Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Check Point said it found the flaws in devices powered by MediaTek...

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

VoIP phones using Digium's software have been targeted to drop a web shell on their servers as part of an attack campaign designed to exfiltrate data by downloading and executing additional payloads. "The malware installs multilayer obfuscated PHP backdoors to the web server's file system,...

The vulnerability of clients under comprehensive network endpoint protection from Check Point Endpoint Security, which arises from the use of external control for selecting classes, allows attackers to disable the protection of certain network endpoints.

The vulnerability of Check Point Endpoint Security’s comprehensive network endpoint protection lies in the use of externally controlled input data for determining class assignments. Exploiting this vulnerability can allow an attacker to disable the protection for certain network endpoints...

CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator...

CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator...

CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator...

CVE-2022-23744

Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator...

CVE-2022-23744

Check Point Endpoint Security Client (before version E86.50) is affected by CVE-2022-23744 due to an unprotected registry change that lets a local administrator disable endpoint protection. Root cause: protection logic does not guard against specific registry modifications. Impact: local privileg...

Check Point response to CVE-2022-0778

Symptoms Dell published CVE-2022-0778 for: iDRAC8 versions before 2.83.83.83 iDRAC9 versions before 5.10.30.00 Cause Refer to DSA-2022-154: Dell iDRAC8 and Dell iDRAC9 Security Update for an OpenSSL Vulnerability. Solution Important Note: If you have not enabled iDRAC as described in sk122914, th...

Check Point Endpoint Security Client 安全漏洞

Check Point Endpoint Security Client is an endpoint security protection software from Check Point Israel. A security vulnerability exists in Check Point Endpoint Security Client. An attacker can cause a fatal error to occur by modifying an unprotected registry to trigger a denial of service...

State-Sponsored Phishing Attack Targeted Israeli Military Officials

An advanced persistent threat group, with ties to Iran, is believed behind a phishing campaign targeting high-profile government and military Israeli personnel, according to a report by Check Point Software. Targets of the campaign included a senior leadership in the Israeli defense industry, the...

Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

A critical security flaw has been uncovered in UNISOC's smartphone chipset that could be potentially weaponized to disrupt a smartphone's radio communications through a malformed packet. "Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in...

Chinese "Twisted Panda" Hackers Caught Spying on Russian Defense Institutes

At least two research institutes located in Russia and a third likely target in Belarus have been at the receiving end of an espionage attack by a Chinese nation-state advanced persistent threat APT. The attacks, codenamed "Twisted Panda," come in the backdrop of Russia's military invasion of...

Check Point Response to CVE-2022-24422 - Dell iDRAC9 Security Update for an Improper Authentication Vulnerability

Cause Refer to Dell's DSA-2022-068: Dell iDRAC9 Security Update for an Improper Authentication Vulnerability. Symptoms - Dell published CVE-2022-24422 for iDRAC9 versions 5.00.00.00 and higher but lower than 5.10.10.00. These versions contain an improper authentication vulnerability. A remote...

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

CVE-2022-23742

Affected software: Check Point Endpoint Security Client for Windows (versions earlier than E86.40). Vulnerability details: The EFRService copies forensics report files from a directory with insufficient privileges, allowing a local attacker to replace those files with malicious or linked content,...

CVE-2021-30361

The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission for the GUI Clients settings to inject a command that would run on the Gaia OS...