< ciso
brief />
Tag Banner

All news with #check point tag

115 articles · page 2 of 6

CISA orders patch for Check Point VPN zero-day

🔒 CISA has directed U.S. federal agencies to patch a critical Check Point Remote Access VPN and Mobile Access vulnerability (CVE-2026-50751) that has been exploited in active attacks since May 7. The flaw allows unauthenticated remote attackers to bypass authentication on systems using the deprecated IKEv1 key exchange and legacy remote access clients. Check Point released updates and provided mitigations for organizations that cannot immediately patch, while CISA added the issue to its KEV Catalog and set a June 11 compliance deadline for federal agencies.
read more →

Critical Check Point VPN Flaw Actively Exploited

🔒 Check Point has reported active exploitation of a critical logic flaw in certificate validation affecting Remote Access and Mobile Access VPNs configured to use deprecated IKEv1. The issue, tracked as CVE-2026-50751 (CVSS 9.3), lets unauthenticated attackers bypass user authentication and establish VPN sessions without valid passwords. Exploitation requires IKEv1 enabled, legacy clients accepted, and no machine certificate requirement; activity was first observed in early May 2026 and has targeted a few dozen organizations globally.
read more →

Check Point links VPN zero-day to Qilin gang

🔒 Check Point released security updates to address CVE-2026-50751, a critical authentication-bypass flaw impacting Remote Access VPN and Mobile Access deployments that use the deprecated IKEv1 key exchange. The vulnerability allowed unauthenticated, remote attackers to establish VPN connections and was actively exploited beginning in May, with a surge in early June affecting a few dozen organizations worldwide and one confirmed case tied to the Qilin ransomware affiliate. Check Point also identified a second related issue, CVE-2026-50752, affecting certificate validation in IKEv1 and recommended immediate updates and mitigations for customers unable to patch.
read more →

Hotfix Released for IKEv1 VPN Critical Vulnerabilities

🔒 Check Point Research disclosed active exploitation of CVE-2026-50751, a critical authentication bypass affecting Remote Access and Mobile Access VPNs using the deprecated IKEv1 key exchange. Exploitation allows establishment of VPN sessions without valid passwords; observed attacks have targeted a few dozen organizations and included Qilin ransomware activity. Customers using IKEv1 are urged to apply the hotfix immediately and follow remediation guidance.
read more →

Pre-positioned Cyber Threats Targeting FIFA 2026

🛡️ Check Point Research and Exposure Management tracked a year-long rise in coordinated cyber threats aimed at FIFA World Cup 2026. Attackers have pre-positioned infrastructure across finance, travel and hospitality, and gambling, with active domains, fake apps, and social schemes ready to scale. The report highlights escalating fraud, domain impersonation, mobile-app impersonation, B2B spoofing risks, and potential operational impacts like ransomware and DDoS.
read more →

Fake Sites Impersonate Open‑Source Tools to Deliver Malware

🛡️ Check Point researchers uncovered an operation that clones open-source and freeware project pages to funnel users through a Traffic Distribution System (TDS) that can deliver malware like Remus Stealer, AnimateClipper, and the SessionGate framework. The deceptive sites preserve real links and use CloudFront-hosted JavaScript to convert clicks into a gated redirection chain enforcing anti-bot and VPN checks. The campaign has been active since late 2025 and escalated to malware distribution in January 2026.
read more →

2026 U.S. Midterms: The Real Cyber Threats Ahead

🛡️ Check Point warns that the primary cyber threat to the 2026 U.S. midterms is not vote tampering but a coordinated assault on trust through misinformation, lookalike news sites, and domain abuse. Attackers are cloning major media brands, registering thousands of election-themed domains, and exploiting leaked credentials to fuel phishing and impersonation. Security teams must prioritize brand protection, rapid takedown, and credential monitoring to mitigate politically motivated campaigns that exploit familiar operational vectors at greater scale.
read more →

Check Point and NVIDIA Secure AI Factory Infrastructure

🔒 At GTC Taipei during COMPUTEX 2026, NVIDIA highlighted its Vera BlueField-4 STX and DOCA innovations designed to secure enterprise AI infrastructure. Modern AI factories combine high-performance compute, distributed storage, Kubernetes, APIs, GPU farms, and sensitive data, creating new security needs. Check Point integrates its AI Factory Firewall with NVIDIA BlueField and DOCA to provide visibility, segmentation, runtime protections, and infrastructure-level policy enforcement across distributed AI environments.
read more →

Check Point Frontier AI Readiness Jumbo Release

🛡️ This update describes Check Point’s Frontier AI Models Readiness Program and the resulting Jumbo Security Release. It outlines an AI-driven, multi-repository code-scanning initiative called BLAST that provides contextual, architecture-aware analysis to find exploitable vulnerabilities. The release includes dozens of hardening improvements and targeted fixes for multiple CVEs, and customers are urged to update to benefit from the protections.
read more →

AI-Enabled Attacks Shift from Labs to Live Threats

🛡️ Check Point Research’s March–April 2026 Threat Landscape Digest documents that AI-powered attacks have moved from experimental and state-sponsored exercises into routine criminal deployment. The report details a campaign in Mexico where a single operator used commercial AI to compromise nine government agencies, leveraging persistent jailbreaks, weaponized agent configuration files, and commodified attack platforms like EvilTokens. It warns that stolen AI provider keys, rapid exploit timelines, and shadow AI use create urgent operational and supply-chain risks for organizations.
read more →

