Check Point Software

Check Point continues to grow our offerings and capabilities for the Amazon Web Services (AWS) cloud. Over the last year, we’ve expanded our capabilities with AWS Gateway Load Balancers and AWS Cloud WAN, and we’ve launched CloudGuard WAF-as-a-Service on AWS Marketplace. We’ve expanded our Infinity and Harmony offerings on AWS Marketplace as well, from Infinity Playblocks, which enhances SOC security, to Harmony solutions that prevent threats for SaaS implementations, defend against browser-based attacks, and protect email and collaboration applications. Our products continue to use AI and machine learning to not only save time and effort for security teams, but also The post Discover Check Point’s AI-powered, cloud-delivered security solutions at AWS re:Inforce 2025 appeared first on Check Point Blog.

Attackers took advantage of a Discord feature that lets expired or deleted invite links be reused, allowing them to hijack trusted community links and redirect users to harmful servers. The attack tricks users with a fake verification bot and phishing site that look like legitimate Discord servers, leading victims to unknowingly run harmful commands that download malware on their computer. The malware spreads quietly in multiple steps using popular, trusted services like GitHub and Pastebin to hide its activity and avoid detection. The attackers mainly target cryptocurrency users and aim to make money by stealing credentials and wallet information from The post Hijacked Trust: How Malicious Actors Exploited Discord’s Invite System to Launch Global Multi-Stage Attacks appeared first on Check Point Blog.

Over 39,000 new vacation-related domains registered in May 2025, with 1 in 21 flagged as malicious or suspicious—cyber criminals target travel enthusiasts and property owners through phishing scams mimicking popular platforms like Airbnb and Booking.com. As summer travel season kicks into high gear, cybercriminals are following the crowds online. Check Point Research (CPR) has uncovered a sharp spike in cyber threats tied to the hospitality and travel sector, with a 55% increase in newly created domains related to holidays and vacations in May 2025 compared to the same period last year. Of over 39,000 domains registered, one in every 21 The post Check Point Research Warns of Holiday-Themed Phishing Surge as Summer Travel Season Begins appeared first on Check Point Blog.

Managed service providers (MSPs) are facing a pivotal moment. As businesses of all sizes continue to adopt cloud platforms, hybrid work models, and mobile-first strategies, MSPs are being tasked with delivering stronger, faster, and more comprehensive cyber security services, many times with fewer resources. To be successful, MSPs need more than just a collection of tools. They need unified, intelligent, and scalable platforms that simplify their operations and empower them to grow. Check Point’s new strategic partnership with Pax8 is helping to redefine how MSPs access, manage, and deliver world-class cyber security. Check Point’s Infinity Portal will now be available The post Check Point and Pax8 Partnership Provides Powerful New Security Offerings for MSPs appeared first on Check Point Blog.

Inside Stealth Falcon’s Espionage Campaign Using a Microsoft Zero-Day Check Point Research (CPR) identified a previously unknown Windows vulnerability (CVE-2025-33053) being actively exploited in the wild. Following CPR’s responsible disclosure, Microsoft released a patch on its June 10th Patch Tuesday The zero-day was used in a targeted espionage operation likely conducted by Stealth Falcon, a threat group known to target entities in the Middle East and Africa. The attack chain begins with a deceptive internet shortcut (.url file) that silently triggers malware hosted on an attacker-controlled WebDAV server, abusing legitimate Windows tools in the process. The operation deployed a sophisticated The post Inside Stealth Falcon’s Espionage Campaign Using a Microsoft Zero-Day appeared first on Check Point Blog.

The global travel industry is flying high once again, but alongside its recovery comes a surge in digital turbulence. As travel demand surges and operations digitize at an unprecedented rate, cyber criminals are seizing new opportunities to exploit vulnerabilities in this data-rich, highly interconnected sector. A new report from Check Point shows that from 2023 to 2025, cyber attacks targeting travel and tour operators surged dramatically. Distributed denial of service (DDoS) attacks, ransomware campaigns, phishing schemes, and third-party compromises have plagued the industry, often with devastating consequences. This blog explores the latest travel threat trends, showcases real-world examples, and shares The post Cyber Risks Take Flight, Navigating the Evolving Threat Landscape in the Travel Industry appeared first on Check Point Blog.

 Cyber criminals are becoming more brazen, and this month, research highlights the rise of SafePay, a relatively new but increasingly active ransomware group that has quickly established itself as a key player in the cyber crime ecosystem. Meanwhile, FakeUpdates remains a dominant force, continuing to impact global organizations at an alarming rate. The education sector remains the most targeted industry, illustrating persistent vulnerabilities across institutions. SafePay Leads the Ransomware Group Rankings SafePay, first identified in November 2024, has emerged as the most prevalent ransomware group this month. SafePay uses a double-extortion strategy: encrypting files while exfiltrating sensitive data to further The post May 2025 Malware Spotlight: SafePay Surges to the Forefront of Cyber Threats appeared first on Check Point Blog.

Breaches are not a matter of if but when, which is why relying solely on passwords is a dangerous oversight. As the Product Security Manager for Harmony SASE, I’ve seen the destruction firsthand, and I’m here to tell you that MFA is not just “good practice” — it’s the absolute minimum standard of care. Why MFA? Because Your Passwords Are Already Compromised Let’s start with the why. If you think your users’ passwords are secret, think again. Credential dumps from breached companies are traded daily on the dark web. Password reuse is rampant. Phishing attacks are more sophisticated than ever, The post No Excuses: Why Multi-Factor Authentication is Non-Negotiable appeared first on Check Point Blog.

Cloud environments are evolving faster than many security teams can adapt. As hybrid, multi-cloud, edge, and SaaS adoption accelerates, organizations face fragmented systems, inconsistent controls, and widening attack surfaces. Threat detection is often delayed, tools are overwhelmed, and many defenses have become outdated, all while attackers are scaling and automating attacks. Check Point commissioned a survey of over 900 CISOs and IT decision-makers in early 2025 to understand how security leaders are responding. The results reveal real challenges – but also opportunities to level up cloud security. The following are six takeaways from this year’s report, as well as steps The post 6 Key Insights from Check Point’s Cloud Security Report 2025 appeared first on Check Point Blog.

How the market is evolving and why now, more than ever, you need an AI powered WAF What defines a next-generation web application and API protection (WAAP) platform? How can security teams keep pace with today’s fast-moving, API-driven threat landscape without slowing down innovation? According to the latest Gartner Market Guide for WAAP: “Security and risk management leaders can use this market guide to analyze the cloud WAAP market and select solutions that meet their organization’s needs.” In this article, we’ll explore key takeaways from the guide and highlight how CloudGuard WAF delivers those requirements through a prevention- first, AI-powered The post Understanding Gartner Market Guide for Cloud Web Application and API Protection: How CloudGuard WAF Sets a New Standard in Web & API Protection appeared first on Check Point Blog.