< ciso
brief />
Tag Banner

All news with #check point tag

115 articles · page 5 of 6

Check Point Launches Managed Rules for AWS Network Firewall

🔒 Check Point and AWS have introduced Check Point Managed Rules for AWS Network Firewall to simplify scaling network security across complex cloud environments. The service provides centrally managed, preconfigured rule sets that reduce the time and effort required to deploy and maintain firewalls across multiple VPCs and subnets. By automating updates and delivering threat-informed rules, the offering aims to lower operational overhead, accelerate response to new attack vectors, and free scarce IT resources for higher-value tasks.
read more →

AWS Network Firewall Adds Managed Rules from AWS Partners

🔒 AWS Network Firewall now supports managed rule groups from AWS Partners, enabling customers to deploy partner-maintained, automatically updated security rules directly into firewall policies. You can subscribe and deploy these pre-configured rule groups via the AWS Network Firewall console or through AWS Marketplace, with consolidated billing and potential long-term pricing benefits. Available sellers include Check Point, Fortinet, Infoblox, Lumen, Rapid7, ThreatSTOP, and Trend Micro in all AWS commercial regions where the services are offered.
read more →

How AI Is Reshaping Enterprise GRC and Risk Control

🔒 Organizations must update GRC programs to address the rising use and risks of generative and agentic AI, balancing innovation with compliance and security. Recent data — including Check Point's AI Security Report 2025 — indicate roughly one in 80 corporate requests to generative AI services carries a high risk of sensitive data loss. Security leaders are advised to treat AI as a distinct risk category, adapt frameworks like NIST AI RMF and ISO/IEC 42001, and implement pragmatic controls such as traffic-light tool classification and risk-based inventories so teams can prioritize highest-impact risks without stifling progress.
read more →

Best-in-Class GenAI Security: CloudGuard WAF Meets Lakera

🔒 The rise of generative AI introduces new attack surfaces that conventional security stacks were never designed to address. This post outlines how pairing CloudGuard WAF with Lakera's AI-risk controls creates layered protection by inspecting prompts, model interactions, and data flows at the application edge. The integrated solution aims to prevent prompt injection, sensitive-data leakage, and harmful content generation while maintaining application availability and performance.
read more →

Phishing Campaign Uses Meta Business Suite to Target SMBs

📨 Check Point email security researchers uncovered a large-scale phishing campaign that abuses Meta's Business Suite and the facebookmail.com delivery domain to send convincing fake notifications. Attackers craft messages that appear to originate from Meta, allowing them to bypass many traditional security filters and increase the likelihood of SMBs across the U.S. and internationally engaging with malicious links or credential-stealing pages. Organizations should strengthen email defenses, monitor suspicious Business Suite activity, and educate staff to reduce exposure.
read more →

Expanding CloudGuard: Securing GenAI Application Platforms

🔒 Check Point expands CloudGuard to protect GenAI applications by extending the ML-driven, open-source CloudGuard WAF that learns from live traffic. The platform moves beyond traditional static WAFs to secure web interactions, APIs (REST, GraphQL) and model-integrated endpoints with continuous learning and high threat-prevention accuracy. This evolution targets modern attack surfaces introduced by generative AI workloads and APIs.
read more →

Check Point Scores 99.59% in NSS Labs Firewall Test

🔒 Check Point Software achieved the highest security effectiveness rating in the recent NSS Labs Enterprise Firewall Test, posting a 99.59% score. The result spotlights its prevention-first architecture and comprehensive threat coverage, which the company says outperformed competing vendors. The blog links this independent validation to rising AI-driven risks, citing Check Point Research findings that 1 in 54 GenAI prompts carries a high risk of sensitive-data exposure and that 91% of frequent AI users are affected, underscoring the need for robust network defense.
read more →

Microsoft Teams Bugs Enable Message and Caller Spoofing

🔒 Check Point researchers disclosed four vulnerabilities in Microsoft Teams that let attackers alter message content, spoof senders, and manipulate notifications to impersonate colleagues. The issues were reported in March 2024 and remediated across multiple updates beginning with an August 2024 fix for CVE-2024-38197, followed by patches in September 2024 and October 2025. Exploitable by external guests and internal actors alike, the flaws could trick users into clicking malicious links, sharing sensitive data, or accepting fraudulent calls by making messages and caller notifications appear to originate from trusted executives or coworkers.
read more →

Lower Your TCO with Check Point's SASE Platform

🔒 Check Point’s SASE offering and its TCO savings calculator explain how consolidating security and networking into a cloud-delivered SASE reduces operational complexity and costs compared with traditional VPN-based architectures. The article explains product, operational and performance savings and quantifies ROI improvements when replacing hardware-heavy VPN backhauling. It highlights benefits such as simplified management, faster time-to-value, improved throughput and reduced exposure to risk for distributed users.
read more →

Open-Source b3 Benchmark Boosts LLM Security Testing

🛡️ The UK AI Security Institute (AISI), Check Point and Lakera have launched b3, an open-source benchmark to assess and strengthen the security of backbone LLMs that power AI agents. b3 focuses on the specific LLM calls within agent workflows where malicious inputs can trigger harmful outputs, using 10 representative "threat snapshots" combined with a dataset of 19,433 adversarial attacks from Lakera’s Gandalf initiative. The benchmark surfaces vulnerabilities such as system prompt exfiltration, phishing link insertion, malicious code injection, denial-of-service and unauthorized tool calls, making LLM security more measurable, reproducible and comparable across models and applications.
read more →