Protect GenAI Chatbots with Check Point WAF

🛡️ Check Point explains why GenAI chatbots create new security risks by acting as a front door to internal systems and data. The post highlights real incidents—prompt injection, data exposure, and misleading responses—that demonstrate legal, financial, and reputational impacts. It describes how Check Point WAF extends unified application and API security into the conversational layer to detect and block malicious prompts, prevent data leaks, and control unsafe outputs.
read more →

DACH Threats 2025: Hacktivism and Ransomware Surge

🔍 Check Point found a 124% rise in hacktivism and ransomware across Germany, Austria, and Switzerland in 2025, with Germany accounting for roughly 82% of incidents. Defacement and DDoS drove the volume—66% of events—while ransomware comprised nearly 30%, led by Akira, Qilin, and Safepay. The report highlights identity weaknesses, exposed remote services, and insufficient patching as primary enablers, and recommends MFA, patch discipline, credential monitoring, and reduced public attack surface.
read more →

Gentlemen RaaS Leak Reveals Modern Ransomware Risk

🔍 Check Point Research details a May 2026 compromise of The Gentlemen's backend that exposed chat logs, rosters, negotiation transcripts and tooling discussions. The leak shows a compact operation of roughly nine operators centered on a single administrator (zeta88 / hastalamuerte) who built the RaaS panel with AI coding assistants and participated in attacks. Initial access is mostly via unpatched edge devices or purchased credentials, and chain-victimization was observed. Check Point has notified law enforcement.
read more →

April 2026 Cyber Threats Spike: Ransomware and GenAI Risks

📈 April 2026 saw a sharp rebound in global cyber activity, with organizations averaging 2,201 weekly attacks — a 10% month‑over‑month rise and 8% year‑over‑year. Check Point Research attributes the surge to automation, expanded cloud and GenAI exposures and attackers exploiting larger digital footprints. Education, Government and Telecommunications were among the hardest hit. Ransomware incidents and GenAI data leakage risks intensified across regions.
read more →

VECT 2.0 Flaw Turns Ransomware into Irreversible Wiper

⚠️ VECT 2.0 is effectively a destructive wiper rather than recoverable ransomware due to a critical implementation bug that discards key nonces during encryption. Check Point found that any file larger than 131,072 bytes loses three of four ChaCha20 nonces, rendering those chunks irrecoverable even if victims pay. The RaaS's Windows, Linux, and ESXi variants and affiliate model raise broad operational risk, but the technical flaw means payment will not restore most enterprise data.
read more →

Check Point WAF Named Technology Innovation Leader

🛡️ Check Point has been honored with Frost & Sullivan’s 2026 Technology Innovation Leadership recognition for WAF and API security. The accolade underscores a shift in application security as apps span APIs, microservices, AI-driven services and hybrid/multi‑cloud deployments. Check Point’s WAF is positioned to help organizations secure rapid DevSecOps releases, reduce attack surface and protect both traditional web and emerging AI applications.
read more →

AWS Marketplace Expands Network Firewall Managed Rules

🔒 AWS Network Firewall supports expanded managed rule groups from AWS Marketplace partners, allowing rule groups to include up to 10 million domain indicators and 1 million IP addresses. Partners including Infoblox, Lumen, and ThreatSTOP are adding protections for high-risk domains, command-and-control blocking, and sanctions compliance. Managed rules from sellers like Check Point, Fortinet, Rapid7, and Trend Micro provide ready-to-deploy, continuously updated protections and are now available in additional regions.
read more →

Securing AI Agents: Outcome Control with Check Point

🔐 The shift from access-based controls to action-oriented outcome control is redefining application security as AI agents reason, act, and interact with systems. The blog outlines how Google Cloud’s Gemini Enterprise Agent Platform creates a centralized control point for agentic systems, enabling identity, access, policy enforcement, and observability. It frames outcome control as essential to manage the new operational risk posed by agents.
read more →

Check Point AI-Powered Cloud Firewall Preview on Google

🚀 Check Point is rolling out an AI-powered Cloud Firewall as a Service available for preview on Google Cloud and already supported on AWS and Microsoft Azure. The managed service removes the burden of running firewall infrastructure, giving DevOps and security teams time to focus on policy management, compliance, and strategic initiatives. It delivers AI-driven security intelligence, automated policy orchestration, centralized control, and advanced threat prevention across multi-cloud environments. Demos will be shown at Check Point Booth #3101 during Google Next.
read more →

The Gentlemen Ransomware: Rapid Rise and Widespread Impact

🔒 Check Point Research reports that the Gentlemen ransomware-as-a-service operation has claimed over 320 victims since mid-2025, including 240 incidents in 2026, while access to a live C2 server revealed a botnet of more than 1,570 likely corporate victims. The group targets internet-facing devices (VPNs, firewalls) and can encrypt entire networks within hours, focusing on manufacturing, technology and an increasing number of healthcare organizations. Organizations should prioritize patching, MFA, segmentation, proactive detection, and reliable offline backups to reduce exposure.
read more →