check point research

•   Within US    1-866-488-6691
•   Outside US +44 1253 335558

Check Point Software’s 2023 Cyber Security Report

Geo-political conflict triggers increase in cyberattacks and the rise of ‘disruption and destruction’ malware.

Check Point’s 2023 Cyber Security Report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war. Education and Research remains the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year. Overall, global cyberattacks increased by 38% in 2022 compared to 2021

Highlights from the 2023 Cyber Security Report include:

• Ransomware Extortion and Unrestrained Wipers - Attribution of ransomware operations and tracking threat actors may become even harder, Instead, the focus will be more on data wiping and exfiltration detection
• Hacktivism - The boundaries between state cyber-operations and hacktivism have been blurred, as nation states acted with a degree of anonymity without fear of retaliation. Non-state affiliated hacktivist groups are better organized and more effective than ever before
• Cloud: Third Party Threat - There has been a significant increase in the number of attacks on cloud-based networks per organization, which shot up by 48% in 2022 compared with 2021 indicating a concerning shift
• Weaponization of Legitimate Tools - To combat sophisticated cybersecurity solutions, threat actors use built-in operating system capabilities and tools, which are already installed on target systems, and exploit popular IT management tools that are less likely to raise suspicion when detected

The 2023 Cyber Security Report gives a detailed synopsis of the cyber-threat landscape and provides practical take-aways and recommendations to security professionals on how to prevent the next attack. Whether it’s a ransomware attack, a data breach, a phishing attack or a supply chain attack – prevention is at reach!

2023 CYBER SECURITY REPORT

Please enable Javascript to view this form.

• Choose your language...
• English (English)
• Spanish (Español)
• French (Français)
• German (Deutsch)
• Italian (Italiano)
• Portuguese (Português)
• Japanese (日本語)
• Chinese (中文)
• Korean (한국어)
• Taiwan (繁體中文)
• Organization Size
• Hybrid Cloud
• Zero Trust & Least Privilege
• Developer Security & Operations
• IoT Security Solutions
• Anti-Ransomware

See how use cases come to life through Check Point's customer stories.

• Financial Services
• Federal Government
• State & Local Government
• Telco Service Provider
• Small & Medium Business
• Infinity Platform
• Secure the Network
• Secure the Cloud
• Secure the Workspace
• Security Operations and AI
• Platform Overview
• Infinity Core Services
• Infinity Portal Access Infinity Portal
• Infinity Platform Agreement Predictable cyber-security environments through a platform agreement

AI-Powered Threat Prevention

• Next Generation Firewall (NGFW) Security Gateway Industry-leading AI powered security gateways for modern enterprises
• SD-WAN Software Defined Wide Area networks converging security with networking
• Security Policy and Threat Management Manage firewall and security policy on a unified platform for on-premises and cloud networks
• Operational Technology and Internet of Things (IoT) Autonomous IoT/OT threat prevention with zero-trust profiling, virtual patching and segmentation
• Remote Access VPN Secure, seamless remote access to corporate networks
• Cloud Network Security Industry-leading threat prevention through cloud-native firewalls
• Cloud Native Application Protection Platform Cloud native prevention first security
• Code Security Developer centric code security
• Web Application and API Security Automated application and API security
• Email and Collaboration Security Email security including office & collaboration apps
• Endpoint Security Comprehensive endpoint protection to prevent attacks & data compromise
• Mobile Security Complete protection for the mobile workforce across all mobile devices
• SASE Unifying security with optimized internet and network connectivity
• Managed Prevention & Response Service SOC operations as a service with Infinty MDR/MPR
• Extended Prevention & Response AI-Powered, Cloud-Delivered Security Operations with Infinity XDR/XPR
• Secure Automation and Collaboration Automate response playbooks with Infinity Playblocks
• Unified Security Events and Logs as a Service Infinity Events cloud-based analysis, monitoring and reporting
• AI Powered Teammate Automated Security Admin & Incident Response with AI Copilot
• ThreatCloud AI The Brain behind Check Point’s threat prevention
• Cyber Security Risk Assessment Assess cyber security maturity and plan actionable goals
• Penetration Testing Evaluate security defenses against potential cyber attacks and threats
• Security Controls Gap Analysis (NIST CIST) Analyze technology gaps and plan solutions for improved security and ROI
• Threat Intelligence Analyzed data on cyber threats, aiding proactive security measures
• See All Infinity Global Services >

Learn hackers inside secrets and beat them at their own game

• Security Deployment & Optimization Strategic deployment and refinement of security for optimal protection
• Advanced Technical Account Management Proactive service delivered by highly skilled Cyber Security professionals
• Lifecycle Management Services Effectively maintain the lifecycle of security products and services
• Certifications & Accreditations Comprehensive cyber security training and certification programs
• CISO Training Globally recognized training for Chief Information Security Officers
• Security Awareness Empower employees with cyber security skills for work and home
• Cyber Range Simulated gamification environment for security training
• Mind Check Point Cyber Security and Awareness Programs training hub
• Incident Response Manage and mitigate security incidents with systematic response services
• Managed Detection and Response Prioritize prevention, delivering comprehensive SOC operations as a service
• Digital Forensics Comprehensive investigation and analysis of cyber incidents and attacks
• MXDR with Managed SIEM
• Managed Firewalls
• EDR with Agent Management
• Managed CNAPP
• Managed CSPM
• Support Programs Programs designed to help maximize security technology utilization
• Check Point PRO Proactive monitoring of infrastructure program offerings
• Contact Support
• Infinity Portal
• Infinity Platform Agreement
• Next Generation Firewall (NGFW) Security Gateway
• Security Policy and Threat Management
• Operational Technology and Internet of Things (IoT)
• Remote Access VPN
• Cloud Network Security
• Cloud Native Application Protection Platform
• Code Security
• Web Application and API Security
• Email and Collaboration Security
• Endpoint Security
• Mobile Security
• Managed Prevention & Response Service
• Extended Prevention & Response
• Secure Automation and Collaboration
• Unified Security Events and Logs as a Service
• AI Powered Teammate
• ThreatCloud AI
• Cyber Security Risk Assessment
• Penetration Testing
• Security Controls Gap Analysis (NIST CIST)
• Threat Intelligence
• Security Deployment & Optimization
• Advanced Technical Account Management
• Lifecycle Management Services
• Certifications & Accreditations
• CISO Training
• Security Awareness
• Cyber Range
• Incident Response
• Managed Detection and Response
• Digital Forensics
• Support Programs
• Check Point PRO
• Find a Partner
• Channel Partners
• Technology Partners
• MSSP Partners
• Azure Cloud
• Partner Portal

Check Point is 100% Channel. Grow Your Business with Us!

• Investor Relations
• Resource Center
• Customer Stories
• Events & Webinars
• Check Point Research
• Cyber Talk for Executives
• CheckMates Community

Check Point Research: Education sector experiencing more than double monthly attacks, compared to other industries

Highlights:

• Education/Research sector worldwide experienced the highest volumes of attacks every month in 2022 and in 2021.
• In July 2022, the Education/Research sector shows more than double the number of weekly cyberattacks compared to the other industries’ average.
• Latin America has seen the largest increase in weekly cyber-attacks in the month of July 2022 with a 62% increase, compared to July 2021.

Check Point Research (CPR) recently published its Cyber Attack Trends: 2022 Mid-Year Report which reported that similar to 2021’s top industry ranking, the first half of 2022 displays significant rises in attacks across all sectors. Topping them all, Education and Research still leads as the most targeted industry, with an average of 2,297 attacks against organizations every week in the 1H of 2022, showing a 44% increase compared to the 1H of 2021.In today’s report, we shed some more insights to that sector, and present indepth though alarming numbers.

