blog.checkpoint.com
Open in
urlscan Pro
18.65.125.91
Public Scan
Submitted URL: https://click.checkpoint.com/NzUwLURRSC01MjgAAAGTX5z2Ov9n21jlSBjnwm5qTOSKoI8hotWxHfgGvSh3Ni3b-5boRUVKtA5nUgYL64eaSIyFUOM=
Effective URL: https://blog.checkpoint.com/security/enhance-your-vpn-security-posture/?mkt_tok=NzUwLURRSC01MjgAAAGTX5z2OqyPjq69iWMYe-EjEjAW...
Submission: On June 03 via manual from SG — Scanned from SG
Effective URL: https://blog.checkpoint.com/security/enhance-your-vpn-security-posture/?mkt_tok=NzUwLURRSC01MjgAAAGTX5z2OqyPjq69iWMYe-EjEjAW...
Submission: On June 03 via manual from SG — Scanned from SG
Form analysis 3 forms found in the DOM
<form id="search-form">
<input type="image" src="https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png" value="Submit" alt="Search"><input type="text" id="stq" name="stq" class="st-search-input" placeholder="Enter your keywords..."
x-webkit-speech="" x-webkit-grammar="builtin:search" autocomplete="off" aria-label="Search Term">
</form><form id="search-form1">
<label style="display: none;">Search</label>
<input type="image" src="https://www.checkpoint.com/wp-content/themes/checkpoint-theme-v2/images/search-btn.png" value="Submit" alt="Search"><input type="text" id="stq1" name="stq1" class="st-search-input" placeholder="Enter your keywords..."
x-webkit-speech="" x-webkit-grammar="builtin:search" autocomplete="off" aria-label="Search Term">
</form>GET /
<form action="/" id="searchform" class="search-form" method="get">
<div class="form-group">
<input type="search" name="s" class="search-form__input" autocomplete="off" placeholder="Search ...">
<button type="submit" class="btn search-form__submit"><i class="atbs-atoms-icon-right-arrow"></i></button>
</div>
</form>Text Content
Get a Demo Contact Us Support Log In
* Search
*
* Geo Menu
* * Choose your language...
* English (English)
* Spanish (Español)
* French (Français)
* German (Deutsch)
* Italian (Italiano)
* Portuguese (Português)
* Japanese (日本語)
* Chinese (中文)
* Korean (한국어)
* Taiwan (繁體中文)
* Solutions
* * Use Cases
* Industry
* Organization Size
* Hybrid Cloud
* Zero Trust & Least Privilege
* Developer Security & Operations
* IoT Security Solutions
* Anti-Ransomware
* SD-WAN
SEE HOW USE CASES COME TO LIFE THROUGH CHECK POINT'S CUSTOMER STORIES.
Learn More
* Retail
* Financial Services
* Federal Government
* State & Local Government
* Healthcare
* Telco Service Provider
* Education
SEE HOW USE CASES COME TO LIFE THROUGH CHECK POINT'S CUSTOMER STORIES.
Learn More
* Enterprise
* Small & Medium Business
SEE HOW USE CASES COME TO LIFE THROUGH CHECK POINT'S CUSTOMER STORIES.
