All news with #check point tag

🔒 Check Point recognized top partners across the Asia Pacific at its FY25 Sales Kickoff in Bangkok, honoring organizations that delivered exceptional customer outcomes and sustained growth. The awards spotlight partners advancing prevention-first, AI-powered cyber security amid rising AI-driven threats, expanding hybrid and cloud ecosystems, and regulatory complexity. The gathering of nearly 1,000 employees and partners underscored the company’s commitment to regional collaboration and partner-led resilience.

🔐 Check Point has been named a Leader in the GigaOm Radar for Cloud Network Security for the third consecutive year. CloudGuard Network Security delivers an open-garden, cloud-agnostic architecture with integrations across 22 public and private cloud vendors, enabling consistent policy enforcement and centralized controls. The solution is positioned for budget-minded IT teams seeking to reduce multi-cloud complexity, maintain geographic compliance, and mitigate AI-powered cyber threats by foreign actors through consolidated visibility and automation.

🔒 Check Point outlines a strategy to help security teams regain control as AI accelerates attacks and transforms workflows. Rather than piling on tools, organizations must revalidate foundational controls across network, endpoint, email, SASE and cloud, and adopt prevention-first architectures. Check Point offers integrated visibility, unified policy management, threat intelligence and AI-aware controls to harden environments and streamline operations.

🏆 Check Point Software Technologies announced the 2025 EMEA Partner Award winners, celebrating partners that deliver AI‑powered, prevention-first cyber security outcomes. The winners were honored at the EMEA Sales Kickoff in Vienna, attended by more than 1,000 employees and partners. As the threat landscape accelerates with AI‑enhanced attacks and hybrid‑cloud complexity, these top-performing partners are helping organisations strengthen resilience, meet regulatory demands, and operationalise advanced prevention through collaboration and integrated solutions.

🏆 Check Point today announced its 2025 Americas Partner Award winners, recognizing partners for outstanding performance, growth, and technical excellence. The awards highlight partners' role in driving customer success and innovation across the region. World Wide Technology earned Partner of the Year, while NTSec Group was named Latin America Partner of the Year. These honors reflect a commitment to helping organizations stay secure.

⚠️ Check Point Research says VoidLink, a modular Linux malware framework, appears to have been planned, structured, and largely written by AI rather than solely by human developers. Analysts found programmatically generated sprint-style plans, detailed technical specifications, and repetitive code patterns consistent with automated generation. The project reportedly grew to tens of thousands of lines of code in under a week, compressing months of work into days. That speed and planning raise concerns that AI can significantly lower the barrier to producing sophisticated, cloud- and container-focused threats.

🔒 In Q4 2025, Check Point Research found Microsoft to be the most impersonated brand in phishing campaigns, responsible for 22% of branded phishing attempts. Google followed with 13%, while Amazon rose to 9%, driven by Black Friday and holiday sales, displacing Apple. After a lengthy absence, Facebook (Meta) reappeared in the top ten at fifth, underscoring renewed interest in social media account takeover. The pattern reflects a multi-quarter trend of attackers abusing trusted enterprise and consumer brands to harvest credentials and gain initial access.

🚨 Check Point Research reports large-scale active exploitation of CVE-2025-37164, a critical remote code execution flaw in HPE OneView. The campaign, attributed to the RondoDox botnet, generated tens of thousands of automated attack attempts that were blocked by Check Point defenses. The issue was reported to CISA and added to the Known Exploited Vulnerabilities catalog on January 7, 2026; organizations should patch immediately.

🛡️ Researchers at Check Point disclosed VoidLink, a sophisticated modular malware framework targeting Linux servers and containers in cloud environments. Written primarily in Zig with supporting components in Go, C, and JavaScript, the platform uses a two-stage loader and an extensible plugin ecosystem (37 built-in modules) delivered via a professional web-based C2 dashboard to harvest credentials and access source code systems. It detects major cloud providers and container runtimes, adapts evasion strategies based on detected EDR and kernel hardening, and employs rootkits and covert C2 channels to maintain stealthy, long-term access.

🔍 A newly identified cloud-native Linux malware framework named VoidLink targets modern cloud and container environments, providing custom loaders, implants, rootkits, and memory-loaded plugins. According to Check Point, it is written in Zig, Go, and C and adapts behavior based on Kubernetes, Docker, and cloud metadata queries. Communications can use HTTP, WebSocket, DNS tunneling, or ICMP encapsulated in a custom encrypted layer VoidStream, and the framework includes extensive anti-forensics and runtime protections. Analysts assess it appears under active development and may be a commercial or customer-targeted framework rather than evidence of a current widespread campaign.