Education/Research sees A 114% increase in the last 2 years

According to CPR, the Education/Research sector experienced the highest volumes of attacks every month in 2022 and in 2021 worldwide.

In July 2022, the Education/Research sector shows more than double the number of weekly cyber-attacks compared to the other industries’ average. This sector had an average of almost 2,000 attacks per organization every week (a 6% increase compared to July last year and 114% increase compared to July two years ago).  Such attacks can have devastating consequences like the case of Lincoln College, which after suffering a ransomware attack was the final straw that contributed to their decision to shut down on May 13 2022, after 157 years.

ANZ is the most attacked region in July 2022

When we break down the numbers to education attacks by region in July 2022, we see that ANZ was the most heavily attacked region with 4,176 attacks per organization every week (7% decrease compared to July 2021), followed by Asia with 4,171 attacks (5% increase), and Europe with 1,861 attacks (6% decrease). Latin America has seen the largest increase in weekly cyberattacks with a 62% increase compared to July 2021.

Brazil sees a 122% increase YoY, Israel sees highest amount of weekly average attacks

In terms of attack by country, in July 2022, Israel absorbed the highest number of attacks worldwide with a weekly average of 4,381 attacks per organization, an 3% increase compared to July 2021. This was followed by Australia with 4,035 attacks on average per week ( 18% decrease YoY) and Mexico with an average of 3,787 weekly attacks ( 45% increase compared to July 2021).

Brazil has seen the largest increase in weekly cyber-attacks with a 122% increase compared to July 2021. The next country that suffered the biggest increase in cyber-attacks is France , with a 69% increase YoY.

In the United States , An organization in the education/research sector suffered from an average of 812 weekly cyber-attacks . This is a slight decrease of 11% compared to July 2021, though  during the past month we have seen a steady upwards trend, with the last week reaching similar numbers as last year.

Staying protected against cyber-attacks, tips for schools and students

• Be phishing-aware: be wary of clicking on links that look in any way suspicious and only download content from reliable sources that can be verified. Remember that phishing schemes are a form of social engineering so if you receive an email with an unusual request, check the sender’s details carefully to make sure that you are communicating with colleagues, not cyber criminals.
• Anti-ransomware technology allows you to detect signs of  ransomware  and uncover running mutations of known and unknown malware families by using behavioral analysis and generic rules
• Passwords matter : It is a good idea to review and strengthen passwords that you use for logging onto remote resources, such as email or work applications.
• Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.
• Deploy Email Security Solutions – Modern email filtering solutions can protect against malware and other malicious payloads in email messages. Solutions can detect emails that contain malicious links, attachments, spam content, and language that could suggest a phishing attack. Email security solutions automatically block and quarantine suspicious emails and use sandboxing technology to “detonate” emails to check if they contain malicious code.

How Can Check Point Help

Check Point’s  Anti-Ransomware  technology uses a purpose-built engine that defends against the most sophisticated, evasive zero-day variants of ransomware and safely recovers encrypted data, ensuring business continuity and productivity.

Harmony Endpoint , Check Point’s leading endpoint prevention and response product, includes Anti-Ransomware technology and provides protection to web browsers and endpoints, leveraging Check Point’s industry-leading network protections. Harmony Endpoint delivers complete, real-time threat prevention and remediation across all malware threat vectors

You may also like

Important Security Reminder – Install the Fix to Stay Protected

Important security update – stay protected against vpn information disclosure (cve-2024-24919).

From Phish to Phish Phishing: How Email Scams Got Smart

Five business use cases for evaluating azure virtual wan security solutions.

Check Point - Wrong Check Point (CVE-2024-24919)

Gather round, gather round - it’s time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze.

Check Point , for those unaware, is the vendor responsible for the 'CloudGuard Network Security' appliance, yet another device claiming to be secure and hardened. Their slogan - " you deserve the best security " - implies a level of security that can be relied upon on in their products.

We thought we'd take a look inside their appliance, and we recently got a great opportunity to do so, in the shape of CVE-2024-24919. This is a 'high' priority bug, which (according to the CVE itself) falls under the category of Exposure of Sensitive Information to an Unauthorized Actor . Check Point advise that the bug is under active exploitation, and give the following summary (among other advice ):

The vulnerability potentially allows an attacker to read certain information on Gateways once connected to the Internet and enabled with Remote Access VPN or Mobile Access.

No bug class here, just a very vague and hand-wavey description. We wondered exactly what 'certain information' meant, in this context - does it mean we can read session tokens? Or the configuration of the device? Password hashes? ( spoiler: it's actually much worse than this ). There wasn't much information floating around the Internet about the bug, so we set out to find out just how bad it is, so that we could share details with device administrators who need to make that all-important patch-or-no-patch decision.

Patch-Diffing time

This bug seems like a prime candidate for patch-diffing , in which the vulnerable and the patched systems are compared to reveal details about the patch itself, and thus the bug.

As ever, the first hurdle in this is obtaining the patched version of the software. While the patches linked from the advisory are locked behind a login form, we found the appliance itself would fetch patches without any credentials, and so we duly installed the patch and cataloged the resultant files, in order to compare each and every file with its pre-patch brethren.

We didn’t need to go to such lengths, though, as examining the appliance filesystem, we soon found the .tgz file containing the update itself inside a temporary directory. Great! Popping it open, we found a load of boring installation scripts, and a promising-sounding file named sslvpn.full , an ELF binary. At least we don’t need to stare at brain-numbing PHP code this time - it’s a binary file so we get to look at lovely x86 disassembly instead. Yummy.

We duly threw the vulnerable and patched versions of the file into IDA, and used Diaphora to observe the differences. Right away, something stood out to us (vulnerable code is on the left, patched on the right):

Hurm, interesting - new code has been added, which is logging the string “Suspected path traversal attack from”. It seems a pretty safe bet that the bug is actually a path traversal.

Poking around in the code, we can see that a new logging function has been added, named send_path_traversal_alert_log , and if we look just a little bit deeper, we also find the new function sanitize_filename , which calls the new logging function. If we look at what references sanitize_filename itself, we are presented with a single caller - a large function that has the autogenerated name sub_80F09E0 . If we search again for references to this large function, our persistence is rewarded, as we find it is passed to the function cpHttpSvc_register_query along with the HTTP path /clients/MyCRL , strongly implying it is the handler for this endpoint.

This is great - we’re only a few minutes into our analysis, and already we’ve discovered some vital clues! Firstly, we are pretty sure we’re looking for a path traversal bug, and secondly, we’ve got a strong suspicion that it affects the endpoint /clients/MyCRL .

A little investigation reveals that this endpoint is designed to serve static files from a location on the filesystem. The files can be specified via the URI itself, in the form of /clients/MyCRL/file_to_get , or via the POST body. We experimented with this somewhat, and found some interesting-but-useless weirdness in the server - adding certain control characters into the URL (such as /clients/MyCRL/test%0Atest ) would hang the request, and the error handling that detected escaped NULL bytes seemed questionable, too, as parts of the request servicing code would be executed despite dire warnings generated in the log. Nothing we tried in the URL path generated anything that looked like a controlled file read, though.

Attempting to add path traversal elements such as .. in the URL bore no fruit, as the webserver would handle them correctly - but what about the POST body? That is exempt from the webserver's path handling code. We tried adding the usual ../../etc/passwd payload , but were soon met with disappointment, as all we received was a measly 404. The server logs showed that the appliance was indeed refusing to serve our path:

No good! How do we work out what’s happening, and elevate ourselves beyond blind guesses? Why, by taking a look at that big sub_80F09E0 , of course!

