Check Point releases emergency fix for VPN zero-day exploited in attacks

Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks.
On Monday, the company first warned about a spike in attacks targeting VPN devices, sharing recommendations on how admins can protect their devices.
Later, it discovered the source of the problem, a zero-day flaw that hackers exploited against its customers.
Tracked as CVE-2024-24919, the high-severity information disclosure vulnerability enables attackers to read certain information on internet-exposed Check Point Security Gateways with remote Access VPN or Mobile Access Software Blades enabled.
The vendor says the process should take approximately 10 minutes, and a reboot is required.
After the hotfix is installed, login attempts using weak credentials and authentication methods will be automatically blocked, and a log will be created.
Hotfixes have been made available for end-of-life versions, too, but they must be downloaded and applied manually.
Check Point created a FAQ page with additional information about CVE-2024-24919, IPS signature, and manual hotfix installation instructions.
Those unable to apply the update are advised to enhance their security stance by updating the Active Directory password that the Security Gateway uses for authentication.
Check Point has created a remote access validation script that can be uploaded onto 'SmartConsole' and executed to review the results and take appropriate actions.
More information on updating the AD password and using the 'VPNcheck.
Sh' script are available on Check Point's security bulletin.
Google Chrome emergency update fixes 6th zero-day exploited in 2024.
Google fixes fifth Chrome zero-day exploited in attacks this year.
Hackers target Check Point VPNs to breach enterprise networks.
Google fixes eighth actively exploited Chrome zero-day this year.
QNAP QTS zero-day in Share feature gets public RCE exploit.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 29 May 2024 13:35:41 +0000

Cyber News related to Check Point releases emergency fix for VPN zero-day exploited in attacks

Check Point released hotfix for actively exploited VPN zero-day - MUST READ. Check Point released hotfix for actively exploited VPN zero-day. Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Apple ...
5 months ago Securityaffairs.com

Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
5 months ago Cybersecurity-insiders.com

Check Point VPN zero-day exploited in attacks since April 30 - Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims' networks in successful attacks. Check Point warned ...
5 months ago Bleepingcomputer.com

Check Point releases emergency fix for VPN zero-day exploited in attacks - Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. On Monday, the company first warned about a spike in attacks targeting VPN devices, ...
5 months ago Bleepingcomputer.com

Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own - Apple has released security updates to fix a zero-day vulnerability in the Safari web browser exploited during this year's Pwn2Own Vancouver hacking competition. The company addressed the security flaw on systems running macOS Monterey and macOS ...
5 months ago Bleepingcomputer.com

New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
4 months ago Securityaffairs.com

Days After Google, Apple Reveals Exploited Zero-Day in Browser Engine - Apple has patched an actively exploited zero-day bug in its WebKit browser engine for Safari. Actively Exploited Apple yesterday described the vulnerability as something an attacker could exploit to execute arbitrary code on affected systems. ...
9 months ago Darkreading.com

North Korean Kimsuky used a new Linux backdoor in recent attacks - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 ...
5 months ago Securityaffairs.com

10 of the biggest zero-day attacks of 2023 - Here are 10 of the biggest zero-day attacks of 2023 in chronological order. Zero-day attacks started strong in 2023 with CVE-2023-0669, a pre-authentication command injection vulnerability in Fortra's GoAnywhere managed file transfer product. ...
10 months ago Techtarget.com

newsletter Round 473 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
5 months ago Securityaffairs.com

Sav-Rx data breach impacted over 2.8 million individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach government networks. Microsoft fixed two zero-day bugs exploited in malware ...
5 months ago Securityaffairs.com

Apple fixes two new iOS zero-days in emergency updates - Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. "Apple is aware of a report that this issue may ...
11 months ago Bleepingcomputer.com

Mullvad VPN Review: Features, Pricing, Pros & Cons - Visit Mullvad VPN. Mullvad VPN has built a solid reputation for being one of the best privacy-focused VPNs on the market. Visit Mullvad VPN. Mullvad offers a flat rate of €5 or $5.48 per month, regardless of subscription length. If you're looking ...
9 months ago Techrepublic.com

