Latest news with #CheckPoint
Yahoo
4 hours ago
- Business
- Yahoo
Check Point Software to Announce 2025 Second Quarter Financial Results on July 30, 2025
TEL AVIV, Israel, July 01, 2025 (GLOBE NEWSWIRE) -- Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber security solutions globally, today announced that it will release its financial results for the second quarter ended June 30, 2025, on Wednesday, July 30, 2025, before the U.S. financial markets open. Management will host a video conference call with the investment community at 8:30 AM EST/5:30 AM PST on July 30, 2025. A live video webcast of the call will be hosted on the company's website at To follow this and other Check Point news visit: LinkedIn: YouTube: Blog: X (Formerly known as Twitter): About Check Point Software Technologies Ltd. Check Point Software Technologies Ltd. ( is a leading protector of digital trust, utilizing AI-powered cyber security solutions to safeguard over 100,000 organizations globally. Through its Infinity Platform and an open garden ecosystem, Check Point's prevention-first approach delivers industry-leading security efficacy while reducing risk. Employing a hybrid mesh network architecture with SASE at its core, the Infinity Platform unifies the management of on-premises, cloud, and workspace environments to offer flexibility, simplicity and scale for enterprises and service providers. ©2025 Check Point Software Technologies Ltd. All rights reserved INVESTOR CONTACT: MEDIA CONTACT: Kip E. Meintzer Gil Messing Check Point Software Check Point Software +1.650.628.2040 +1.650.628.2260 ir@ press@
Techday NZ
12 hours ago
- Business
- Techday NZ
AI drives 80 percent of phishing with USD $112 million lost in India
Artificial intelligence has become the predominant tool in cybercrime, according to recent research and data from law enforcement and the cybersecurity sector. AI's growing influence A June 2025 report revealed that AI is now utilised in 80 percent of all phishing campaigns analysed this year. This marks a shift from traditional, manually created scams to attacks fuelled by machine-generated deception. Concurrently, Indian police recorded that criminals stole the equivalent of USD $112 million in a single state between January and May 2025, attributing the sharp rise in financial losses to AI-assisted fraudulent operations. These findings are reflected in the daily experiences of security professionals, who observe an increasing use of automation in social engineering, malware development, and reconnaissance. The pace at which cyber attackers are operating is a significant challenge for current defensive strategies. Methods of attack Large language models are now being deployed to analyse public-facing employee data and construct highly personalised phishing messages. These emails replicate a victim's communication style, job role and business context. Additionally, deepfake technology has enabled attackers to create convincing audio and video content. Notably, an incident in Hong Kong this year saw a finance officer send HK $200 million after participating in a deepfake video call bearing the likeness of their chief executive. Generative AI is also powering the development of malware capable of altering its own code and behaviour within hours. This constant mutation enables it to bypass traditional defences like endpoint detection and sandboxing solutions. Another tactic, platform impersonation, was highlighted by Check Point, which identified fake online ads for a popular AI image generator. These ads redirected users to malicious software disguised as legitimate installers, merging advanced loader techniques with sophisticated social engineering. The overall result is a landscape where AI lowers the barriers to entry for cyber criminals while amplifying the reach and accuracy of their attacks. Regulatory landscape Regulators are under pressure to keep pace with the changing threat environment. The European Union's AI Act, described as the first horizontal regulation of its kind, became effective last year. However, significant obligations affecting general-purpose AI systems will begin from August 2025. Industry groups in Brussels have requested a delay on compliance deadlines due to uncertainty over some of the rules, but firms developing or deploying AI will soon be subject to financial penalties for not adhering to the regulations. Guidance issued under the Act directly links the risks posed by advanced AI models to cybersecurity, including the creation of adaptive malware and the automation of phishing. This has created an expectation that security and responsible AI management are now interrelated priorities for organisations. Company boards are expected to treat the risks associated with generative models with the same seriousness as data protection or financial governance risks. Defensive measures A number of strategies have been recommended in response to the evolving threat environment. Top of the list is the deployment of behaviour-based