Understanding the decompiled code

The large handler function may seem daunting, but it is actually pretty straightforward. Switching to the vulnerable version of the code, we can see from a quick skim that it performs file I/O, given away by the telltale references to _fopen and _fread - this is undoubtedly the place to find our bug. But what is it doing?

It is slightly difficult to see what the code is doing because of the unusual way that it references string resources, which IDA doesn’t pick up. Take a look at the following code snippet:

What’s happening here? Well, the code is comparing something (the URL the user requested) with a number of hardcoded strings, located in a string table. IDA doesn’t know where the string table is, but GDB can tell us at runtime - it turns out to be here:

Easy enough - the code is checking if the user is requesting any of the files in the list, and will only permit the download if it matches. But there’s a ‘bug’ in this code. Can you spot it?

That’s right! The bug isn’t anything complex or involved, it lies in the developer’s use of the strstr function. This function, as C gurus will know, doesn’t compare two strings outright, but searches one string for another string. This immediately got the gears turning in our head - can we abuse this sloppy matching to traverse, simply by requesting a relative path that includes one of the strings from the table? As long as one of the strings is present inside the path, the check will pass and the file will be served.

Well, it turns out we can’t. We can supply paths such as icsweb.cab /../../etc/passwd , but the OS isn’t dumb, and will fail to find the file, complaining that icsweb.cab is a file, and not a directory. We’re close, though - I can almost taste it! Let’s keep looking at that code.

Here’s a very similar chunk of code, found just underneath the first. Again, we’re iterating a string table, and comparing with the requested URL. Again, we pull out GDB, and take a look at the string table it is using:

Short but sweet. We got very excited when we saw this entry - can you see why?

Yes, exactly! Because of the slash at the end of the string. That suggests that this entry isn’t a file, but a directory, which would mean we can traverse into it and then back out via the venerable .. . As long as we have the string CSHELL/ somewhere in the requested file, the request will be accepted, right?

Well, we tried, and with bated breath submitted the following request:

We were rewarded with the contents of requested file.

There we go! A path traversal leading to an arbitrary file read! Since we are able to read such a critical file - the shadow password file - we must be running as the superuser, and able to read anything on the filesystem we choose.

Wait, what?!

At this point, we were somewhat confused. What we’d found is an arbitrary file read, allowing us to read any file on the system. This is much more powerful than the vendor advisory seems to imply.

We rushed to patch our box, and confirm that we had indeed found CVE-2024-24919, and not some other bug, and were mildly surprised that, yes, this is CVE-2024-24919, and yes, it is an arbitrary file read.

Interestingly, the vendor states that the issue only affects devices with username-and-password authentication enabled, and not with the (much stronger) certificate authentication enabled. Looking at the code, we can’t see any obvious reason for this, and we do wonder if a user who has a valid certificate can exploit the issue even when password authentication is disabled.

We were also somewhat amused by the vendor’s remediation advice, which includes this gem:

To prevent attempt to exploit this vulnerability, you must protect the vulnerable Remote Access gateway  behind  a Security Gateway with both IPS and SSL Inspection enabled.

Obvious grammar errors aside, the advice to place your hardened border gateway device behind another hardened border gateway device gave us a chuckle.

Conclusions

That bug wasn't too difficult to find, and was extremely easy to exploit once we’d located it (full exploitation is left as an exercise for the reader - we wouldn’t want to take all the fun out of the bug).

We’re a little concerned by the vendor’s statement, though - it seems to downplay the severity of this bug. Since the bug is already being used in the wild, by real attackers, it seems dangerous for the bug to be treated as anything less than a full unauthenticated RCE, with device administrators urged to update as soon as humanely possible. They state:

The vulnerability potentially allows an attacker to access information on Gateways connected to the Internet

This is quite a confusing statement, given that Internet connectivity is not a requirement. The words 'access information' are doing some seriously heavy lifting here, as while they may be technically correct, in the most pedantic sense of the word, they minimize what is, in all reality, a very serious bug which should be treated as 'world ending' (at least, by those administrators who do not have a second Check Point device protecting their actual Check Point device).

The vendor, Check Point, have released ‘hotfix’ for the bug, which administrators are instructed to apply if they are affected (refer to the vendor advisory for details).

At  watchTowr , we believe continuous security testing is the future, enabling the rapid identification of holistic high-impact vulnerabilities that affect your organisation.

It's our job to understand how emerging threats, vulnerabilities, and TTPs affect your organisation.

If you'd like to learn more about the  watchTowr Platform , our Attack Surface Management and Continuous Automated Red Teaming solution , please get in touch.

Zero-day flaw in Check Point VPNs is ‘extremely easy’ to exploit

Cybersecurity company Check Point says attackers are exploiting a zero-day vulnerability in its enterprise VPN products to break into the corporate networks of its customers. 

The technology maker hasn’t said yet who is responsible for the cyberattacks or how many of its customers are affected by intrusions linked to the vulnerability, which security researchers say is “extremely easy” to exploit.

In a blog post this week, Check Point said the vulnerability in its Quantum network security devices allows for a remote attacker to obtain sensitive credentials from an affected device, which can grant the attackers access to the victim’s wider network. Check Point said attackers began exploiting the bug around April 30. A zero-day bug is when a vendor has no time to fix the bug before it is exploited.

The company urged customers to install patches to remediate the flaw.

Check Point has over 100,000 customers, according to its website. When asked, a Check Point spokesperson didn’t say how many customers are affected by the exploitation.

Check Point is the latest security company in recent months to disclose a security vulnerability in its security products, the very technologies that are designed to protect companies from cyberattacks and digital intrusions.

These network security devices sit on the edge of a company’s network and serve as digital gatekeepers for which users are allowed in, but have a tendency to contain security flaws that can in some cases easily skirt their security defenses and lead to compromise of the customer’s network.

Several other enterprise and security vendors, including Ivanti , ConnectWise , and Palo Alto Networks , have in recent months rushed to fix flaws in their enterprise-grade security products that malicious attackers have exploited to compromise customer networks in order to steal data. All of the bugs in question are high severity in nature, in large part due to how easy they were to exploit.

In the case of Check Point’s vulnerability, security research firm watchTowr Labs said in its analysis of the vulnerability that the bug was “extremely easy” to exploit once it had been located.

The bug, which watchTowr Labs described as a path-traversal vulnerability, means it’s possible for an attacker to remotely trick an affected Check Point device into returning files that should have been protected and off-limits, such as the passwords for accessing the root-level operating system of the device.

“This is much more powerful than the vendor advisory seems to imply,” said watchTowr Labs researcher Aliz Hammond.

U.S. cybersecurity agency CISA said it added the Check Point vulnerability to its public catalog of known-exploited vulnerabilities. In brief remarks, CISA said that the vulnerability in question is often used by malicious cyber actors and that these kinds of flaws pose “significant risks to the federal enterprise.”

Updated with a response from Check Point.

More TechCrunch

Get the industry’s biggest tech news, techcrunch daily news.

Every weekday and Sunday, you can get the best of TechCrunch’s coverage.

Startups Weekly

Startups are the core of TechCrunch, so get our best coverage delivered weekly.

TechCrunch Fintech

The latest Fintech news and analysis, delivered every Tuesday.

TechCrunch Mobility

TechCrunch Mobility is your destination for transportation news and insight.

Featured Article

DEI backlash: Stay up-to-date on the latest legal and corporate challenges

It’s clear that this year will be a turning point for DEI.

Watch Apple kick off WWDC 2024 right here

The keynote will be focused on Apple’s software offerings and the developers that power them, including the latest versions of iOS, iPadOS, macOS, tvOS, visionOS and watchOS.