Learn More
* Platform
* * Infinity Platform
* Secure the Network
* Secure the Cloud
* Secure the Workspace
* Security Operations and AI
Explore Infinity
* Platform Overview
* Infinity Core Services
* Infinity PortalAccess Infinity Portal
* Infinity Platform AgreementPredictable cyber-security environments
through a platform agreement
AI-POWERED THREAT PREVENTION
Learn More
Explore Quantum
* Next Generation Firewall (NGFW) Security GatewayIndustry-leading AI
powered security gateways for modern enterprises
* SD-WANSoftware Defined Wide Area networks converging security with
networking
* Security Policy and Threat ManagementManage firewall and security policy
on a unified platform for on-premises and cloud networks
* Operational Technology and Internet of Things (IoT) Autonomous IoT/OT
threat prevention with zero-trust profiling, virtual patching and
segmentation
* Remote Access VPN Secure, seamless remote access to corporate networks
AI-POWERED THREAT PREVENTION
Learn More
Explore CloudGuard
* Cloud Network Security Industry-leading threat prevention through
cloud-native firewalls
* Cloud Native Application Protection PlatformCloud native prevention first
security
* Code SecurityDeveloper centric code security
* Web Application and API SecurityAutomated application and API security
AI-POWERED THREAT PREVENTION
Learn More
Explore Harmony
* Email and Collaboration SecurityEmail security including office &
collaboration apps
* Endpoint SecurityComprehensive endpoint protection to prevent attacks &
data compromise
* Mobile SecurityComplete protection for the mobile workforce across all
mobile devices
* SASEUnifying security with optimized internet and network connectivity
AI-POWERED THREAT PREVENTION
Learn More
Security Operations and AI
* Managed Prevention & Response ServiceSOC operations as a service with
Infinty MDR/MPR
* Extended Prevention & ResponseAI-Powered, Cloud-Delivered Security
Operations with Infinity XDR/XPR
* Secure Automation and CollaborationAutomate response playbooks with
Infinity Playblocks
* Unified Security Events and Logs as a ServiceInfinity Events cloud-based
analysis, monitoring and reporting
* AI Powered TeammateAutomated Security Admin & Incident Response with AI
Copilot
* ThreatCloud AIThe Brain behind Check Point’s threat prevention
AI-POWERED THREAT PREVENTION
Learn More
* Support & Services
* * Assess
* Transform
* Master
* Respond
* Manage
* Support
Explore Assess Services
* Cyber Security Risk AssessmentAssess cyber security maturity and plan
actionable goals
* Penetration TestingEvaluate security defenses against potential cyber
attacks and threats
* Security Controls Gap Analysis
(NIST CIST)Analyze technology gaps and plan solutions for improved
security and ROI
* Threat IntelligenceAnalyzed data on cyber threats, aiding proactive
security measures
* See All Infinity Global Services >
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
Explore Transform Services
* Security Deployment & OptimizationStrategic deployment and refinement of
security for optimal protection
* Advanced Technical Account ManagementProactive service delivered by
highly skilled Cyber Security professionals
* Lifecycle Management ServicesEffectively maintain the lifecycle of
security products and services
* See All Infinity Global Services >
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
Explore Master Services
* Certifications & AccreditationsComprehensive cyber security training and
certification programs
* CISO TrainingGlobally recognized training for Chief Information Security
Officers
* Security AwarenessEmpower employees with cyber security skills for work
and home
* Cyber RangeSimulated gamification environment for security training
* MindCheck Point Cyber Security and Awareness Programs training hub
* See All Infinity Global Services >
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
Explore Respond Services
* Incident ResponseManage and mitigate security incidents with systematic
response services
* Managed Detection and ResponsePrioritize prevention, delivering
comprehensive SOC operations as a service
* Digital ForensicsComprehensive investigation and analysis of cyber
incidents and attacks
* See All Infinity Global Services >
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
Explore Manage Services
* MXDR with Managed SIEM
* Managed Firewalls
* EDR with Agent Management
* Managed CNAPP
* Managed CSPM
* See All Infinity Global Services >
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