🔎 Check Point Research has identified a modular Linux malware framework, VoidLink, linked to Chinese-speaking developers and designed to target cloud and container environments. The framework includes custom loaders, implants, rootkits and over 30 plugins supporting reconnaissance, lateral movement, persistence and anti-forensic techniques. It detects AWS, GCP, Azure, Alibaba and Tencent and can enumerate containers, hypervisors and orchestration platforms. No live infections have been confirmed, but documentation suggests commercial intent and active development.

🛡️ Check Point Research describes VoidLink, a cloud-native Linux malware framework built to maintain long-term, stealthy access to cloud infrastructure rather than targeting individual endpoints. Its modular, plug-in-driven design enables attackers to extend capabilities over time while remaining quiet. Adaptive stealth allows the framework to alter behavior based on defensive visibility, prioritizing evasion in monitored environments and speed where visibility is limited.

🛡️ Check Point Research disclosed a previously undocumented Linux malware framework named VoidLink, designed for long-term stealthy access to cloud and container environments. The cloud-native toolkit is highly modular, written in Zig, and comprises custom loaders, implants, rootkits, and an in-memory plugin system with more than 30 modules. It supports diverse C2 channels (HTTP/HTTPS, WebSocket, ICMP, DNS), peer-to-peer mesh networking, and automated cloud discovery across AWS, GCP, Azure, Alibaba, and Tencent. Check Point assesses the framework as actively maintained and attributes it to China-affiliated actors, warning of significant credential-theft and supply-chain risks for cloud-native ecosystems.

🔒 A new wave of GoBruteforcer attacks is targeting cryptocurrency and blockchain project databases by exploiting weak, reused credentials and exposed services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux hosts. Check Point Research reports the Golang-based botnet deploys obfuscated IRC bots and web shells, leverages XAMPP FTP as an initial vector, and uses brute-force modules to expand, host payloads, and act as backup C2.

🕵️ Security researchers at Check Point discovered in October 2025 an AI-assisted investment fraud that traps victims in a personalized "Truman Show"-style reality. Targets are lured via SMS, Google Ads and messaging apps into AI-driven WhatsApp groups where faux experts and synthetic members stage daily "wins" to erode skepticism. Victims are then funneled to a branded fake trading app (e.g., OPCOPRO) and persuaded to transfer crypto while attackers harvest KYC data for identity theft and resale. The campaign creates clear enterprise risks including SIM swaps, credential theft and potential insider coercion.

🔒 Check Point now supports Google Cloud Network Security Integration, offering a nondisruptive approach to deploying cloud firewalls that minimizes downtime and avoids performance degradation. The integration enables organizations—particularly in regulated sectors such as financial services, healthcare, and government—to scale hybrid network security while preserving latency and throughput. It simplifies deployment, centralizes policy management, and helps maintain compliance without rearchitecting existing networks.

🔒 Check Point and NVIDIA announced an integrated security capability to protect AI "factories" across the entire AI lifecycle, from data ingestion and model training to deployment and inference. The effort targets growing risks such as prompt manipulation and attacks on GenAI infrastructure, which Gartner and other industry surveys identify as rising threats. The collaboration focuses on unified visibility, real-time detection, runtime protection, and centralized policy enforcement to reduce operational risk and help organizations meet compliance and governance requirements.

🔒 Organizations face an escalating threat landscape and an expanding cyber skills gap that compliance-focused training cannot close. Platforms like Cybrary, in partnership with Check Point Infinity Global Services, emphasize role-based, hands-on learning—combining industry certifications, simulated labs, and tailored learning paths to better prepare security teams for incident response, SOC operations, and threat hunting. This practical approach strengthens resilience by enabling measurable skills and reducing real-world vulnerabilities.

🔒 Check Point announced multiple 2025 recognitions from leading analyst firms and independent research labs, underscoring its focus on securing AI-driven environments and distributed networks. The company emphasized a prevention-first philosophy that unifies security management and strengthens Zero Trust frameworks. These honors reflect validation of its strategy to enable safe enterprise AI adoption amid growing cyber threats.

🔐 Infinity Global Services (IGS) has launched its first dedicated AI security training courses, the initial release in a growing AI services portfolio. The programs offer expert-led instruction and hands-on labs to help security teams, developers, and leaders defend against AI-driven threats and implement AI securely across operations and product development. IGS also plans upcoming offerings in AI red teaming, governance, and implementation consulting to extend defensive and advisory capabilities.