TechCrunch Space: China’s victory

Hello and welcome back to TechCrunch Space. Unfortunately, Boeing’s Starliner launch was delayed yet again, this time due to issues with one of the three redundant computers used by United…

An appeals court rules that VC Fearless Fund cannot issue grants to Black women, but the fight continues

The court ruling said that Fearless Fund’s Strivers Grant likely violates the Civil Rights Act of 1866, which bans the use of race in contracts.

You can now customize your For You feed on Threads using swipes

Instagram Threads is rolling out the ability for users to signal which sort of posts they wanted to see more or less of by swiping.

Japanese billionaire pulls plug on private ‘dearMoon’ lunar Starship mission

The Japanese billionaire who commissioned SpaceX for a private mission around the moon on a Starship rocket has abruptly canceled the project, citing ongoing uncertainties around when the launch vehicle…

People are using AI music generators to create hateful songs

Malicious actors are abusing generative AI music tools to create homophobic, racist, and propagandic songs — and publishing guides instructing others how to do so. According to ActiveFence, a service…

What to expect from Apple’s AI-powered iOS 18 at WWDC

As WWDC 2024 nears, all sorts of rumors and leaks have emerged about what iOS 18 and its AI-powered apps and features have in store.

GM’s Cruise is testing robotaxis in Dallas again

Dallas is the second city that Cruise is easing its way back into after pulling its entire U.S. fleet late last year.

After raising $100M, AI fintech LoanSnap is being sued, fined, evicted

The company has been sued by at least seven creditors, including Wells Fargo.

Sonos Ace review: A high-priced contender

The Ace are a contender in a crowded market, but they’re still in search of that magic bullet to truly let them stand out from the pack.

Instagram confirms test of ‘unskippable’ ads

The change would see Instagram becoming more like the free version of YouTube, which requires users to view ads before and in the middle of watching videos.

Shopify acquires Checkout Blocks, a checkout customization app

Commerce platform Shopify has acquired Checkout Blocks, allowing Shopify Plus merchants to make no-code customizations in their checkout to enhance customer experience and potentially boost sales.  Checkout Blocks, which debuted…

Aptoide launches its alternative iOS game store in the EU

After the Digital Markets Act (DMA) forced Apple to allow third-party app stores for iOS in Europe, several developers have launched alternative stores, like the AltStore and MacPaw’s Setapp (currently…

One week left: Apply to TC Disrupt Startup Battlefield 200

Time is relentless and, right now, it’s no friend to procrastination-prone early-stage startup founders. The application window for Startup Battlefield 200 (SB 200) at TechCrunch Disrupt 2024 slams shut in…

Cloudera acquires Verta to bring some AI chops to its data platform

Cloudera, the once high-flying Hadoop startup, raised $1 billion and went public in 2018 before being acquired by private equity for $5.3 billion in 2021. Today, the company announced that…

Spend management startup SiFi raises $10M to grow further in Saudi Arabia

The global spend management sector is experiencing a tailwind of sorts. North America is arguably the biggest market in this space, but spend management companies have seen demand rise across…

Swiss startup Neural Concept raises $27M to cut EV design time to 18 months

Neural Concept lets designers model how components will perform before they can be manufactured.

Don’t miss StrictlyVC in DC next week

The StrictlyVC roadtrip continues! Coming off of sold-out events in London, Los Angeles, and San Francisco, we’re heading to Washington, D.C. for a cozy-vc-packed, evening at the Woolly Mammoth Theatre…

X tweaks rules to formally allow adult content

X will now allow users to post consensually produced NSFW content as long as it is prominently labeled as such.

Ashby injects recruiting with a dose of AI

Ashby consolidates existing talent acquisition tools and leans heavily on AI to automate the more repetitive steps in the recruitment pipeline.

Spotify to increase premium pricing in the US to $11.99 per month

Spotify has announced it’s hiking subscriptions for customers in the U.S., the second such price increase in the space of a year. The music-streaming giant reports that premium pricing will…

UK neobank Monzo reports first full (pre-tax) profit, prepares for EU expansion with Dublin hub

Monzo has announced its 2024 financial results, revealing its first full-year pre-tax profit. The company also confirmed that it’s in the early stages of expanding into the broader European market…

Inside Apple’s efforts to build a better recycling robot

Last week, TechCrunch paid a visit to Apple’s Austin, Texas, manufacturing facilities. Since 2013, the company has built its Mac Pro desktop about 20 minutes north of downtown. The 400,000-square-foot facility sits in a maze of industry parks, a quick trip south from the company’s in-progress corporate campus. In recent years, the capital city has…

Binit is bringing AI to trash

Early attempts at making dedicated hardware to house artificial intelligence smarts have been criticized as, well, a bit rubbish. But here’s an AI gadget-in-the-making that’s all about rubbish, literally: Finnish…

Temasek, Fidelity buy $200M stake in Lenskart at $5B valuation

Temasek has previously invested in Lenskart, and this new funding follows a $500 million investment by the Abu Dhabi Investment Authority last year.

French startup ten ten reinvents the walkie-talkie

Less than one year after its iOS launch, French startup ten ten has gone viral with a walkie talkie app that allows teens to send voice messages to their close…

Unicorn-rich VC Wesley Chan owes his success to a Craigslist job washing lab beakers

While all of Wesley Chan’s success has been well-documented over the years, his personal journey…not so much. Chan spoke to TechCrunch about the ways his life impacts how he invests in startups.

Trump takes off on TikTok

Presumptive Republican presidential nominee Donald Trump now has an account on the short-form video app that he once tried to ban. Trump’s TikTok account, which launched on Saturday night, features…

Iceland’s startup scene is all about making the most of the country’s resources

With fewer than 400,000 inhabitants, Iceland receives more than its fair share of tourists — and of venture capital.

• Picus Security Validation Platform
• for Prevention Controls
• for Detection Controls
• Attack Surface Validation
• Cloud Security Validation
• Attack Path Validation
• Detection Rule Validation
• Integrations
• Request a Demo
• Start a Trial
• Breach and Attack Simulation
• Pen Testing Automation
• Continuous Threat Exposure Management
• MITRE ATT&CK
• Blue Report
• Emerging Threat Simulator
• Actionable Threat Intelligence Report
• Purple Academy
• Cybersecurity 101
• Case Studies
• Resource Library
• Press Releases
• Partner Program
• Technology Alliance Program

CVE-2024-24919: Check Point Security Gateways Zero-Day Vulnerability Explained

Huseyin Can YUCEEL & Picus Labs | June 03, 2024

The Red Report 2024

The Top 10 MITRE ATT&CK Techniques Used by Adversaries

On May 28th, 2024, Check Point disclosed an arbitrary file read vulnerability affecting Check Point Security Gateways [1]. CVE-2024-24919 has a CVSS score of 8.6 (High) and allows adversaries to read sensitive files from vulnerable products with root privileges. If the certificate authentication is not enabled, adversaries may exploit CVE-2024-24919 for unauthenticated remote code execution. 

In this blog, we explained how the Check Point CVE-2024-24919 vulnerability works and how organizations can defend against CVE-2024-24919 attacks.

Simulate Vulnerability Exploitation Attacks with 14-Day Free Trial of Picus Platform

Check Point CVE-2024-24919 Vulnerability Explained

Check Point Security Gateways are used by organizations worldwide as a security barrier against various types of threats and unauthorized access to networked systems. On May 27th, 2024, Check Point saw a significant volume of malicious traffic targeting VPN devices. CVE-2024-24919 is a high-severity zero-day vulnerability affecting Check Point Security Gateways with remote Access VPN or Mobile Access Software Blades enabled. The vulnerability has a CVSS score of 8.6 (High) and can be exploited for arbitrary file read with a possibility of unauthenticated remote code execution. Due to ease of exploitability, organizations are advised to apply hot fixes to their vulnerable Check Point Security Gateway products.