Explore Support Services
* Support ProgramsPrograms designed to help maximize security technology
utilization
* Check Point PROProactive monitoring of infrastructure program offerings
* Contact Support
LEARN HACKERS INSIDE SECRETS AND BEAT THEM AT THEIR OWN GAME
View Courses
* Solutions
* Use Cases
* Hybrid Cloud
* Zero Trust & Least Privilege
* Developer Security & Operations
* IoT Security Solutions
* Anti-Ransomware
* SD-WAN
* Industy
* Retail
* Financial Services
* Federal Government
* State & Local Government
* Healthcare
* Telco Service Provider
* Education
* Organization Size
* Enterprise
* Small & Medium Business
* Platform
* Infinity Platform
* Platform Overview
* Infinity Core Services
* Infinity Portal
* Infinity Platform Agreement
* Secure the Network
* Next Generation Firewall (NGFW) Security Gateway
* SD-WAN
* Security Policy and Threat Management
* Operational Technology and Internet of Things (IoT)
* Remote Access VPN
* Secure the Cloud
* Cloud Network Security
* Cloud Native Application Protection Platform
* Code Security
* Web Application and API Security
* Secure the Workspace
* Email and Collaboration Security
* Endpoint Security
* Mobile Security
* SASE
* Security Operations and AI
* Managed Prevention & Response Service
* Extended Prevention & Response
* Secure Automation and Collaboration
* Unified Security Events and Logs as a Service
* AI Powered Teammate
* ThreatCloud AI
* Support & Services
* Assess
* Cyber Security Risk Assessment
* Penetration Testing
* Security Controls Gap Analysis (NIST CIST)
* Threat Intelligence
* Transform
* Security Deployment & Optimization
* Advanced Technical Account Management
* Lifecycle Management Services
* Master
* Certifications & Accreditations
* CISO Training
* Security Awareness
* Cyber Range
* Mind
* Respond
* Incident Response
* Managed Detection and Response
* Digital Forensics
* Manage
* MXDR with Managed SIEM
* Managed Firewalls
* EDR with Agent Management
* Managed CNAPP
* Managed CSPM
* Support
* Support Programs
* Check Point PRO
* Contact Support
* Partners
* Check Point Partners
* Find a Partner
* Channel Partners
* Technology Partners
* MSSP Partners
* AWS Cloud
* Azure Cloud
* Become a Partner
* Overview
* Enrolled Partners
* Partner Portal
* CHECK POINT IS 100% CHANNEL. GROW YOUR BUSINESS WITH US!
Sign Up Now
* More
* Company
* Company
* Leadership
* Careers
* Investor Relations
* Newsroom
* Learn
* Resource Center
* Customer Stories
* Blog
* Events & Webinars
* Cyber Hub
* Cyber Security Insights
* Check Point Research
* Cyber Talk for Executives
* CheckMates Community
* SEE HOW USE CASES COME TO LIFE THROUGH CHECK POINT'S CUSTOMER STORIES.
Learn More
* Search
* Search
* Geo Menu
* Choose your language...
* English (English)
* Spanish (Español)
* French (Français)
* German (Deutsch)
* Italian (Italiano)
* Portuguese (Português)
* Japanese (日本語)
* Chinese (中文)
* Korean (한국어)
* Taiwan (繁體中文)
Toggle Navigation
Blog Home > Security > Important Security Update – Stay Protected Against VPN
Information Disclosure (CVE-2024-24919)
Filter by: Select category Research (562) Security (926) Securing the
Cloud (296) Harmony (163) Company and Culture (26) Innovation (6) Customer
Stories (13) Horizon (5) Securing the Network (11) Partners (9) Connect
SASE (10) Harmony Email (69) Artificial Intelligence (22) Infinity Global
Services (15) Crypto (13) Healthcare (14) Harmony SASE (2)
SecurityMay 27, 2024
IMPORTANT SECURITY UPDATE – STAY PROTECTED AGAINST VPN INFORMATION DISCLOSURE
(CVE-2024-24919)
ByCheck Point Team
Share
*
*
*
*
*
Updated: May 28, 2024 at 1PM PT
Yesterday (May 27, 2024) we delivered a solution that addresses attempts we saw
on a small number of customers’ VPN remote access networks as referenced below.
Today, we found the root cause for these and are now releasing a fix. To remain
protected, it is mandatory for customers to install this fix on Check Point
Network Security gateways.
The vulnerability potentially allows an attacker to read certain information on
Internet-connected Gateways with remote access VPN or mobile access enabled. The
attempts we’ve seen so far, as previously alerted on May 27, focus on remote
access scenarios with old local accounts with unrecommended password-only
authentication. Within a few hours of this development, Check Point released an
easy to implement solution that prevents attempts to exploit this vulnerability.
To stay secure, customers should follow these simple instructions to deploy the
provided solution.