detection systems that use machine learning in conjunction with threat intelligence, as traditional signature-based tools struggle against ever-changing AI-generated malware. Regular vulnerability assessments and penetration testing, ideally by CREST-accredited experts, are also regarded as essential to expose weaknesses overlooked by both automated and manual processes. Verification protocols for audio and video content are another priority. Using additional communication channels or biometric checks can help prevent fraudulent transactions initiated by synthetic media. Adopting zero-trust architectures, which strictly limit user privileges and segment networks, is advised to contain potential breaches. Teams managing AI-related projects should map inputs and outputs, track possible abuse cases, and retain detailed logs in order to meet audit obligations under the forthcoming EU regulations. Staff training programmes are also shifting focus. Employees are being taught to recognise subtle cues and nuanced context, rather than relying on spotting poor grammar or spelling mistakes as indicators of phishing attempts. Training simulations must evolve alongside the sophistication of modern cyber attacks. The human factor Despite advancements in technology, experts reiterate that people remain a core part of the defence against AI-driven cybercrime. Attackers are leveraging speed and scale, but defenders can rely on creativity, expertise, and interdisciplinary collaboration. "Technology alone will not solve AI‑enabled cybercrime. Attackers rely on speed and scale, but defenders can leverage creativity, domain expertise and cross‑disciplinary thinking. Pair seasoned red‑teamers with automated fuzzers; combine SOC analysts' intuition with real‑time ML insights; empower finance and HR staff to challenge 'urgent' requests no matter how realistic the voice on the call," said Himali Dhande, Cybersecurity Operations Lead at Borderless CS. The path ahead There is a consensus among experts that the landscape has been permanently altered by the widespread adoption of AI. It is increasingly seen as necessary for organisations to shift from responding to known threats to anticipating future methods of attack. Proactive security, embedded into every project and process, is viewed as essential not only for compliance but also for continued protection. Borderless CS stated it, "continues to track AI‐driven attack vectors and integrate them into our penetration‐testing methodology, ensuring our clients stay ahead of a rapidly accelerating adversary. Let's shift from reacting to yesterday's exploits to pre‐empting tomorrow's."
The Citizen
4 days ago
- Business
- The Citizen
Growing concern of cybercrime amid property market resurgence
As more South Africans take advantage of favourable economic conditions and stable interest rates to apply for home loans, the real estate sector is showing promising growth. However, the property boom is overshadowed by the rising threat of online fraud: 'Firstly, the emergence of AI-powered cybercrime is increasingly undermining the integrity of property transactions,' says Jackie Smith, Head of Buyers Trust, a secure, bank-hosted deposit platform for homebuyers. 'Secondly, in a largely traditional industry where a homebuyer will simply transfer a large deposit to a third party like a conveyancer or estate agent, the risks are high,' she says, adding that a large portion of the country's estate agencies and conveyancing attorneys are SMEs who unfortunately lack the cyber infrastructure required. Data Points to Increased Risk of Online Fraud in the Home Loan Sector Cybersecurity firm ESET's latest bi-annual Threat Report indicates that South Africa endured the highest number of ransomware and infostealer attacks in Africa during the second half of 2024. And, according to reports by cybersecurity company Check Point in early 2023, 1 in every 15 organisations in Africa experienced a ransomware attempt each week — nearly double that of the global average of 1 in 31. 'These widespread attacks are aimed at individuals, small businesses and large institutions alike,' shares Smith. 'Phishing emails and fake documentation are now powered by AI, and these criminals are exploiting the complexity and speed of property deals by inserting themselves into the process.' The most recent South African Banking Risk Information Centre (SABRIC) Annual Crime Statistics show that fraudulent applications for home and mortgage loans saw a 46% increase. Actual losses over the period due to these fraudulent applications more than doubled too. Smith shares that the perpetrators conduct home loan fraud through the following methods: Misrepresent income, employment history or debt levels Use stolen or fabricated identities Inflate or fake valuations of properties Recruit of 'straw buyers' with good credit to cover the real buyer's identity Forge documentation such as payslips or bank statements 'The reality is that fraud has become a professional service, with software platforms empowering criminals with the tools they need to easily access your personal information,' continues Smith, 'Sophisticated phishing scams and convincing deepfakes are increasing our online risk – making it essential to adopt extra security measures when deciding where to place your home deposit.' Smith points to a recent case making news headlines as a prime example of the risk that general consumers face when handing over large, hard earned sums of money. 