Check Point VPN zero-day leaves thousands of devices exposed online. | CybSec Wizard

Cyber Security Wizard

Wizardry for Cyber

Cyber Security Wizard

TLDR:

A zero-day vulnerability affecting Check Point VPNs has been discovered
Exploitation attempts have been seen since April 7th, raising concerns among experts and government agencies

Thousands of internet-facing devices are vulnerable to a zero-day vulnerability in Check Point VPNs, allowing hackers to access sensitive information and potentially gain further network privileges. The bug, known as CVE-2024-24919, has prompted Check Point to release a fix, but exploitation attempts have been on the rise. The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed attacks using the bug and researchers have observed nearly 14,000 exposed devices globally. Most affected devices are Quantum Spark Gateways, indicating that smaller commercial organizations may be at risk. Check Point is working with affected customers to mitigate exploitation attempts, with the bug’s severity score being raised recently. Experts warn that products like these are prime targets for cybercriminals, particularly in industries such as banking and finance.

Full Article:

Thousands of internet-facing devices are vulnerable to a zero-day vulnerability in Check Point VPNs, allowing hackers to access sensitive information and potentially gain further network privileges. The bug, known as CVE-2024-24919, has prompted Check Point to release a fix, but exploitation attempts have been on the rise. The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed attacks using the bug and researchers have observed nearly 14,000 exposed devices globally. Most affected devices are Quantum Spark Gateways, indicating that smaller commercial organizations may be at risk. Check Point is working with affected customers to mitigate exploitation attempts, with the bug’s severity score being raised recently. Experts warn that products like these are prime targets for cybercriminals, particularly in industries such as banking and finance.

Post Views: 79

Adrian Johnson

Latest from Blog

Get the inside scoop on cybersecurity with Contrast CISO David Lindner

TLDR: SQL injection remains a problem that can be prevented with application detection and response. Implementing multi-factor authentication can help lower cybersecurity insurance costs. CISA’s role in election disinformation highlights the need

Stay ahead with the Cybersecurity Pulse Report: Black Hat 2024 Edition

Cybersecurity Pulse Report – Black Hat 2024 Edition Summary TLDR: This will be uploaded to wordpress and so you can start with a Cybersecurity Pulse Report – Black Hat 2024 Edition Key

Moody’s: Cyber insurance competition rises, prices fall

Moody’s Ratings: Cyber Insurance Competition Up, Prices Down TLDR: Cyber insurance market poised for growth due to increased demand. New players entering the market may decrease premiums. Article Summary The cyber insurance

Syxsense acquires Absolute to beat cyber vulnerabilities with strength

TLDR: Absolute Security has acquired Syxsense to enhance its cyber resilience platform. The acquisition will simplify patching and remediation issues through automation. Article Summary: Absolute Security has acquired Syxsense to improve its

Apache’s OFBiz gets new fix for RCE exploits

TLDR: Apache released a security update for OFBiz to patch vulnerabilities, including a bypass of patches for two exploited flaws. The bypass, tracked as CVE-2024-45195, allows unauthenticated remote attackers to execute code

Feds caution: Russia-linked CVE threats target essential infrastructure

TLDR: Threat groups linked to Russia’s military intelligence service are targeting critical infrastructure in various sectors. The attackers have defaced websites, scanned infrastructure, and leaked stolen data. Summary: Federal authorities in the

Allies blame Russian military for destructive cyber-attacks

TLDR: US and allies accuse Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. Unit 29155, a cyber group affiliated with the Russian military, is responsible for deploying

Brazil bans X, and Tom Alcock on cybersecurity talent hunt

TLDR: Key Points: Brazil banned X (Twitter) due to misinformation during the presidential election. Tom Alcock, founder of Code Red Partners, discussed the importance of cybersecurity talent recruitment beyond traditional methods. In

Palo Alto Networks acquires IBM’s QRadar Assets in SIEM victory

Article Summary TLDR: Palo Alto Networks has acquired IBM’s QRadar SaaS assets to enhance its cybersecurity capabilities. The integration of QRadar’s assets into Palo Alto Networks’ Cortex XSIAM platform will lead to

NIST CSF 20: Secure your cyber world with confidence framework

TLDR: NIST has released Version 2.0 of its Cybersecurity Framework (CSF) with an enhanced focus on Privileged Access Management (PAM) and Identity & Access Management (IAM). Key updates in NIST CSF 2.0