How Check Point CVE-2024-24919 Exploit Works?

Check Point CVE-2024-24919 is an arbitrary file read vulnerability ( CWE-200 ) that allows attackers to access and read sensitive files via path traversal. On its own, an arbitrary file read vulnerability would have a high severity score. However, CVE-2024-24919 allows attackers to access files with root privileges, increasing the severity. Adversaries can access critical files such as  "passwd" and "shadow" and harvest user credentials. If any multi-factor authentication is in place, attackers use harvested credentials for remote code execution.

The example HTTP POST request below exploits the CVE-2024-24919 vulnerability. 

How Picus Helps Simulate Check Point CVE-2024-24919 Attacks?

We also strongly suggest simulating the Check Point CVE-2024-24919 vulnerability to test the effectiveness of your security controls against sophisticated cyber attacks using the Picus Complete Security Validation Platform . You can also test your defenses against oth er vulnerability exploitation attacks, such as Log4Shell, Citrix Bleed, and Follina , within minutes with a 14-day free trial of the Picus Platform .

Picus Threat Library includes the following threats for Check Point CVE-2024-24919 vulnerability exploitation attacks :

Picus also provides actionable mitigation content. Picus Mitigation Library includes prevention signatures to address Check Point CVE-2024-24919 vulnerability in preventive security controls. Currently, Picus Labs validated the following signatures for Check Point CVE-2024-24919 vulnerability :

Start simulating emerging threats today and get actionable mitigation insights with a  14-day free trial   of the Picus Complete Security Validation Platform.

[1] "Preventative Hotfix for CVE-2024-24919 - Quantum Gateway Information Disclosure." Available: https://support.checkpoint.com/results/sk/sk182336

Share this:

Get the latest insights delivered straight to your inbox.

• Choose your language...
• English (English)
• Spanish (Español)
• French (Français)
• German (Deutsch)
• Italian (Italiano)
• Portuguese (Português)
• Japanese (日本語)
• Chinese (中文)
• Korean (한국어)
• Taiwan (繁體中文)
• Organization Size
• Hybrid Cloud
• Zero Trust & Least Privilege
• Developer Security & Operations
• IoT Security Solutions
• Anti-Ransomware

See how use cases come to life through Check Point's customer stories.

• Financial Services
• Federal Government
• State & Local Government
• Telco Service Provider
• Small & Medium Business
• Infinity Platform

Secure the Network

Secure the cloud, secure the workspace.

• Platform Overview Industry leading AI-Powered and Cloud-Delivered cyber security platform
• Infinity Services Prevention-first security operation, AI Copilot, ThreatCloud AI, and 24/7 managed security services, consulting, and training
• Infinity Portal Learn about and sign into Check Point's unified security management platform
• Infinity Platform Agreement Predictable cyber security environments through a platform agreement
• See All Products >

Introducing Quantum Force

• Next Generation Firewall (NGFW) Security Gateway Industry leading AI-powered security gateways for modern enterprises
• SD-WAN Software-defined wide are network to converge security with networking
• Security Policy and Threat Management Manage firewall and security policy on a unified platform for on-premise and cloud networks
• Operational Technology and Internet of Things (IoT) Autonomous IoT/OT threat prevention with zero trust profiling, virtual patching, and segmentation
• Remote Access VPN Secure, seamless remote access to corporate networks
• Cloud Network Security Industry leading threat prevention with cloud-native firewalls
• Cloud Native Application Protection Platform Cloud-native prevention-first security
• Code Security Developer-centric code security
• Web Application and API Security Automated application and API security
• Email and Collaboration Security Email security that includes office and collaboration applications
• Endpoint Security Comprehensive endpoint protection to prevent attacks and data compromise
• Mobile Security Complete protection for the workforce across all mobile devices
• SASE Unified security with optimized internet and network connectivity
• SaaS Security Threat prevention management for SaaS
• Managed Prevention & Response Service SOC operations-as-a-service with Infinity MDR/MPR
• Extended Prevention & Response AI-powered, cloud-delivered security operations with Infinity XDR/XR
• Secure Automation and Collaboration Automate response playbooks with Infinity Playblocks
• Unified Security Events and Logs as a Service Infinity events cloud-based analysis, monitoring, and reporting
• AI Powered Teammate Automated Security Admin & Incident Response with AI Copilot
• ThreatCloud AI The brain behind Check Point’s premier threat prevention
• Cyber Risk Assessment Assess your cyber risks and plan actionable strategy
• Attack Surface & Penetration Testing Evaluate security defenses against potential cyber attacks and threats
• Security Controls Gap Analysis (NIST, CIS) Analyze technology gaps and plan solutions for improved security and ROI
• Threat Intelligence & Brand Reputation Analyzed data on cyber threats, aiding proactive security measures
• See All Assess Services >

Learn hackers inside secrets and beat them at their own game

• Security Deployment & Optimization Strategic deployment and refinement of security for optimal protection
• Advanced Technical Account Management Proactive service delivered by highly skilled cyber security professionals
• Lifecycle Management Services Effectively maintain the lifecycle of security products and services
• See All Transform Services >
• Training & Certifications Comprehensive cyber security training and certification programs
• CISO Training Globally recognized training for Chief Information Security Officers
• Security Awareness Empower employees with cyber security skills for work and home
• Cyber Park - Cyber Range Simulated gamification environment for security training
• Mind Training Hub Check Point cyber security and awareness programs training hub
• See All Master Services >
• Incident Response Manage and mitigate security incidents with systematic response services
• Managed Detection and Response 24/7 SOC Operations for Check Point + 3rd party solutions, 24/7 response
• Digital Forensics Comprehensive investigation and analysis of cyber incidents and attacks
• See All Respond Services >
• SOC-as-a-Service Leverage SOC expertise to monitor and manage the security solutions
• NOC-as-a-Service and Network Security Management of IT network and firewall infrastructure
• Cloud & IT Access to managed cloud and IT technologies, expertise, and resources
• See All Managed Services >
• Support Programs Programs designed to help maximize security technology utilization
• Check Point PRO Proactive monitoring of infrastructure program offerings
• Contact Support
• Platform Overview
• Infinity Services
• Infinity Portal
• Infinity Platform Agreement
• Next Generation Firewall (NGFW) Security Gateway
• Security Policy and Threat Management
• Operational Technology and Internet of Things (IoT)
• Remote Access VPN
• Cloud Network Security
• Cloud Native Application Protection Platform
• Code Security
• Web Application and API Security
• Email and Collaboration Security
• Endpoint Security
• Mobile Security
• SaaS Security
• Managed Prevention & Response Service
• Extended Prevention & Response
• Secure Automation and Collaboration
• Unified Security Events and Logs as a Service
• AI Powered Teammate
• ThreatCloud AI
• Cyber Risk Assessment
• Attack Surface & Penetration Testing
• Security Controls Gap Analysis (NIST, CIS)
• Threat Intelligence & Brand Reputation
• Security Deployment & Optimization
• Advanced Technical Account Management
• Lifecycle Management Services
• Training & Certifications
• CISO Training
• Security Awareness
• Cyber Park - Cyber Range
• Mind Training Hub
• Incident Response
• Managed Detection and Response
• Digital Forensics
• SOC-as-a-Service
• NOC-as-a-Service and Network Security
• Cloud & IT
• Support Programs
• Check Point PRO
• Find a Partner
• Channel Partners
• Technology Partners
• MSSP Partners
• Azure Cloud
• Partner Portal

Check Point is 100% Channel. Grow Your Business with Us!