Atlas VPN Free vs. Premium: Which Plan Is Best For You? - When VPN providers offer free versions, you may be inclined to stick with that version. Atlas VPN Free is a lifetime-free version of the Atlas VPN service, which allows users to enjoy VPN services in four locations. In comparison, Atlas VPN Premium ...
8 months ago Techrepublic.com

Cybersecurity Insiders - As the threat landscape rapidly evolves, VPNs cannot provide the secure, segmented access organizations need. The 2023 VPN Risk Report reveals the complexity of today's VPN management, user experience issues, vulnerabilities to diverse cyberattacks, ...
10 months ago Cybersecurity-insiders.com

Healthcare firm WebTPA data breach impacted 2.5M individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach ...
5 months ago Securityaffairs.com

newsletter Round 478 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
4 months ago Securityaffairs.com

5 Best VPNs for Travel in 2024 - VPNs are software that encrypt your online activity and adjust your IP address, protecting sensitive company data and allowing you to access geo-restricted content at the same time. In this article, we take a look at the five best VPNs for travelers. ...
7 months ago Techrepublic.com

Microsoft fixes Windows zero-day exploited in QakBot malware attacks - Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. Tracked as CVE-2024-30051, this privilege escalation bug is caused by a heap-based buffer overflow in the ...
5 months ago Bleepingcomputer.com

BreachForums resurrected after FBI seizure - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group ...
5 months ago Securityaffairs.com

Google fixes first actively exploited Chrome zero-day of 2024 - Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide ...
9 months ago Bleepingcomputer.com

Ivanti Connect Secure zero-days now under mass exploitation - Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control appliances are now under mass exploitation. As discovered by threat intelligence company Volexity, which also first spotted the zero-days ...
9 months ago Bleepingcomputer.com

Russia-linked group APT29 likely breached TeamViewer - Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Finnish police linked APT31 to the 2021 parliament attack. BianLian group exploits JetBrains TeamCity bugs in ...
4 months ago Securityaffairs.com

Impact of Remote Work and Cloud Migrations on Security Perimeters - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
5 months ago Securityaffairs.com

newsletter Round 474 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Critical Fortinet's ...
5 months ago Securityaffairs.com

Latest Cyber News

CVE-2024-43434 - 4 hours ago
CVE-2024-43436 - 4 hours ago
CVE-2024-43438 - 4 hours ago
CVE-2024-43440 - 4 hours ago
CVE-2024-43425 - 4 hours ago
CVE-2024-43426 - 4 hours ago
CVE-2024-43428 - 4 hours ago
CVE-2024-43431 - 4 hours ago
CVE-2024-8442 - 5 hours ago
CVE-2024-24914 - 6 hours ago
CVE-2024-10526 - 7 hours ago
CVE-2024-50169 - 8 hours ago
CVE-2024-50170 - 8 hours ago
CVE-2024-50171 - 8 hours ago
CVE-2024-50172 - 8 hours ago
CVE-2024-51504 - 8 hours ago
CVE-2024-50155 - 8 hours ago
CVE-2024-50156 - 8 hours ago
CVE-2024-50157 - 8 hours ago
CVE-2024-50158 - 8 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10081 - 1 day ago
CVE-2024-10082 - 1 day ago
CVE-2024-10916 - 1 day ago
CVE-2024-35146 - 1 day ago
CVE-2024-6861 - 1 day ago
CVE-2024-10919 - 1 day ago
CVE-2024-10920 - 1 day ago
CVE-2024-10318 - 1 day ago
CVE-2024-20371 - 1 day ago
CVE-2024-20418 - 1 day ago
CVE-2024-20445 - 1 day ago
CVE-2024-20457 - 1 day ago
CVE-2024-20476 - 1 day ago
CVE-2024-20484 - 1 day ago
CVE-2024-20487 - 1 day ago
CVE-2024-20504 - 1 day ago
CVE-2024-20507 - 1 day ago
CVE-2024-20511 - 1 day ago
CVE-2024-20514 - 1 day ago
CVE-2024-20525 - 1 day ago