Security News > 2024 > June > Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution

Week in review: Attackers trying to access Check Point VPNs, NIST CSF 2.0 security metrics evolution
2024-06-02 08:00

Attackers are probing Check Point Remote Access VPN devicesAttackers are trying to gain access to Check Point VPN devices via local accounts protected only by passwords, the company has warned on Monday.

The evolution of security metrics for NIST CSF 2.0Combining effective use of metrics plus a deeper understanding of how security processes play out is the best way to build more security agility and enable teams to react more quickly and effectively.

Check Point VPN zero-day exploited since beginning of AprilAttackers have been exploiting CVE-2024-24919, a zero-day vulnerability in Check Point Security Gateways, to pinpoint and extract password hashes for local accounts, which they then used to move laterally in the target organizations' network.

Cybersecurity teams gear up for tougher challenges in 2024In this Help Net Security video, Tom Gorup, VP of Security Services at Edgio, discusses the continually changing threat landscape.

34% of organizations lack cloud cybersecurity skillsIncident response today is too time consuming and manual, leaving organizations vulnerable to damage due to their inability to efficiently investigate and respond to identified threats, according to Cado Security.

Digital ID adoption: Implementation and security concernsAs digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula.


News URL

https://www.helpnetsecurity.com/2024/06/02/week-in-review-attackers-trying-to-access-check-point-vpns-nist-csf-2-0-security-metrics-evolution/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-05-28 CVE-2024-24919 Unspecified vulnerability in Checkpoint products
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades.
network
low complexity
checkpoint
8.6