Check Point's AI Cloud Protect with NVIDIA BlueField

🔒 Check Point has made AI Cloud Protect powered by NVIDIA BlueField available for enterprise deployment, offering DPU-accelerated security for cloud AI workloads. The solution aims to inspect and protect GenAI traffic and prompts to reduce data exposure risks while integrating with existing cloud environments. It targets prompt manipulation and infrastructure attacks at scale and is positioned for organizations building AI factories.
read more →

New LockBit Ransomware Victims Identified October 2025

🔒 After months of rumored silence, security researchers have identified multiple organizations hit by LockBit-branded ransomware in September 2025. Check Point's report documents about a dozen victims across Western Europe, the Americas and Asia, affecting both Windows and Linux systems. Roughly half were infected with LockBit 5.0 and the rest with the leaked 3.0 (LockBit Black) variant. LockBit 5.0 introduces multi-platform builds, enhanced anti-analysis, randomized extensions and a revamped affiliate panel requiring a roughly $500 deposit.
read more →

AI 2030: The Coming Era of Autonomous Cybercrime Threats

🔒 Organizations worldwide are rapidly adopting AI across enterprises, delivering efficiency gains while introducing new security risks. Cybersecurity is at a turning point where AI fights AI, and today's phishing and deepfakes are precursors to autonomous, self‑optimizing AI threat actors that can plan, execute, and refine attacks with minimal human oversight. In September 2025, Check Point Research found that 1 in 54 GenAI prompts from enterprise networks posed a high risk of sensitive-data exposure, underscoring the urgent need to harden defenses and govern model use.
read more →

LockBit Resurges with New Variant and Fresh Victims

🛡️ LockBit has reemerged after a disruption in early 2024 and is actively extorting new victims. Check Point Research identified roughly a dozen organizations hit in September 2025, and about half of those incidents involved the new LockBit 5.0 variant, labeled ChuongDong. The group is deploying attacks across Windows, Linux and ESXi environments in Europe, the Americas and Asia. Check Point Harmony Endpoint and Quantum customers are protected via Threat Emulation, which can block these attacks before encryption occurs.
read more →

YouTube Ghost Network: Disrupting a Massive Malware Campaign

🛡️ Check Point Research uncovered the YouTube Ghost Network, a large-scale operation that used fake and compromised accounts to distribute infostealers like Rhadamanthys and Lumma. More than 3,000 malicious videos — often disguised as cracked software or game hacks — were reported and removed after being linked to password-protected archives that carried the malware. Compromised accounts, coordinated comment manipulation, and false endorsements were used to build trust and drive downloads.
read more →

AI-Powered Phishing Detection: Next-Gen Security Engine

🛡️ Check Point introduces a continuously trained AI engine that analyzes website content, structure, and authentication flows to detect phishing with high accuracy. Integrated with ThreatCloud AI, it delivers protection across Quantum gateways, Harmony Email, Endpoint, and Harmony Mobile. The model learns from millions of domains and real-time telemetry to adapt to new evasion techniques. Early results indicate improved detection of brand impersonation and credential-harvesting pages.
read more →

Check Point and HackShield Empower Young Cyber Agents

🛡️ Check Point has partnered with HackShield, an award-winning cyber education platform, to deliver gamified cybersecurity learning to children aged 8–12. The collaboration will expand access to age-appropriate resources and help cultivate resilient Cyber Agents in schools, families, and communities. The initiative aligns with Check Point’s mission to build lasting cybersecurity foundations and promote safe online habits among the next generation.
read more →

Rhadamanthys 0.9.2 Stealer Introduces New Evasion Techniques

🔒 Check Point Research details the release of Rhadamanthys 0.9.2, a new build of a widely used information stealer that introduces multiple evasion and delivery changes. The update replaces previous loaders with a PNG-based payload delivery, updates encryption, refines sandbox checks, adds configurable process injection, and expands targeting to include Ledger Live crypto wallets. Operators have rebranded as RHAD Security / Mythical Origin Labs and launched a professional site, while CPR supplies updated signatures and tools to help defenders adapt.
read more →

Defending Against Credential Attacks with Hybrid Mesh

🔐 Credential-based attacks are at epidemic levels: the 2025 Verizon DBIR shows 22% of breaches begin with compromised credentials, and Check Point's External Risk Management saw leaked credential volumes rise 160% year‑over‑year. Attackers increasingly prefer to "log in" rather than "hack in," exploiting exposed passwords, tokens, API keys and OAuth abuse. The article recommends a hybrid mesh architecture that unifies identity, network, endpoint and cloud telemetry to apply context-aware, adaptive access controls, improved credential hygiene, and faster detection and response.
read more →

Check Point Honors Top Asia Pacific Partners in 2025

🤝 Check Point Software Technologies recognised top-performing partners across Asia Pacific at its 2025 Partner Conference held 8-11 September at the JW Marriott Hanoi. Nearly 200 regional partners gathered to address rising AI-driven cyber threats, share best practices and strengthen go-to-market strategies. As a 100% partner-led organisation, Check Point celebrated channel excellence with awards that honoured innovation, collaboration and outstanding adoption of its unified security portfolio. The event reinforced the ecosystem’s central role in securing organizations across the region.
read more →