The Drift–Salesforce Attack: Time to Rethink Your SaaS Security

A SaaS Security nightmare for IT managers everywhere recently came true. Attackers leveraged legitimate OAuth tokens from Salesloft’s Drift chatbot integration with Salesforce to silently exfiltrate customer data from the popular CRM platform, according to Google Threat Intelligence Group. The sophisticated attack exposes a critical blind spot that most security teams don’t even know they have. When SaaS Integrations Become Attack Vectors Between August 8-18, 2025, the threat actor Google calls UNC6395 targeted the OAuth-based connection between Drift and Salesforce—an integration that thousands of sales teams rely on daily to sync marketing conversations and lead data. The attacker understood a […]

The post The Drift–Salesforce Attack: Time to Rethink Your SaaS Security appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/a49edlq
via
- No comments:
Labels:

Employee Spotlight: Getting to Know Julia Rabinovich

Julia, can you tell us a bit about yourself? I’m a system architect in the Quantum Network Security Products department. My main responsibilities focus on building system solutions and related architectural work, but I’m also very passionate about promoting a culture of modern software development and knowledge sharing. Another area I’m deeply invested in is cryptography. Recently, I also joined the patent technical team, which has opened up exciting new opportunities for me. What led to your decision to join Check Point? Working at the same company for many years definitely has its benefits — it helps build a career, […]

The post Employee Spotlight: Getting to Know Julia Rabinovich appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/6HGyv1V
via
- No comments:
Labels:

Cyber Attacks Surge Against Education Sector Ahead of Back-to-School Season

As millions of students return to classrooms and campuses, schools are facing another challenge: a sharp rise in cyber attacks. According to Check Point Research, from January through July 2025, the education sector continued its streak as the most targeted industry worldwide, averaging 4,356 attacks per organization each week — a 41% year-over-year increase. Global View of Education Attacks The education sector has seen unprecedented levels of cyber activity this year: 4,356 average weekly attacks per organization worldwide. 41% overall increase YoY, making it the most attacked industry globally. Consistent targeting across both developed and developing regions, highlighting the global […]

The post Cyber Attacks Surge Against Education Sector Ahead of Back-to-School Season appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/T3sp972
via
- No comments:
Labels:

Check Point Named a Leader in the 2025 Gartner Magic Quadrant for Hybrid Mesh Firewalls

Delivering AI-powered network security across on-premises, cloud and SASE to prevent the most advanced threats Check Point is named a Leader in the 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall.  Gartner recognized Check Point for ability to execute and completeness of vision We believe this recognition underscores Check Point’s ability to deliver consistent, high-performance threat prevention and unified management across on-premises, cloud, and SASE, while staying ahead of sophisticated modern threats.   DOWNLOAD COMPLETE 2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall report. Hyper Connected Distributed Enterprises Face AI driven Attacks    In today’s hyperconnected world, applications and users span everywhere from data […]

The post Check Point Named a Leader in the 2025 Gartner Magic Quadrant for Hybrid Mesh Firewalls appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/1nfXw0E
via
- No comments:
Labels:

ZipLine Campaign: Advanced Social Engineering Phishing Targets U.S. Manufacturing

ZipLine is one of the most advanced social engineering phishing campaigns seen by Check Point Research. Attackers reverse the usual phishing flow by starting contact through a company’s public “Contact Us” form, tricking victims into initiating email correspondence. They exchange professional, multi-week email conversations and often request NDAs before sending a malicious ZIP file. The payload, MixShell, is in‑memory malware that uses DNS tunneling and HTTP fallback to stay connected and execute attacker commands. A second wave of attacks uses an AI transformation pretext, disguised as internal AI Impact Assessments. Targets are mainly U.S. manufacturing and supply chain–critical companies, where […]

The post ZipLine Campaign: Advanced Social Engineering Phishing Targets U.S. Manufacturing appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/3Nxj42o
via
- No comments:
Labels:

Phishing in the Classroom: 115,000 Emails Exploit Google Classroom to Target 13,500 Organizations

Check Point researchers have uncovered a large-scale active phishing campaign abusing Google Classroom, a platform trusted by millions of students and educators worldwide. Over the course of just one week, attackers launched five coordinated waves, distributing more than 115,000 phishing emails aimed at 13,500 organizations across multiple industries. Organizations in Europe, North America, the Middle East and Asia are being targeted. Turning a Trusted Tool into a Threat Vector Google Classroom is designed to connect teachers and students through invitations to join digital classrooms. Attackers exploited this trust by sending fake invitations that contained unrelated commercial offers, ranging from product […]

The post Phishing in the Classroom: 115,000 Emails Exploit Google Classroom to Target 13,500 Organizations appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/JCaq2dw
via
- No comments:
Labels:

CloudGuard WAF-as-a-Service now Live on AWS Marketplace

We are excited to announce that CloudGuard WAF-as-a-Service (WAFaaS) is now available on Amazon Web Services (AWS) Marketplace and verified as a “Deployed on AWS” solution. This release simplifies application and API protection for AWS customers. CloudGuard WAF was recognized in the Gartner Market Guide for Cloud Web Application and API Protection (WAAP) and named a Leader in the GigaOm Radar for the second consecutive year. It achieved a 99.4% threat detection rate and 0.81% false positives in the WAF Comparison Project, which evaluated 13 leading solutions. Now available as a pay-as-you-go service in AWS Marketplace, CloudGuard WAFaaS streamlines procurement […]

The post CloudGuard WAF-as-a-Service now Live on AWS Marketplace appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/KZJvINP
via
- No comments:
Labels:
Subscribe to: Posts (Atom)

Meet Yurei: The New Ransomware Group Rising from Open-Source Code

New Group, Fast Growth: Yurei ransomware first appeared on September 5, already listing three victims in Sri Lanka, India, and Nigeria with...