• Investor Relations
• Resource Center
• Customer Stories
• Events & Webinars
• Check Point Research
• Cyber Talk for Executives
• CheckMates Community

Protect What Matters Most

The Infinity Platform delivers AI-powered and cloud-delivered threat prevention across the network, cloud, and workspace to protect what matters.

FAST Company

Check Point Infinity ThreatCloud AI featured on Fast Company’s 2024 World Changing Ideas List

2024 Cloud Security Report

Rising Cloud Security Threats: A Look at the Surge in Cyber Attacks and Data Breaches

Experience AI-powered advanced threat prevention and unified management to protect against sophisticated attacks.

Check Point + NVIDIA

Securing AI cloud Infrastructure.

CPX is Back!

The Industry’s Premier Cyber Security Summit brings together the cyber security industry to explore the latest solutions and strategies to protect against today’s complex threat landscape.

Introducing Check Point Harmony SASE

The world’s only hybrid solution, combining on-device and cloud-based protections. It delivers 2x faster internet security, full mesh Zero Trust Access, and SD-WAN.

Named a Leader in the Forrester Zero Trust Wave™

Check Point’s Infinity Platform “sets the bar for centralized management and usability” and lets you implement all seven principles of the Extended Zero Trust Security model

Realize the Check Point Difference

2+ billion security decisions made daily. Powered by AI

Led by 50+ machine learning engines, ThreatCloud AI identifies and blocks emerging zero-day threats.

Quantifiably more protection for enterprises

We deliver accurate prevention in under two seconds to hundreds of millions of enforcement points.

Lowest total cost of ownership for enterprise security

We increase operational efficiency by up to 50% while reducing security costs by as much as 20%.

See how security protects customers around the globe

Check Point delivers incredible customer outcomes

All customer stories

“The technology is first and foremost, but it’s also about the people, and that’s another area where Check Point came to the forefront.”

-Russ Trainor Senior Vice President of Information Technology, Denver Broncos

“Check Point gives me peace of mind, knowing that we have the best security solution to protect Alkem.”

-Bijender Mishra Chief Information Security Officer, Alkem Laboratories

“Check Point gives us an all-in-one solution that enables us to take a holistic approach to security.”

-Christopher Lee Director of Technology, Marple Newtown School District

“With Check Point Harmony Email & Collaboration, we’re blocking thousands more emails each month.”

-Piotr Baltakis Manager of Infrastructure and Security, City of Kamloops

The Infinity Platform. AI-Powered. Cloud-Delivered.

Check Point’s Infinity Platform is a consolidated, comprehensive, and collaborative platform that provides the best security for the entire enterprise. Underpinned by our global experts and 30 years of accumulated threat data, our platform keeps people, data and technology safe.

Schedule a demo Learn More

Our unified, scalable network security solutions simplify protection without impacting performance – wherever your network lives.

Explore Quantum

Our automation enables security teams to match the pace of modern DevOps.

Explore CloudGuard

Our unified security solution protects everywhere work gets done, including email, endpoint, and mobile.

Explore Harmony

AI-Driven Security Operations

Our powerful AI tools empower Security Operations Center teams to prevent and remediate attacks faster and more efficiently.

Explore Infinity Services

Protect against advanced cyber attacks through the power of ThreatCloud AI, the brain behind the Check Point’s Infinity Platform.

Test Drive Security in Action Today

Discover how Check Point innovations secure your network, cloud, and user/access.

Get a Demo Subscribe Now

• U.S. Department of Health & Human Services

• Virtual Tour
• Staff Directory
• En Español

You are here

News releases.

Media Advisory

Monday, June 3, 2024

NIH scientists develop AI tool to predict how cancer patients will respond to immunotherapy

In a proof-of-concept study, researchers at the National Institutes of Health (NIH) have developed an artificial intelligence (AI) tool that uses routine clinical data, such as that from a simple blood test, to predict whether someone’s cancer will respond to immune checkpoint inhibitors, a type of immunotherapy drug that helps immune cells kill cancer cells. The machine-learning model may help doctors determine if immunotherapy drugs are effective for treating a patient’s cancer. The study, published June 3, 2024, in Nature Cancer , was led by researchers at the National Cancer Institute’s (NCI) Center for Cancer Research and Memorial Sloan Kettering Cancer Center in New York. NCI is part of the National Institutes of Health.  

Currently, two predictive biomarkers are approved by the Food and Drug Administration for use in identifying patients who may be candidates for treatment with immune checkpoint inhibitors. The first is tumor mutational burden, which is the number of mutations in the DNA of cancer cells. The second is PD-L1, a tumor cell protein that limits the immune response and is a target of some immune checkpoint inhibitors. However, these biomarkers do not always accurately predict response to immune checkpoint inhibitors. Recent machine-leaning models that use molecular sequencing data have shown value in predicting response, but this kind of data is expensive to obtain and not routinely collected.

The new study details a different kind of machine-learning model that makes predictions based on five clinical features that are routinely collected from patients: a patient’s age, cancer type, history of systemic therapy, blood albumin level, and blood neutrophil-to-lymphocyte ratio, a marker of inflammation. The model also considers tumor mutational burden, assessed through sequencing panels. The model was constructed and evaluated using data from multiple independent data sets that included 2,881 patients treated with immune checkpoint inhibitors across 18 solid tumor types.

The model accurately predicted a patient’s likelihood of responding to an immune checkpoint inhibitor and how long they would live, both overall and before the disease returned. Notably, the researchers said, the model was also able to identify patients with low tumor mutational burden who could still be treated effectively with immunotherapy.

The researchers noted that larger prospective studies are needed to further evaluate the AI model in clinical settings. They have made their AI model, called Logistic Regression-Based Immunotherapy-Response Score (LORIS), publicly available at https://loris.ccr.cancer.gov . The tool estimates the likelihood of a patient responding to immune checkpoint inhibitors based on data on the six variables described above.

The study was co-led by Eytan Ruppin, M.D., Ph.D., of NCI’s Center for Cancer Research and Luc G. T. Morris, M.D., of Memorial Sloan Kettering Cancer Center. The work was spearheaded by Tiangen Chang, Ph.D., and Yingying Cao, Ph.D., of Dr. Ruppin’s group at NCI’s Center for Cancer Research.

Eytan Ruppin, M.D., Ph.D., Center for Cancer Research, National Cancer Institute

“LORIS robustly predicts patient outcomes with immune checkpoint blockade therapy using common clinical, pathologic and genomic features” appears June 3, 2024, in Nature Cancer . https://doi.org/10.1038/s43018-024-00772-7

About the National Cancer Institute (NCI): NCI leads the National Cancer Program and NIH’s efforts to dramatically reduce the prevalence of cancer and improve the lives of people with cancer. NCI supports a wide range of cancer research and training extramurally through grants and contracts. NCI’s intramural research program conducts innovative, transdisciplinary basic, translational, clinical, and epidemiological research on the causes of cancer, avenues for prevention, risk prediction, early detection, and treatment, including research at the NIH Clinical Center—the world’s largest research hospital. Learn more about the intramural research done in NCI’s Center for Cancer Research . For more information about cancer, please visit the NCI website at cancer.gov or call NCI’s contact center at 1-800-4-CANCER (1-800-422-6237).

About the National Institutes of Health (NIH): NIH, the nation's medical research agency, includes 27 Institutes and Centers and is a component of the U.S. Department of Health and Human Services. NIH is the primary federal agency conducting and supporting basic, clinical, and translational medical research, and is investigating the causes, treatments, and cures for both common and rare diseases. For more information about NIH and its programs, visit www.nih.gov .

