China-Nexus Activity Against Qatar Observed Amid Expanding Regional Tensions

Key Findings Since the recent escalation in the Middle East, Check Point Research has observed increased activity by Chinese-nexus APT actors in the region, particularly targeting Qatar The Chinese-nexus threat actor Camaro Dragon attempted to deploy a variant of PlugX malware against Qatari targets within one day of the launch of Operation Epic Fury and the onset of the escalation in the Middle East The attackers leveraged the ongoing war in the Middle East to make their lures more credible and engaging, demonstrating the ability to rapidly adapt to major developments and breaking news The use of payloads such as […]

The post China-Nexus Activity Against Qatar Observed Amid Expanding Regional Tensions appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/bCyxsKu
via
- No comments:
Labels:

Introducing CPR Act: A Unified Approach for a Full‑Lifecycle Security

Fragmented products and solutions sprawled across multiple environments create significant visibility gaps, which attackers look for to exploit. To close these gaps, Check Point Services has now introduced CPR Act, an expert‑led unit that covers the entire security lifecycle with continuous intelligence, coordinated action, and clear outcomes. This unified approach eliminates blind spots and ensures that every phase of security feeds into the next, creating a connected and predictable defense.  This elite team of experts brings top researchers, analysts, and responders together to provide organizations with a clear, research‑based insight to act decisively. It operates through four foundational pillars:  Intelligence: […]

The post Introducing CPR Act: A Unified Approach for a Full‑Lifecycle Security appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/oUqVxAB
via
- No comments:
Labels:

Powering Cyber Resilience Across APAC: Celebrating Check Point’s APAC FY25 Partner Award Winners

Recognizing Excellence, Innovation, and Impact Across the Region  Check Point Software Technologies recognized the top partners across the Asia Pacific region, during the Check Point Software Technologies Sales Kickoff APAC event in Bangkok, Thailand, attended by almost 1,000 employees and partners. These awards are handed out to outstanding partners across Asia Pacific who have delivered exceptional customer outcomes, driven sustained growth, and advanced prevention first, AI powered cyber security across the region.   As cyber threats across Asia Pacific continue to intensify in both scale and sophistication — fuelled by AI-driven attacks, expanding hybrid and cloud ecosystems, and growing regulatory and operational complexity across the varied APAC countries, especially around AI, our top-performing partners play a critical role in helping organizations strengthen […]

The post Powering Cyber Resilience Across APAC: Celebrating Check Point’s APAC FY25 Partner Award Winners appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/snqySlU
via
- No comments:
Labels:

The Whitelist Illusion – When Your Trusted List Becomes a Billion Dollar Attack Path

Your whitelist is not a wall. For nation-state attackers, it’s a map, showing exactly who to compromise to get to your assets. $1,788,000,000 STOLEN FROM INSTITUTIONS WITH WHITELISTS, MULTISIGS, AND HARDWARE WALLETS IN PLACE TL;DR When you hold significant assets on a public blockchain, nation-state groups will target you – not if, but when Your whitelist tells attackers exactly which vendors and counterparties to compromise to reach your funds Bybit ($1.5B), WazirX ($235M), and Radiant ($53M) all had whitelists. All were drained through whitelisted entities The correct assumption: every whitelisted address is potentially compromised. Trust must be verified in real […]

The post The Whitelist Illusion – When Your Trusted List Becomes a Billion Dollar Attack Path appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/Azq2uRo
via
- No comments:
Labels:

Silver Dragon: China Nexus Cyber Espionage Group Targeting Governments in Asia and Europe

Silver Dragon is a China nexus cyber espionage group targeting government ministries and public sector organizations across Southeast Asia, with additional victims identified in Europe The group gains initial access through exploitation of public-facing servers and targeted phishing campaigns aimed at government entities It maintains long-term persistence by hijacking legitimate Windows services, thus allowing malware processes to blend into normal system activity A custom backdoor, GearDoor, enables covert command-and-control communications via Google Drive, blending malicious traffic with normal cloud usage The campaign remains relevant as attackers continue to abuse trusted enterprise services and legitimate system components to evade detection Based […]

The post Silver Dragon: China Nexus Cyber Espionage Group Targeting Governments in Asia and Europe appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/PyaC2Ug
via
- No comments:
Labels:

How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization

The CVSS Blind Spot For years, CVSS scores have been the default metric for vulnerability severity. But severity does not equal risk. A CVSS 9.8 vulnerability that is never exploited is less dangerous than a CVSS 6.5 actively used in ransomware campaigns. Yet many organizations still chase the highest scores first, wasting time and leaving real threats exposed. KEV lists help, but they are reactive and often lag behind active exploitation. Attackers move faster than static scoring systems. If your prioritization strategy starts and ends with CVSS, you are playing catch-up. If vulnerability management feels overwhelming, the numbers explain why. […]

The post How Threat Intelligence and Multi-Source Data Drive Smarter Vulnerability Prioritization appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/NKSVHAe
via
- No comments:
Labels:

What Defenders Need to Know about Iran’s Cyber Capabilities

With the current Iran crisis at its peak, cyber activity is a relevant part of the threat picture alongside kinetic and political pressure. Iran’s ecosystem includes multiple clusters aligned with state entities, the Islamic Revolutionary Guard Corps (IRGC) and the Ministry of Intelligence and Security (MOIS), as well as deniable operators and “hacktivist” groups. This ecosystem supports a broad set of objectives: espionage to gain intelligence and footholds; disruption and destructive activity, including DDoS attacks, pseudo-ransomware, and data wipers to impose costs; and information operations that pair destructive activity or data leaks with coordinated online amplification. This activity is expected to intensify and broaden across the Middle East, the United States, and […]

The post What Defenders Need to Know about Iran’s Cyber Capabilities appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/dBXzojE
via
- No comments:
Labels:
Subscribe to: Comments (Atom)

China-Nexus Activity Against Qatar Observed Amid Expanding Regional Tensions

Key Findings Since the recent escalation in the Middle East, Check Point Research has observed increased activity by Chinese-nexus APT acto...