All news with #check point tag

Sharp Rise in Cyberattacks on German Education Sector

🔒 Researchers at Check Point report a 56% year-over-year increase in cyberattacks against German educational institutions as the new school year begins, well above the global average. Analysts observed targeted phishing campaigns, including an August 2025 scheme that redirected victims to fake university and Outlook login pages to harvest credentials. To mitigate risk, experts recommend targeted phishing awareness training, mandatory multi-factor authentication (MFA), early detection of suspicious domains, regular system updates and deployment of modern threat-prevention solutions as part of a preventive, multi-layered security strategy.

Resilient Network Security Strategies for Disruption

🔒 In a world where pandemics, war, and natural disasters are inevitable, security teams must plan for continuity. The article examines two primary approaches: scaling VPN capacity for remote access or adopting a SASE framework that integrates networking and security as a cloud-delivered service. Each option has trade-offs in cost, complexity, and operational risk; readiness requires assessing user patterns, threat exposure, and recovery objectives.

Agentic Tool Hexstrike-AI Accelerates Exploit Chain

⚠️ Check Point warns that Hexstrike-AI, an agentic AI orchestration platform integrating more than 150 offensive tools, is being abused by threat actors to accelerate vulnerability discovery and exploitation. The system abstracts vague commands into precise, sequenced technical steps, automating reconnaissance, exploit crafting, payload delivery and persistence. Check Point observed dark‑web discussions showing the tool used to weaponize recent Citrix NetScaler zero-days, including CVE-2025-7775, and cautions that tasks which once took weeks can now be completed in minutes. Organizations are urged to patch immediately, harden systems and adopt adaptive, AI-enabled detection and response measures.

115,000 Phishing Emails Leveraged Google Classroom

⚠ Check Point uncovered a global phishing campaign that delivered 115,000 fake invitations via Google Classroom to about 13,500 organizations worldwide within a single week. Attackers used seemingly legitimate classroom invites to present unrelated commercial offers and instructed recipients to continue contact via WhatsApp, shifting conversations off monitored email channels. Because many filters treat messages from Google services as trustworthy, these messages often bypass conventional protections. Experts advise staff training, adoption of AI-driven detection that evaluates context and intent, and extending phishing defenses beyond email to collaboration and messaging platforms.

Check Point Named Leader in 2025 Hybrid Mesh Firewall

🚀 Check Point has been named a Leader in the 2025 Gartner Magic Quadrant for Hybrid Mesh Firewall, recognized for ability to execute and completeness of vision. The firm emphasizes its AI-powered network security to deliver consistent, high-performance threat prevention across on-premises, cloud and SASE environments. The recognition highlights unified management and proactive defenses designed for distributed enterprises facing AI-driven attacks.

MixShell Malware Targets U.S. Supply Chain via Contact Forms

⚠️ Cybersecurity researchers warn of a targeted social‑engineering campaign delivering an in‑memory implant called MixShell to supply‑chain manufacturers through corporate 'Contact Us' forms. The activity, tracked as ZipLine by Check Point, uses weeks of credible exchanges, fake NDAs and weaponized ZIPs containing LNK files that trigger PowerShell loaders. MixShell runs primarily in memory, uses DNS tunneling for C2 with HTTP fallback, and enables remote commands, file access, reverse proxying, persistence and lateral movement. Malicious archives are staged on abused Heroku subdomains, illustrating use of legitimate PaaS for tailored delivery.

CloudGuard WAFaaS Now Available on AWS Marketplace

🔒 CloudGuard WAF-as-a-Service is now available on the AWS Marketplace and verified as Deployed on AWS. This pay-as-you-go service simplifies web application and API protection for AWS customers and reduces procurement friction. The offering has been recognized in the Gartner Market Guide for WAAP and named a Leader in the GigaOm Radar. Independent testing reported a 99.4% threat detection rate and 0.81% false positives, underscoring strong efficacy with low noise.

Harmony SASE MCP Server Enables AI-Driven Visibility

🔗 The Harmony SASE MCP Server connects AI and IDE assistants to Harmony SASE, enabling direct, secure access to networking and security context. Built on the open Model Context Protocol (MCP), it exposes a curated set of endpoints so AI tools like Claude, Cursor, and GitHub Copilot can enrich workflows, accelerate investigations, and integrate SASE telemetry into familiar analyst and developer interfaces.