NIH…Turning Discovery Into Health ®

Connect with Us

• More Social Media from NIH

• Android Malware 22
• Artificial Intelligence 4
• Check Point Research Publications 374
• Cloud Security 1
• Data & Threat Intelligence 1
• Data Analysis 0
• Global Cyber Attack Reports 306
• How To Guides 11
• Ransomware 1
• Russo-Ukrainian War 1
• Security Report 1
• Threat and data analysis 0
• Threat Research 170
• Web 3.0 Security 8
• Check Point Research Publications

Inside the Box: Malware’s New Playground

Research by:  Jiri Vinopal Highlights: Check Point Research (CPR) reveals the increasing abuse of BoxedApp products ...

• Threat Research

Static Unpacking for the Widespread NSIS-based Malicious Packer Family

Packers or crypters are widely used to protect malicious software from detection and static analysis. These auxiliary tools, through the use ...

Sharp Dragon Expands Towards Africa and The Caribbean

Key Findings Sharp Dragon’s (Formerly referred to as Sharp Panda) operations continue, expanding their focus now to new regions ...

Bad Karma, No Justice: Void Manticore Destructive Activities in Israel

Void Manticore is an Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS). They carry out destructive ...

POPULAR POSTS

• Artificial Intelligence

SUBSCRIBE TO CYBER INTELLIGENCE REPORTS

Country —Please choose an option— China India United States Indonesia Brazil Pakistan Nigeria Bangladesh Russia Japan Mexico Philippines Vietnam Ethiopia Egypt Germany Iran Turkey Democratic Republic of the Congo Thailand France United Kingdom Italy Burma South Africa South Korea Colombia Spain Ukraine Tanzania Kenya Argentina Algeria Poland Sudan Uganda Canada Iraq Morocco Peru Uzbekistan Saudi Arabia Malaysia Venezuela Nepal Afghanistan Yemen North Korea Ghana Mozambique Taiwan Australia Ivory Coast Syria Madagascar Angola Cameroon Sri Lanka Romania Burkina Faso Niger Kazakhstan Netherlands Chile Malawi Ecuador Guatemala Mali Cambodia Senegal Zambia Zimbabwe Chad South Sudan Belgium Cuba Tunisia Guinea Greece Portugal Rwanda Czech Republic Somalia Haiti Benin Burundi Bolivia Hungary Sweden Belarus Dominican Republic Azerbaijan Honduras Austria United Arab Emirates Israel Switzerland Tajikistan Bulgaria Hong Kong (China) Serbia Papua New Guinea Paraguay Laos Jordan El Salvador Eritrea Libya Togo Sierra Leone Nicaragua Kyrgyzstan Denmark Finland Slovakia Singapore Turkmenistan Norway Lebanon Costa Rica Central African Republic Ireland Georgia New Zealand Republic of the Congo Palestine Liberia Croatia Oman Bosnia and Herzegovina Puerto Rico Kuwait Moldov Mauritania Panama Uruguay Armenia Lithuania Albania Mongolia Jamaica Namibia Lesotho Qatar Macedonia Slovenia Botswana Latvia Gambia Kosovo Guinea-Bissau Gabon Equatorial Guinea Trinidad and Tobago Estonia Mauritius Swaziland Bahrain Timor-Leste Djibouti Cyprus Fiji Reunion (France) Guyana Comoros Bhutan Montenegro Macau (China) Solomon Islands Western Sahara Luxembourg Suriname Cape Verde Malta Guadeloupe (France) Martinique (France) Brunei Bahamas Iceland Maldives Belize Barbados French Polynesia (France) Vanuatu New Caledonia (France) French Guiana (France) Mayotte (France) Samoa Sao Tom and Principe Saint Lucia Guam (USA) Curacao (Netherlands) Saint Vincent and the Grenadines Kiribati United States Virgin Islands (USA) Grenada Tonga Aruba (Netherlands) Federated States of Micronesia Jersey (UK) Seychelles Antigua and Barbuda Isle of Man (UK) Andorra Dominica Bermuda (UK) Guernsey (UK) Greenland (Denmark) Marshall Islands American Samoa (USA) Cayman Islands (UK) Saint Kitts and Nevis Northern Mariana Islands (USA) Faroe Islands (Denmark) Sint Maarten (Netherlands) Saint Martin (France) Liechtenstein Monaco San Marino Turks and Caicos Islands (UK) Gibraltar (UK) British Virgin Islands (UK) Aland Islands (Finland) Caribbean Netherlands (Netherlands) Palau Cook Islands (NZ) Anguilla (UK) Wallis and Futuna (France) Tuvalu Nauru Saint Barthelemy (France) Saint Pierre and Miquelon (France) Montserrat (UK) Saint Helena, Ascension and Tristan da Cunha (UK) Svalbard and Jan Mayen (Norway) Falkland Islands (UK) Norfolk Island (Australia) Christmas Island (Australia) Niue (NZ) Tokelau (NZ) Vatican City Cocos (Keeling) Islands (Australia) Pitcairn Islands (UK)

We value your privacy!

BFSI uses cookies on this site. We use cookies to enable faster and easier experience for you. By continuing to visit this website you agree to our use of cookies.

• Frontiers in Immunology
• Cancer Immunity and Immunotherapy
• Research Topics

Precision Oncology in Checkpoint Immunotherapy: Leveraging Predictive Biomarkers for Personalized Treatment

Total Downloads

Total Views and Downloads

About this Research Topic

This Research Topic is apart of the series "The Future of Checkpoint Immunotherapy: New Roads Ahead". Please see the series here . We are pleased to announce a special collection focusing on the dynamic field of precision oncology within the domain of checkpoint immunotherapy. As cancer treatment evolves, there is increasing recognition of the significance of personalized medicine approaches that tailor therapies to individual patients based on specific biomarkers and molecular characteristics of their tumors. This collection aims to explore the investigation of predictive biomarkers, including tumor mutational burden (TMB), microsatellite instability (MSI), and immune cell profiling, for patient stratification and personalized treatment selection in the context of checkpoint immunotherapy. Immunotherapy has revolutionized cancer treatment by harnessing the immune system to target and eliminate cancer cells. However, response rates vary among patients, necessitating biomarkers that can accurately predict treatment outcomes and guide clinical decision-making. TMB, MSI, and immune cell profiling have emerged as promising biomarkers offering valuable insights into the tumor microenvironment and host immune response. We invite submissions of original research, reviews, and clinical trials exploring the utility of these biomarkers in checkpoint immunotherapy. Topics may include the predictive value of TMB and MSI in various cancer types, and the role of immune cell profiling techniques such as flow cytometry, single-cell RNA sequencing, and spatial transcriptomics, which will be examined for their ability to characterize the immune landscape of tumors and inform treatment decisions. and advances in computational modeling and machine learning algorithms for developing predictive signatures for immunotherapy response. Furthermore, this collection will highlight advances in computational modeling and machine learning algorithms for integrating multi-omics data and developing predictive signatures for immunotherapy response. By leveraging big data analytics and artificial intelligence, researchers aim to refine existing biomarker panels and identify novel predictive markers that enhance the precision and efficacy of checkpoint immunotherapy. This special collection seeks to provide a comprehensive resource for clinicians, researchers, and industry stakeholders invested in advancing personalized medicine approaches in checkpoint immunotherapy. Through collaborative efforts and interdisciplinary research endeavors, we aim to accelerate the translation of predictive biomarkers into clinical practice, ultimately improving outcomes for cancer patients worldwide. Topic Editor Prof. Aristotelis Chatziioannou is the founder and CEO of e-NIOS Applications PC. The other Topic Editors declare no competing interests with regard to the Research Topic subject.