The attempts we’ve seen so far, in line with yesterday’s alert, are focusing on
the same scenario with the known small number of customers we referred to
yesterday. We’re working with customers who we believe were affected to
remediate the situation. Check Point’s network is not affected by this.
Customer security is our top priority. We will continue to investigate this
issue and will provide additional updates on this blog.
--------------------------------------------------------------------------------
Original Post:
Over the past few months, we have observed increased interest of malicious
groups in leveraging remote-access VPN environments as an entry point and attack
vector into enterprises.
Attackers are motivated to gain access to organizations over remote-access
setups so they can try to discover relevant enterprise assets and users, seeking
for vulnerabilities in order to gain persistence on key enterprise assets.
We have recently witnessed compromised VPN solutions, including various cyber
security vendors. In light of these events, we have been monitoring attempts to
gain unauthorized access to VPNs of Check Point’s customers.
By May 24, 2024 we identified a small number of login attempts using old VPN
local-accounts relying on unrecommended password-only authentication method.
We have assembled special teams of Incident Response, Research, Technical
Services and Products professionals which thoroughly explored those and any
other potential related attempts. Relying on these customers notifications and
Check Point’s analysis, the teams found within 24 hours a few potential
customers which were subject to similar attempts.
Password-only authentication is considered an unfavourable method to ensure the
highest levels of security, and we recommend not to rely on this when logging-in
to network infrastructure.
Check Point has released a solution, as a preventative measure to address these
unauthorised remote access attempts.
We encourage our customers to enhance their VPN security posture by:
* Check if you have local accounts, if they were used and by whom.
* If you don’t use them – best to disable them.
* If you have local accounts which you want to use and are password-only
authenticated, add another layer of authentication (like certificates) to
increase your environments IT security.
* As said, If you are a Check Point customer, deploy our solution on your
Security Gateways. This will automatically prevent unauthorized access to
your VPNs by local accounts with password-only authentication method.
Learn more and receive practical guidance for configuration monitoring and
practices to enhance your VPN security posture.
For any additional assistance required, please contact Check Point technical
support Center or your local Check Point representative.
We value the collaboration of our customers and dedication of our teams to reach
a solution which effectively addresses any such attempts.
0 7602
YOU MAY ALSO LIKE
Harmony Email May 28, 2024
FROM PHISH TO PHISH PHISHING: HOW EMAIL SCAMS GOT SMART
One Phish, Two Phish, Spy Phish, AI Phish: How Email ...
Securing the Cloud May 9, 2024
FIVE BUSINESS USE CASES FOR EVALUATING AZURE VIRTUAL WAN SECURITY SOLUTIONS
Are you using Microsoft Azure Virtual WAN, or considering using ...
Research May 9, 2024
APRIL 2024’S MOST WANTED MALWARE: SURGE IN ANDROXGH0ST ATTACKS AND THE DECLINE
OF LOCKBIT3
Researchers recently identified a spike in Androxgh0st attacks, a Trojan ...
Security May 8, 2024
STOP CHASING BREACHES: BUILD A RESILIENT SECURITY ARCHITECTURE
You assume your security architecture is secure, it’s not always ...
* COMPANY
* About Us
* Careers
* Leadership
* Newsroom
* Investor Relations
* Merchandise Store
* Contact Us
* TECHNICAL RESOURCES
* User Center Sign In
* Advisories
* Threat Map
* Threat Wiki
* URL Categorization
* App Wiki
* EXPAND & LEARN
* Resource Center
* Cyber Hub
* Check Point Research
* Check Point Blog
* Customer Stories
* Product Knowledge Center
* SUPPORT & SERVICES
* Support Center
* Infinity Global Service
* IGS Portal
* * Contact Sales
* North America:
* +1-866-488-6691
* International:
* +44-125-333-5558
* Contact Support
* North America:
* +1-888-361-5030
* International:
* +44-114-478-2845
--------------------------------------------------------------------------------
Follow Us
YOU DESERVE THE BEST SECURITY™ ©1994- 2024 Check Point Software Technologies
Ltd. All rights reserved.
Copyright | Privacy Policy | Cookie Settings | Get the Latest News