All news with #check point tag

🔍 Check Point reports a Chinese-linked group known as Ink Dragon is exploiting misconfigured IIS servers to assemble a stealthy global relay network. Attackers compromise web-facing IIS instances, harvest local credentials, move laterally via RDP, and install a custom IIS module that forwards commands and data between victims to hide C2 origins. Targets include government networks in Southeast Asia, South America and Europe; communications are concealed inside ordinary mailbox drafts. Mitigations include auditing IIS modules against a known baseline, enabling advanced IIS logging, hardening view state settings, and deploying a web application firewall (WAF).

⚠️ Check Point reports a surge in Christmas-themed phishing and social scams, detecting 33,500 unique phishing emails and over 10,000 seasonal social ads in a recent two-week period. Threat actors are using AI to produce flawless local-language messages, build fake e-commerce sites with working checkouts, and generate deepfake audio and smishing that mimic delivery alerts. Consumers should watch for spoofed URLs, unusual payment requests, new or inactive accounts and emotional triggers, and avoid clicking unsolicited links or sharing credentials.

🔐 Check Point argues that modern AI's effectiveness hinges on the volume, variety, and freshness of data, and that its three decades of aggregated threat intelligence provide a practical advantage in applying AI to cybersecurity. The post highlights data density — the combination of scale, diversity, and timeliness of telemetry — as the primary driver of model accuracy and detection efficacy. It contrasts five years of explosive AI data growth with Check Point's 30-year corpus and explains how rich telemetry enables better prediction, prevention, and operationalization of AI-driven defenses.

🎄 AI and automation are enabling more sophisticated holiday scams in 2025, making fraudulent emails, fake retail sites, and social media giveaways harder to detect. Check Point researchers flagged over 33,500 Christmas-themed phishing emails and more than 10,000 suspicious holiday ads within a 14-day window, underscoring a global surge. Practical guidance emphasizes recognizing red flags, validating sellers, and using multi-factor authentication and updated security tools to protect holiday shoppers.

🔐 Check Point has extended CloudGuard Network Security to provide full auto-scaling support for Oracle Cloud Infrastructure, enabling firewalls to grow and shrink automatically with workload demand. The integration leverages OCI Instance Pools to automate deployment and scaling of security gateways, while preserving centralized policy control. This update broadens CloudGuard’s native support across 20 public and private cloud vendors, delivering consistent security and operational agility as customers move workloads to OCI.

🏆 Check Point's Infinity Global Services (IGS) concluded its inaugural Cyber Park World Championship, organized with community partner CheckMates and training specialist Cympire. Hundreds of participants worldwide competed in realistic cyber ranges, demonstrating technical mastery, incident response skills, and effective teamwork under pressure. The event showcased hands-on cyber simulations within IGS training programs and crowned the first global winners, reinforcing Check Point's commitment to upskilling defenders and strengthening the security workforce.

🔒 A new Check Point brief warns that cyber attacks against the U.S. have evolved into coordinated geopolitical tools employed by states, criminal networks, and ideological groups. These operations now aim to influence policy, erode public trust, and target critical infrastructure rather than being mere technical intrusions. The report urges leaders to prioritize resilience, improve cross-sector coordination, and strengthen information-sharing and recovery capabilities.

🔒 Check Point's new Quantum Firewall Software release, R82.10, extends a prevention-first security model across CloudGuard Network and Quantum Force Firewalls. The update unifies management, strengthens Zero Trust controls for hybrid mesh environments, and adds enforcement and telemetry designed to protect MCP servers, AI workloads, cloud assets and on-prem systems. It simplifies policy consistency and supports responsible AI adoption through data-aware controls and centralized governance.

✅ Check Point has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Email Security. This independent evaluation reinforces our commitment to delivering best-in-class email protection that blocks increasingly sophisticated threats while remaining easy to deploy and manage. According to Check Point Research, 68% of attacks start with email and 61% of harmful files are delivered as HTML attachments, underscoring the need for robust, reliable defenses.

🔒 Check Point's CloudGuard WAF combines high prevention accuracy with reduced operational overhead to lower risk and total cost of ownership. In the WAF Comparison Project 2024–25 (1,040,242 legitimate requests across 692 sites, 13 vendors) it delivered ~99.4% detection and ~0.8% false positives. That accuracy, paired with less manual tuning and faster false-positive triage, cuts hidden expenses and breach exposure while protecting apps and APIs.

