Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files

As malware evades detection by hiding inside password-protect zip files, new Threat Emulation capabilities enable inspecting and blocking malicious ZIP files without requiring their password. As cyber defenses evolve, so do attacker tactics. One of the most persistent evasion techniques in the wild involves embedding malware inside password-protected ZIP files, making it difficult for traditional security tools to inspect their content. The Challenge: Breaking the Password Delivery Chain Attackers have adapted. Their new strategy? Splitting the delivery path: The malicious ZIP file is sent via email. The password arrives through an out-of-band channel, often SMS or messaging apps. This multi-channel […]

The post Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/FEs26fk
via
- No comments:
Labels:

Securing Your AI Transformation: How Check Point Is Helping Security Teams Keep Control in an AI-First World

AI is moving faster than most security teams can keep up with. As AI reshapes how work gets done, and how attacks are carried out, Check Point believes organizations need to rewire security for the AI era: not by adding more tools, but by rethinking how security is designed and operated when both attackers and defenders use AI. First, security leaders must revalidate their security foundations. AI-driven attacks are faster and more adaptive, so core controls across networks, endpoints, email, SASE, and cloud must be strengthened to keep pace with the proliferation of AI-powered threats. Second, organizations must enable secure […]

The post Securing Your AI Transformation: How Check Point Is Helping Security Teams Keep Control in an AI-First World appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/WPajl3X
via
- No comments:
Labels:

Love Is in the Air — and So Are Scammers: Valentine’s Day 2026 Threats to Watch For

As Valentine’s Day 2026 approaches, people are turning to online shopping, digital dating, and last‑minute gift ideas. Unfortunately, cyber criminals are doing the same. Check Point researchers have identified a sharp rise in Valentine‑themed phishing websites, fraudulent stores, and fake dating platforms designed to steal personal data and payment information. A Seasonal Spike in Valentine-Themed Domains From March to December 2025, new Valentine-related domains averaged 474 per month. But in January 2026, registrations jumped to 696 — a 44% increase. In just the first five days of February, researchers detected 152 additional domains, a further 36% rise in daily average […]

The post Love Is in the Air — and So Are Scammers: Valentine’s Day 2026 Threats to Watch For appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/zuCTOq8
via
- No comments:
Labels:

WAF Security Test Results 2026: Why Prevention-First Matters More Than Ever

Introduction: Security Testing Must Evolve with Attacks As cyber threats rise, web applications, GenAI workloads, and APIs have become prime targets. WAFs remain a critical first line of defense, but as attackers move beyond basic OWASP Top 10 techniques, WAF testing must evolve. Modern attacks increasingly rely on evasion methods, payload padding, and zero-day techniques designed to bypass signature-based WAFs. The WAF Comparison Project 2026 presents the results of our third annual, real-world evaluation of WAF efficacy (see the last year result here), using over 1 million legitimate requests and 74,000 malicious payloads to assess 14 leading WAF vendors, including […]

The post WAF Security Test Results 2026: Why Prevention-First Matters More Than Ever appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/xA0DhU8
via
- No comments:
Labels:

Global Cyber Attacks Rise in January 2026 Amid Increasing Ransomware Activity and Expanding GenAI Risks

Global Attack Volumes Climb Worldwide In January 2026, the global volume of cyber attacks continued its steady escalation. Organizations worldwide experienced an average of 2,090 cyber‑attacks per organization per week, marking a 3% increase from December and a 17% rise compared to January 2025. This growth reflects a landscape increasingly shaped by the expansion of ransomware activity and mounting data‑exposure risks driven by widespread GenAI adoption. Check Point Research data shows that January’s upward trajectory underscores a persistent and evolving cyber threat environment — one defined by fast‑moving ransomware operations and intensifying GenAI‑related risks. Critical Sectors Face Intensified Pressure The […]

The post Global Cyber Attacks Rise in January 2026 Amid Increasing Ransomware Activity and Expanding GenAI Risks appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/ZXi4yMu
via
- No comments:
Labels:

From Solo to Squad: The Evolution of Cyber Security Training in the AI Era

Generative AI is transforming cyber defense. Technical expertise remains critical, but AI-driven threats demand more than individual skill – they require the collective intelligence of the organization’s SOC. To understand how businesses are adapting, Infinity Global Services analyzed training consumption trends from 2023 to 2025. The findings reveal a decisive shift from individual courses to team-based subscriptions, signaling a new approach to workforce development in the age of AI. The Data: A Shift in Mindset Infinity Global Services’ training data shows a clear change in procurement strategies. Individual course purchases have declined by 33%, while team-based subscription models have surged, […]

The post From Solo to Squad: The Evolution of Cyber Security Training in the AI Era appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/wux2g3I
via
- No comments:
Labels:

SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms

Overview This report documents a large-scale phishing campaign in which attackers abused legitimate software-as-a-service (SaaS) platforms to deliver phone-based scam lures that appeared authentic and trustworthy. Rather than spoofing domains or compromising services, the attackers deliberately misused native platform functionality to generate and distribute emails that closely resembled routine service notifications, inheriting the trust, reputation, and authentication posture of well-known SaaS providers. The campaign generated approximately 133,260 phishing emails, impacting 20,049 organizations. It is part of a broader and rapidly escalating trend in which attackers weaponize trusted brands and native cloud workflows to maximize delivery, credibility, and reach. Observed brands […]

The post SaaS Abuse at Scale: Phone-Based Scam Campaign Leveraging Trusted Platforms appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/ZEuiVmz
via
- No comments:
Labels:
Subscribe to: Comments (Atom)

Unzipping the Threat: How to Block Malware Hidden in Password-Protected ZIP Files

As malware evades detection by hiding inside password-protect zip files, new Threat Emulation capabilities enable inspecting and blocking m...