'According to the Legal Practice Fidelity Fund, over R1.4 billion has been stolen from 561 client trust funds, allegedly by the same legal professionals who were empowered to protect their clients' funds. Of these, only 59 convictions have been made in seven years, with just 25 resulting in jail time.' How to Avoid Becoming a Victim In an environment where both digital fraud and professional misconduct are rising, secure deposit handling has never been more critical. 'Too many buyers still transfer funds manually to accounts they can't independently verify,' Smith warns. 'That's why using a secure, audited, and bank-integrated platform like Buyers Trust is essential. Your deposit doesn't sit in an individual's account, it's held securely in a dedicated bank-hosted facility until the deal is finalised.' Smith shares several top tips to aid buyers as follows: Verify payment details : Validate any banking details from the bank in question before making a deposit. 'It's strongly advised that you call the person/ organisation in question (don't email them) using a number that you have sourced yourself, and not from an email footer.' : Validate any banking details from the bank in question before making a deposit. 'It's strongly advised that you call the person/ organisation in question (don't email them) using a number that you have sourced yourself, and not from an email footer.' Be vigilant: Take extra care when receiving emails with links or attachments that seem suspicious. 'In a case where its linked to a property transaction, you can once again call the provider prior to opening it to ensure that it's legitimate.' Take extra care when receiving emails with links or attachments that seem suspicious. 'In a case where its linked to a property transaction, you can once again call the provider prior to opening it to ensure that it's legitimate.' Put added security measures in place: 'Make sure that you keep your devices up to date with anti-malware software and that you choose strong passwords which are not easy for an attacker to guess.' 'Make sure that you keep your devices up to date with anti-malware software and that you choose strong passwords which are not easy for an attacker to guess.' Question authority: 'Just because someone has a title doesn't mean that they're always trustworthy. Always ask where and how your deposit is being held. 'At the end of the day, your property purchase is one of the most significant financial decisions you'll make. Don't let trust and a lack of due diligence be your biggest risks,' concludes Smith. Issued by: Jess Gois
TECHx
5 days ago
- TECHx
Check Point Uncovers Malware Targeting AI Detection Tools
Home » Emerging technologies » Cyber Security » Check Point Uncovers Malware Targeting AI Detection Tools Check Point Research has revealed the first known attempt of malware designed to manipulate AI-based security systems using prompt injection techniques. The discovery highlights a shift in cyberattack strategies as threat actors begin targeting large language models (LLMs). The malware embedded natural-language text within its code to trick AI models into misclassifying it as safe. This method specifically targeted AI-assisted malware analysis workflows. The attempt, however, was unsuccessful. Check Point reported that this marks the beginning of what it calls 'AI Evasion' a new threat category where malware aims to subvert AI-powered detection tools. The company warns that this could signal the start of adversarial tactics aimed directly at AI. Uploaded anonymously to VirusTotal in June from the Netherlands, the malware included TOR components and sandbox evasion features. What stood out was a hardcoded C++ string acting as a prompt to the AI, instructing it to act like a calculator and respond with 'NO MALWARE DETECTED.' Despite the evasion attempt, Check Point's AI analysis system correctly flagged the malware and identified the prompt injection. Key findings:• First documented use of prompt injection in malware• AI model manipulation attempts failed but raise concerns • Check Point labels the tactic as part of a new AI Evasion trend Eli Smadja, Research Group Manager at Check Point Software Technologies, stated, 'This is a wake-up call for the industry. We're seeing malware that's not just trying to evade detection it's trying to manipulate AI itself.' Check Point believes this mirrors past cybersecurity shifts, such as the evolution of sandbox evasion, and anticipates an emerging arms race between AI defenders and AI-aware attackers.
