soars appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Exploitation of Recent Check Point VPN Zero-Day Soars Read More »

Find out which cyber threats you should be concerned about

Abnormal Security, Arctic Wolf Networks, At-Bay, BitSight, Cato Networks, Check Point, Cisco, Claroty, Corvus Insurance, cybercrime, cybersecurity, Delinea, Don't miss, Egress, GitGuardian, Hot stuff, Imperva, Mimecast, News, NTT Security, Proofpoint, ReliaQuest, report, SecurityScorecard, Socure, Sophos, SpyCloud, survey, Thales, threat, Trustpair, Verizon, VikingCloud, VIPRE Security, Zscaler / SecurityTicks

Find out which cyber threats you should be concerned about 2024-06-05 at 06:01 By Help Net Security This article includes excerpts from various reports that offer statistics and insights into the current cyber threat landscape. Human error still perceived as the Achilles’ heel of cybersecurity Proofpoint | 2024 Voice of the CISO | May 2024

React to this headline:

Find out which cyber threats you should be concerned about Read More »

PoC Published for Exploited Check Point VPN Vulnerability

Check Point, exploited, Malware & Threats, VPN / SecurityTicks

PoC Published for Exploited Check Point VPN Vulnerability 2024-06-03 at 15:46 By Ionut Arghire PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

PoC Published for Exploited Check Point VPN Vulnerability Read More »

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919)

0-day, Check Point, CISA, CVE, Don't miss, enterprise, Hot stuff, News, Rapid7, WatchTowr / SecurityTicks

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) 2024-05-31 at 14:32 By Zeljka Zorz Attackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations’ network. “The vulnerability is particularly critical

React to this headline:

Check Point VPN zero-day exploited since beginning of April (CVE-2024-24919) Read More »