Tag: Check Point
-
The Trojan Meeting: How “TrueChaos” Turns TrueConf Video Calls into State-Sponsored Spyware
Digital marauders have devised a method to transmute a corporate video conferencing architecture into an instrument of mass contagion. The assault has besieged the TrueConf platform, a cornerstone utilized by governmental echelons and global enterprises alike. This pertains to the architectural frailty designated CVE-2026-3502. The malady resides within the update orchestration mechanism, which fails to…
-
Digital Decapitation? Israel Targets the IRGC’s “Central Nervous System” in Tehran Kinetic Strike
Israel has heralded a formidable strike upon facilities situated within Tehran, which the Israeli military asserts were instrumental in orchestrating Iran’s cyber operations. However, the profound magnitude of the devastation and its true impact upon the nation’s capacity to wage digital warfare remain shrouded in ambiguity. The Israel Defense Forces disclosed a succession of bombardments…
-
The Enemy Within: Why Hackers are Paying Your Employees $100K to Betray You
Within cybercriminal circles, interest in recruiting insiders from within companies is surging. Rather than mounting complex external intrusions, attackers are increasingly betting on internal sources—employees willing, for a price, to grant access to corporate systems or leak sensitive information. This trend has already reached banks, cryptocurrency exchanges, telecommunications providers, and technology firms. According to Check…
-
Critical Flaws in Microsoft Teams Let Hackers Impersonate CEOs and Edit Messages Undetected
Vulnerabilities in corporate messengers are no longer a rarity, yet this time the threat is of a far more alarming magnitude. The Check Point research team has uncovered four critical flaws in Microsoft Teams that allowed attackers to impersonate executives, send counterfeit notifications and calls, and even silently alter previously sent messages—without leaving the slightest…
-
ZipLine: New Campaign Triggers Victims to Call Hackers
Researchers at Check Point Research have uncovered a new targeted campaign, dubbed ZipLine, which leverages the malicious tool MixShell against industrial and high-tech companies. The hallmark of this operation lies in its unorthodox delivery method: instead of relying on traditional phishing emails, attackers initiate contact through the “Contact Us” forms on victim websites. They then…
-
Beyond the Classroom: Phishing Campaign Exploits Google for Global Attack
An attack on Google Classroom has escalated into one of the largest phishing campaigns in recent months. According to Check Point, between August 6 and 12, attackers launched five coordinated waves of distribution, sending more than 115,000 emails to over 13,500 organizations worldwide. The targets included entities in education, healthcare, finance, and industry, with particular…
-
Hackers Exploit Check Point VPN Flaw to Steal Sensitive AD Credentials
Check Point has reported that since late April, cybercriminals have been actively exploiting a critical vulnerability in the Check Point VPN remote access system, allowing them to steal Active Directory data for further infiltration into victims’ networks. On May 27, Check Point alerted its clients that attacks were targeting their security systems through outdated local…
-
Zero-Day Alert: Check Point Gateways Under Active Attack (CVE-2024-24919)
Check Point, a cybersecurity firm, has urged its clients to review their VPN configurations to prevent potential attacks from malicious actors attempting to access corporate networks. In its May 28th notification, the company highlighted that VPNs from various security system providers are increasingly becoming targets for attacks. Specifically, Check Point has recorded attempted breaches of…