Forbes
6 days ago
- Entertainment
- Forbes
Minecraft's New Villains—This Hostile Mob Steals Everything
Minecraft's nasty new attackers. Minecraft players are under attack — but not in the usual way. A new report warns players are at risk with some real-world consequences if they're caught out. This is one of the most popular games in the world — the threat is serious. 'With approximately 65% of Minecraft's player base under the age of 21,' Check Point says, 'the platform presents an attractive target for cyber criminals looking to exploit a large, engaged, and often less-protected audience.' That last point is critical. Minecraft is hugely popular amongst kids, which is one of the least cyber aware groups around. Casual downloads from a wide array of websites haunts parents the world over. And attackers know this all too well. BBC News says 'the game seems able absorb the attention of children for up to hours at a time – no mean feat in our distraction-filled age. Some parents fear their children's interest in Minecraft can border on obsession, or even addiction, as they struggle to tear them away from the computer screen.' FEATURED | Frase ByForbes™ Unscramble The Anagram To Reveal The Phrase Pinpoint By Linkedin Guess The Category Queens By Linkedin Crown Each Region Crossclimb By Linkedin Unlock A Trivia Ladder Set against the backdrop of the game, the movie and even the Happy Meal, Check Point now warns it has 'uncovered a multistage malware campaign in which the malware itself was embedded within fake Minecraft mods, shared on GitHub to specifically target active players.' And that includes all those young players. The attack is built around 'a Java downloader, a second-stage stealer, and a final advanced stealer that harvests passwords, crypto wallets, and other sensitive data.' And while many of the players may not have much in the way of crypto and high-value passwords themselves, often the shared devices they're using will do. Check Point says more than a million Minecraft players 'actively mod Minecraft.' It has become part of the landscape, opening the door to random installs and downloads. 'Part of its appeal comes from the ability to customize and enhance the game through mods, user-created tools that improve gameplay, fix bugs, and add new content.' Check Point says this is 'likely' Russian villainy at work. 'Russian-language comments and behavior aligned with the UTC+3 time zone suggest the malware was developed by a Russian-speaking attacker.' Check Point detected a campaign against players using the Stargazers Ghost Network, which it says 'operates under a distribution-as-a-service (DaaS) model, leveraging multiple GitHub accounts to spread malicious links and malware at scale.' Masquerading as cheat tools like Oringo and Taunahi, the files 'look legitimate, targeting players seeking new tools and enhancements. In reality, they contain a Java-based downloader, a small piece of malware designed to quietly install additional malicious software on the victim's device.' The mod is coded to check whether it's operating in a virtual environment — which might mean a security analyst's machine — to avoid detection. 'If no virtual environment or analysis tools are detected, it proceeds to the next phase.' This second-stage is the download of a malware payload 'designed to steal sensitive information. This is followed by a third and final component: a more advanced spyware tool capable of harvesting credentials from web browsers, cryptocurrency wallets, and applications such as Discord, Steam, and Telegram.' The malware can even capture screenshots from a user's device and transmit this to its handlers. 'Stolen data is discreetly bundled and exfiltrated via Discord, a tactic that allows the activity to blend in with legitimate traffic.' Minecraft is the perfect 'playground for cyber criminals,' given its install base, the ease of pushing out downloads, and the cyber naivety of many users. 'Because files often appear harmless and can slip past traditional defenses, any Minecraft player is at risk.' The researchers warn users to do the following:
