< ciso
brief />
Tag Banner

All news with #check point tag

115 articles · page 4 of 6

VoidLink: Cloud-Native Linux Malware Framework Unveiled

🛡️ Check Point Research describes VoidLink, a cloud-native Linux malware framework built to maintain long-term, stealthy access to cloud infrastructure rather than targeting individual endpoints. Its modular, plug-in-driven design enables attackers to extend capabilities over time while remaining quiet. Adaptive stealth allows the framework to alter behavior based on defensive visibility, prioritizing evasion in monitored environments and speed where visibility is limited.
read more →

VoidLink: Advanced Linux Cloud-Native Malware Framework

🛡️ Check Point Research disclosed a previously undocumented Linux malware framework named VoidLink, designed for long-term stealthy access to cloud and container environments. The cloud-native toolkit is highly modular, written in Zig, and comprises custom loaders, implants, rootkits, and an in-memory plugin system with more than 30 modules. It supports diverse C2 channels (HTTP/HTTPS, WebSocket, ICMP, DNS), peer-to-peer mesh networking, and automated cloud discovery across AWS, GCP, Azure, Alibaba, and Tencent. Check Point assesses the framework as actively maintained and attributes it to China-affiliated actors, warning of significant credential-theft and supply-chain risks for cloud-native ecosystems.
read more →

GoBruteforcer Botnet Targets Crypto Databases via Weak Keys

🔒 A new wave of GoBruteforcer attacks is targeting cryptocurrency and blockchain project databases by exploiting weak, reused credentials and exposed services such as FTP, MySQL, PostgreSQL, and phpMyAdmin on Linux hosts. Check Point Research reports the Golang-based botnet deploys obfuscated IRC bots and web shells, leverages XAMPP FTP as an initial vector, and uses brute-force modules to expand, host payloads, and act as backup C2.
read more →

AI-Powered Truman Show Operation Industrializes Fraud

🕵️ Security researchers at Check Point discovered in October 2025 an AI-assisted investment fraud that traps victims in a personalized "Truman Show"-style reality. Targets are lured via SMS, Google Ads and messaging apps into AI-driven WhatsApp groups where faux experts and synthetic members stage daily "wins" to erode skepticism. Victims are then funneled to a branded fake trading app (e.g., OPCOPRO) and persuaded to transfer crypto while attackers harvest KYC data for identity theft and resale. The campaign creates clear enterprise risks including SIM swaps, credential theft and potential insider coercion.
read more →

Check Point Adds Google Cloud Network Security Integration

🔒 Check Point now supports Google Cloud Network Security Integration, offering a nondisruptive approach to deploying cloud firewalls that minimizes downtime and avoids performance degradation. The integration enables organizations—particularly in regulated sectors such as financial services, healthcare, and government—to scale hybrid network security while preserving latency and throughput. It simplifies deployment, centralizes policy management, and helps maintain compliance without rearchitecting existing networks.
read more →

Check Point and NVIDIA Partner to Secure AI Factories

🔒 Check Point and NVIDIA announced an integrated security capability to protect AI "factories" across the entire AI lifecycle, from data ingestion and model training to deployment and inference. The effort targets growing risks such as prompt manipulation and attacks on GenAI infrastructure, which Gartner and other industry surveys identify as rising threats. The collaboration focuses on unified visibility, real-time detection, runtime protection, and centralized policy enforcement to reduce operational risk and help organizations meet compliance and governance requirements.
read more →

Cyber Resilience Through Practical Security Training

🔒 Organizations face an escalating threat landscape and an expanding cyber skills gap that compliance-focused training cannot close. Platforms like Cybrary, in partnership with Check Point Infinity Global Services, emphasize role-based, hands-on learning—combining industry certifications, simulated labs, and tailored learning paths to better prepare security teams for incident response, SOC operations, and threat hunting. This practical approach strengthens resilience by enabling measurable skills and reducing real-world vulnerabilities.
read more →

Check Point Earns 2025 Analyst and Lab Recognitions

🔒 Check Point announced multiple 2025 recognitions from leading analyst firms and independent research labs, underscoring its focus on securing AI-driven environments and distributed networks. The company emphasized a prevention-first philosophy that unifies security management and strengthens Zero Trust frameworks. These honors reflect validation of its strategy to enable safe enterprise AI adoption amid growing cyber threats.
read more →

Check Point Launches AI Security Training Courses Globally

🔐 Infinity Global Services (IGS) has launched its first dedicated AI security training courses, the initial release in a growing AI services portfolio. The programs offer expert-led instruction and hands-on labs to help security teams, developers, and leaders defend against AI-driven threats and implement AI securely across operations and product development. IGS also plans upcoming offerings in AI red teaming, governance, and implementation consulting to extend defensive and advisory capabilities.
read more →

Ink Dragon exploits IIS to build stealthy relays worldwide

🔍 Check Point reports a Chinese-linked group known as Ink Dragon is exploiting misconfigured IIS servers to assemble a stealthy global relay network. Attackers compromise web-facing IIS instances, harvest local credentials, move laterally via RDP, and install a custom IIS module that forwards commands and data between victims to hide C2 origins. Targets include government networks in Southeast Asia, South America and Europe; communications are concealed inside ordinary mailbox drafts. Mitigations include auditing IIS modules against a known baseline, enabling advanced IIS logging, hardening view state settings, and deploying a web application firewall (WAF).
read more →

AI-Enhanced Phishing and Social Scams Surge Before Christmas

⚠️ Check Point reports a surge in Christmas-themed phishing and social scams, detecting 33,500 unique phishing emails and over 10,000 seasonal social ads in a recent two-week period. Threat actors are using AI to produce flawless local-language messages, build fake e-commerce sites with working checkouts, and generate deepfake audio and smishing that mimic delivery alerts. Consumers should watch for spoofed URLs, unusual payment requests, new or inactive accounts and emotional triggers, and avoid clicking unsolicited links or sharing credentials.
read more →

Three Decades of Threat Data Powering AI in Security

🔐 Check Point argues that modern AI's effectiveness hinges on the volume, variety, and freshness of data, and that its three decades of aggregated threat intelligence provide a practical advantage in applying AI to cybersecurity. The post highlights data density — the combination of scale, diversity, and timeliness of telemetry — as the primary driver of model accuracy and detection efficacy. It contrasts five years of explosive AI data growth with Check Point's 30-year corpus and explains how rich telemetry enables better prediction, prevention, and operationalization of AI-driven defenses.
read more →

Christmas 2025 Scams: AI-Driven Phishing and Fake Deals

🎄 AI and automation are enabling more sophisticated holiday scams in 2025, making fraudulent emails, fake retail sites, and social media giveaways harder to detect. Check Point researchers flagged over 33,500 Christmas-themed phishing emails and more than 10,000 suspicious holiday ads within a 14-day window, underscoring a global surge. Practical guidance emphasizes recognizing red flags, validating sellers, and using multi-factor authentication and updated security tools to protect holiday shoppers.
read more →

Check Point CloudGuard Adds Auto-Scaling Support for OCI

🔐 Check Point has extended CloudGuard Network Security to provide full auto-scaling support for Oracle Cloud Infrastructure, enabling firewalls to grow and shrink automatically with workload demand. The integration leverages OCI Instance Pools to automate deployment and scaling of security gateways, while preserving centralized policy control. This update broadens CloudGuard’s native support across 20 public and private cloud vendors, delivering consistent security and operational agility as customers move workloads to OCI.
read more →

Check Point's Cyber Park World Championship Winners

🏆 Check Point's Infinity Global Services (IGS) concluded its inaugural Cyber Park World Championship, organized with community partner CheckMates and training specialist Cympire. Hundreds of participants worldwide competed in realistic cyber ranges, demonstrating technical mastery, incident response skills, and effective teamwork under pressure. The event showcased hands-on cyber simulations within IGS training programs and crowned the first global winners, reinforcing Check Point's commitment to upskilling defenders and strengthening the security workforce.
read more →

Cyber Threats to the U.S.: What Policymakers Need for 2026

🔒 A new Check Point brief warns that cyber attacks against the U.S. have evolved into coordinated geopolitical tools employed by states, criminal networks, and ideological groups. These operations now aim to influence policy, erode public trust, and target critical infrastructure rather than being mere technical intrusions. The report urges leaders to prioritize resilience, improve cross-sector coordination, and strengthen information-sharing and recovery capabilities.
read more →

AI Security and Elevated Zero Trust for Hybrid Networks

🔒 Check Point's new Quantum Firewall Software release, R82.10, extends a prevention-first security model across CloudGuard Network and Quantum Force Firewalls. The update unifies management, strengthens Zero Trust controls for hybrid mesh environments, and adds enforcement and telemetry designed to protect MCP servers, AI workloads, cloud assets and on-prem systems. It simplifies policy consistency and supports responsible AI adoption through data-aware controls and centralized governance.
read more →

Check Point Named Leader in Gartner 2025 Email Security

Check Point has been recognized as a Leader in the 2025 Gartner Magic Quadrant for Email Security. This independent evaluation reinforces our commitment to delivering best-in-class email protection that blocks increasingly sophisticated threats while remaining easy to deploy and manage. According to Check Point Research, 68% of attacks start with email and 61% of harmful files are delivered as HTML attachments, underscoring the need for robust, reliable defenses.
read more →

How CloudGuard WAF Reduces Risk and Total Cost of Ownership

🔒 Check Point's CloudGuard WAF combines high prevention accuracy with reduced operational overhead to lower risk and total cost of ownership. In the WAF Comparison Project 2024–25 (1,040,242 legitimate requests across 692 sites, 13 vendors) it delivered ~99.4% detection and ~0.8% false positives. That accuracy, paired with less manual tuning and faster false-positive triage, cuts hidden expenses and breach exposure while protecting apps and APIs.
read more →

GhostAd: Hidden Google Play Adware Draining Devices

🔍 Check Point's Harmony Mobile Detection Team discovered a broad Android adware campaign on Google Play that operated as a persistent background advertising engine. Masquerading as benign utilities and emoji editors, the apps continued running after closure or reboot, quietly consuming battery and mobile data. The campaign, dubbed GhostAd, comprised at least 15 related apps, with five still available at discovery.
read more →