🔍 Check Point's Harmony Mobile Detection Team discovered a broad Android adware campaign on Google Play that operated as a persistent background advertising engine. Masquerading as benign utilities and emoji editors, the apps continued running after closure or reboot, quietly consuming battery and mobile data. The campaign, dubbed GhostAd, comprised at least 15 related apps, with five still available at discovery.

🔒 Check Point and AWS have introduced Check Point Managed Rules for AWS Network Firewall to simplify scaling network security across complex cloud environments. The service provides centrally managed, preconfigured rule sets that reduce the time and effort required to deploy and maintain firewalls across multiple VPCs and subnets. By automating updates and delivering threat-informed rules, the offering aims to lower operational overhead, accelerate response to new attack vectors, and free scarce IT resources for higher-value tasks.

🔒 AWS Network Firewall now supports managed rule groups from AWS Partners, enabling customers to deploy partner-maintained, automatically updated security rules directly into firewall policies. You can subscribe and deploy these pre-configured rule groups via the AWS Network Firewall console or through AWS Marketplace, with consolidated billing and potential long-term pricing benefits. Available sellers include Check Point, Fortinet, Infoblox, Lumen, Rapid7, ThreatSTOP, and Trend Micro in all AWS commercial regions where the services are offered.

🔒 Organizations must update GRC programs to address the rising use and risks of generative and agentic AI, balancing innovation with compliance and security. Recent data — including Check Point's AI Security Report 2025 — indicate roughly one in 80 corporate requests to generative AI services carries a high risk of sensitive data loss. Security leaders are advised to treat AI as a distinct risk category, adapt frameworks like NIST AI RMF and ISO/IEC 42001, and implement pragmatic controls such as traffic-light tool classification and risk-based inventories so teams can prioritize highest-impact risks without stifling progress.

🔒 The rise of generative AI introduces new attack surfaces that conventional security stacks were never designed to address. This post outlines how pairing CloudGuard WAF with Lakera's AI-risk controls creates layered protection by inspecting prompts, model interactions, and data flows at the application edge. The integrated solution aims to prevent prompt injection, sensitive-data leakage, and harmful content generation while maintaining application availability and performance.

📨 Check Point email security researchers uncovered a large-scale phishing campaign that abuses Meta's Business Suite and the facebookmail.com delivery domain to send convincing fake notifications. Attackers craft messages that appear to originate from Meta, allowing them to bypass many traditional security filters and increase the likelihood of SMBs across the U.S. and internationally engaging with malicious links or credential-stealing pages. Organizations should strengthen email defenses, monitor suspicious Business Suite activity, and educate staff to reduce exposure.

🔒 Check Point expands CloudGuard to protect GenAI applications by extending the ML-driven, open-source CloudGuard WAF that learns from live traffic. The platform moves beyond traditional static WAFs to secure web interactions, APIs (REST, GraphQL) and model-integrated endpoints with continuous learning and high threat-prevention accuracy. This evolution targets modern attack surfaces introduced by generative AI workloads and APIs.

🔒 Check Point Software achieved the highest security effectiveness rating in the recent NSS Labs Enterprise Firewall Test, posting a 99.59% score. The result spotlights its prevention-first architecture and comprehensive threat coverage, which the company says outperformed competing vendors. The blog links this independent validation to rising AI-driven risks, citing Check Point Research findings that 1 in 54 GenAI prompts carries a high risk of sensitive-data exposure and that 91% of frequent AI users are affected, underscoring the need for robust network defense.

🔒 Check Point researchers disclosed four vulnerabilities in Microsoft Teams that let attackers alter message content, spoof senders, and manipulate notifications to impersonate colleagues. The issues were reported in March 2024 and remediated across multiple updates beginning with an August 2024 fix for CVE-2024-38197, followed by patches in September 2024 and October 2025. Exploitable by external guests and internal actors alike, the flaws could trick users into clicking malicious links, sharing sensitive data, or accepting fraudulent calls by making messages and caller notifications appear to originate from trusted executives or coworkers.

🔒 Check Point’s SASE offering and its TCO savings calculator explain how consolidating security and networking into a cloud-delivered SASE reduces operational complexity and costs compared with traditional VPN-based architectures. The article explains product, operational and performance savings and quantifies ROI improvements when replacing hardware-heavy VPN backhauling. It highlights benefits such as simplified management, faster time-to-value, improved throughput and reduced exposure to risk for distributed users.