Lucene search
K

1282 matches found

CheckPoint Security
CheckPoint Security
added 2022/01/29 12:0 a.m.47 views

Check Point Response to CVE-2021-4034 - local privilege escalation in polkit's pkexec

Symptoms - A Local Privilege Escalation from any user to root was discovered in polkit's pkexec, a SUID-root program that is installed by default on every major Linux distribution. The vulnerability allows unprivileged users to run commands as privileged users according to predefined policies. Fo...

7.8CVSS7AI score0.94921EPSS
Exploits151
CheckPoint Security
CheckPoint Security
added 2022/01/17 12:0 a.m.73 views

Check Point Response to CVE-2021-36347, CVE-2021-36348, CVE-2021-36346, CVE-2021-3712 - Dell iDRAC8 / iDRAC9 vulnerabilities

Cause See Dell's DSA-2021-259: Dell EMC iDRAC Security Update for Multiple Security Vulnerabilities. CVE-2021-36347 CVE-2021-36348 CVE-2021-36346 CVE-2021-3712 Symptoms - Dell published CVE-2021-36347 for iDRAC8 versions before 2.82.82.82 and iDRAC9 versions before 5.00.20.00 - Dell published...

9CVSS6.9AI score0.50445EPSS
Exploits0
NVD
NVD
added 2022/01/10 2:10 p.m.23 views

CVE-2021-30360

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client...

7.8CVSS0.0057EPSS
Exploits1References2
Prion
Prion
added 2022/01/10 2:10 p.m.18 views

Design/Logic Flaw

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client...

7.2CVSS7.6AI score0.0057EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.5 views

Enterprise Endpoint Security 代码问题漏洞

Check Point Enterprise Endpoint Security is an advanced protection focused on traditional endpoints and modern mobile devices from Check Point Israel. A security vulnerability exists in Enterprise Endpoint Security E86.20 Windows Clients that originates from a user having access to the directory...

7.8CVSS7.4AI score0.0057EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/01/07 10:39 p.m.24 views

CVE-2021-30360

Users have access to the directory where the installation repair occurs. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted EXE in the repair folder which runs with the Check Point Remote Access Client...

7.8AI score0.0057EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2022/01/05 1:0 p.m.36 views

‘Malsmoke’ Exploits Microsoft’s E-Signature Verification

Threat actors are exploiting Microsoft’s digital signature verification to steal user credentials and other sensitive information by delivering the ZLoader malware, which previously has been used to distribute Ryuk and Conti ransomware, researchers have found. Researchers at Check Point Research...

7.4AI score
Exploits0References10
The Hacker News
The Hacker News
added 2022/01/05 11:0 a.m.172 views

New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification

An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft's digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been trackin...

8.8CVSS0.5AI score0.44647EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/12/28 9:47 a.m.18 views

Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers

Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that's dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2021/12/22 11:53 a.m.246 views

China suspends deal with Alibaba for not sharing Log4j 0-day first with the government

China's internet regulator, the Ministry of Industry and Information Technology MIIT, has temporarily suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months on account of the fact that it failed to promptly inform the governmen...

10CVSS10AI score0.99999EPSS
Exploits351
The Hacker News
The Hacker News
added 2021/12/17 7:19 a.m.480 views

New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency

Cryptocurrency users in Ethiopia, Nigeria, India, Guatemala, and the Philippines are being targeted by a new variant of the Phorpiex botnet called Twizt that has resulted in the theft of virtual coins amounting to $500,000 over the last one year. Israeli security firm Check Point Research, which...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/13 6:14 p.m.57 views

Log4Shell Is Spawning Even Nastier Mutations

The internet has a fast-spreading, malignant cancer – otherwise known as the Apache Log4j logging library exploit – that’s been rapidly mutating and attracting swarms of attackers since it was publicly disclosed last week. Most of the attacks focus on cryptocurrency mining done on victims’ dimes,...

10CVSS10AI score0.99999EPSS
Exploits351References52
CheckPoint Security
CheckPoint Security
added 2021/12/12 6:42 a.m.39 views

Check Point response to CVE-2021-43267

Symptoms A flaw was discovered in the cryptographic receive code in the Linux kernel's implementation of transparent inter-process communication. An attacker, with the ability to send TIPC messages to the target, can cause memory corruption and escalate privileges on the target system. Cause This...

7.5CVSS0.7AI score0.57853EPSS
Exploits2
CheckPoint Security
CheckPoint Security
added 2021/12/10 12:0 a.m.93 views

Check Point Response to Apache Log4j Remote Code Execution

Solution On December 10, 2021, a proof of concept of a vulnerability in the Apache Log4j Java library CVE-2021-44228 was published. The vulnerability may allow unauthenticated threat actors to obtain remote code execution. The severity of the vulnerability was deemed critical. The Check Point...

10CVSS9.6AI score0.99999EPSS
Exploits358
ThreatPost
ThreatPost
added 2021/12/08 2:47 p.m.16 views

Emotet’s Behavior & Spread Are Omens of Ransomware Attacks

The rapid spread of Emotet via TrickBot and its behavior since the malware resurfaced last month could signal that a spate of ransomware attacks are on the way, spurring researchers to warn organizations to buckle up and get ready. In mid-November, a team of researchers from Cryptolaemus, G DATA...

7.2AI score
Exploits0References23
The Hacker News
The Hacker News
added 2021/11/23 10:58 a.m.21 views

More Stealthier Version of BrazKing Android Malware Spotted in the Wild

Banking apps from Brazil are being targeted by a more elusive and stealthier version of an Android remote access trojan RAT that's capable of carrying out financial fraud attacks by stealing two-factor authentication 2FA codes and initiating rogue transactions from infected devices to transfer...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/11/16 6:52 a.m.26 views

New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks

A new politically-motivated hacker group named "Moses Staff" has been linked to a wave of targeted attacks targeting Israeli organizations since September 2021 with the goal of plundering and leaking sensitive information prior to encrypting their networks, with no option to regain access or...

6.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/03 7:47 p.m.33 views

Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign

The Mekotio Latin American banking trojan is bouncing back after several of the gang that operates it were arrested in Spain. More than 100 attacks in recent weeks have featured a new infection routine, indicating that the group continues to actively retool. “The new campaign started right after...

9.7AI score
Exploits0References6
CheckPoint Security
CheckPoint Security
added 2021/10/28 12:0 a.m.28 views

Check Point response to Apache CVEs - November 2021 for httpd versions between 2.4.41 and 2.4.51

Solution In November 2021, Apache open source published CVEs for httpd versions between 2.4.41 and 2.4.51 see the list of the CVEs in the "Cause" section. Check Point uses the Apache HTTP Server as the Web server for several of its user portals on both the Security Gateway Gaia Portal, Identity...

9.8CVSS8.4AI score0.99999EPSS
Exploits183
The Hacker News
The Hacker News
added 2021/10/27 11:16 a.m.20 views

Cyber Attack in Iran Reportedly Cripples Gas Stations Across the Country

A cyber attack in Iran left petrol stations across the country crippled, disrupting fuel sales and defacing electronic billboards to display messages challenging the regime's ability to distribute gasoline. Posts and videos circulated on social media showed messages that said, "Khamenei! Where is...

7AI score
Exploits0
Rows per page
Query Builder