Keywords : Precision oncology, Checkpoint immunotherapy, Cold Tumor, Immune Reponse Prediction, Predictive biomarkers, Tumor mutational burden (TMB), Microsatellite instability (MSI), Immune cell profiling, Biomarker stratification, Machine learning algorithms, Computational modelling, Multi-omics data, Data-driven interpretation

Important Note : All contributions to this Research Topic must be within the scope of the section and journal to which they are submitted, as defined in their mission statements. Frontiers reserves the right to guide an out-of-scope manuscript to a more suitable section or journal at any stage of peer review.

Topic Editors

Topic coordinators, submission deadlines, participating journals.

Manuscripts can be submitted to this Research Topic via the following journals:

total views

• Demographics

No records found

total views article views downloads topic views

Top countries

Top referring sites, about frontiers research topics.

With their unique mixes of varied contributions from Original Research to Review Articles, Research Topics unify the most influential researchers, the latest key findings and historical advances in a hot research area! Find out more on how to host your own Frontiers Research Topic or contribute to one as an author.

IOWA Research Park

Perspective Therapeutics to Present at the Society of Nuclear Medicine and Molecular Imaging (SNMMI) Annual Meeting 2024

SEATTLE, May 20, 2024 (GLOBE NEWSWIRE) -- Perspective Therapeutics, Inc. ("Perspective" or "the Company") (NYSE AMERICAN: CATX), a radiopharmaceutical company that is pioneering advanced treatment applications for cancers throughout the body, today announced the Company will present information pertaining to the Company's sponsored studies of its assets at the Society of Nuclear Medicine & Molecular Imaging ("SNMMI") Annual Meeting 2024, which is being held in Toronto, Canada, from June 8-11, 2024. The Company notes that results based on investigator-initiated use of its assets are also being presented.  

"We are greatly encouraged by the progress of our clinical and preclinical programs," said Thijs Spoor, CEO of Perspective. "The upcoming presentations at the SNMMI meeting will showcase our activities with VMT-α-NET and other promising therapies, underlining our commitment to advancing care for patients battling challenging tumor types."

[ 212 Pb]VMT-α-NET for the Treatment of Neuroendocrine Tumors The abstract describing Perspective's trial in progress of the Phase 1/2a dose escalation study (NCT05636618) in patients with unresectable or metastatic somatostatin receptor type 2 ("SSTR2")-positive neuroendocrine tumors ("NETs") who have not received prior peptide receptor radionuclide therapies ("PRRT") stated the trial's status as of January 15, 2024, consistent with the abstract submission deadline for the SNMMI conference. Updates on this trial as of March 7, 2024 were provided during the Company's investor update on March 18, 2024, accessible on the events page of the Company's website. This study, in conjunction with the Phase 0 imaging study (NCT05111509), would inform the recommended Phase 2 dose of [ 212 Pb]VMT-α-NET.

Perspective, in collaborating independent investigators, is evaluating dosimetry and the applicability of patient-specific dosing as determined by a target renal absorbed dose for [ 212 Pb]VMT-α-NET. An abstract reported pooled data from ten patients recruited in the Company's sponsored Phase 0 imaging study and an investigator sponsored absorbed dose escalation study. The investigator reported [ 212 Pb]VMT-α-NET was prescribed to three patients at individualized doses of 5.3, 7.9, and 13.3 mCi (cumulatively, delivered over two cycles) while targeting renal absorbed dose of 3.5Gy. Higher levels of targeted renal absorbed doses are in the protocol for subsequent cohorts of the investigator sponsored study.

The Company has been informed that updated results from the investigator initiated trial of [ 212 Pb]VMT-α-NET in India have been accepted for presentation by the SNMMI conference. The investigator enrolled adult patients with histologically confirmed NETs and metastatic medullary thyroid carcinomas. The investigator informed the Company that the update includes results from 12 patients at a later data cutoff date than previous presentations. The most recent prior public update by the investigator was during the 36 th Annual Congress of the European Association of Nuclear Medicine (EANM) in September 2023.

Preclinical Progress on Targeted Therapies for Melanoma and Tumor Environments

The Company will present preclinical data for [ 212 Pb]VMT01, a targeted α-particle radionuclide therapy (α-TRT) targeting the melanocortin 1 receptor ("MC1R"), used in combination with immune checkpoint inhibitors ("ICIs") in diverse murine melanoma models with high (B16-F10), mid (YUMM-D3) and low (YUMMwt) expressions of MC1R. These data provide a rationale for advancing the combination of [ 212 Pb]VMT01 and ICIs to clinical investigations. The ongoing Phase 1/2a study of [ 212 Pb]VMT01 is being amended to evaluate the safety and tolerability of Perspective's [ 212 Pb]VMT01 in combination with the ICI nivolumab in patients with histologically confirmed melanoma and MC1R-positive imaging scans.

The final presentation will introduce [ 203/212 Pb]-PSV-359, a novel cyclic peptide developed to target fibroblast activation protein alpha ("FAP"), a protein abundantly expressed by cancer-associated fibroblasts in tumor lesions and involved in promoting disease progression. [ 203/212 Pb]-PSV-359 has a proprietary targeting moiety designed by Perspective to optimize "theranostic" applications, representing a promising avenue for addressing FAP expressing cancers regardless of disease site.

About Perspective Therapeutics, Inc. Perspective Therapeutics, Inc., is a radiopharmaceutical development company that is pioneering advanced treatment applications for cancers throughout the body. The Company has proprietary technology that utilizes the alpha emitting isotope 212 Pb to deliver powerful radiation specifically to cancer cells via specialized targeting peptides. The Company is also developing complementary imaging diagnostics that incorporate the same targeting peptides, which provide the opportunity to personalize treatment and optimize patient outcomes. This "theranostic" approach enables the ability to see the specific tumor and then treat it to potentially improve efficacy and minimize toxicity.

The Company's melanoma (VMT01) and neuroendocrine tumor (VMT-α-NET) programs have entered Phase 1/2a imaging and therapy trials for the treatment of metastatic melanoma and neuroendocrine tumors at several leading academic institutions. The Company has also developed a proprietary 212 Pb generator to secure key isotopes for clinical trial and commercial operations.

For more information, please visit the Company's website at www.perspectivetherapeutics.com .

Safe Harbor Statement This press release contains forward-looking statements within the meaning of the United States Private Securities Litigation Reform Act of 1995. Statements in this press release that are not statements of historical fact are forward-looking statements. Words such as "may," "will," "should," "expect," "plan," "anticipate," "could," "intend," "target," "project," "estimate," "believe," "predict," "potential" or "continue" or the negative of these terms or other similar expressions are intended to identify forward-looking statements, though not all forward-looking statements contain these identifying words. Forward-looking statements in this press release include statements concerning, among other things, the Company's ability to pioneer advanced treatment applications for cancers throughout the body; the Company's expectation that its clinical and preclinical programs will continue to progress; the Company's belief that it will showcase its activities with VMT-α-Net and other promising therapies at the Society of Nuclear Medicine and Molecular Imaging meeting, underlining the Company's commitment to advancing care for patients battling challenging tumor types; the Company's belief that [ 203/212 Pb]-PSV-359, a novel cyclic peptide, has the ability to target fibroblast activation protein alpha, a protein abundantly expressed by cancer-associated fibroblasts in tumor lesions and involved in promoting disease progression; the Company's belief that it has designed a proprietary targeting moiety for [ 203/212 Pb]PSV359 to optimize "theranostic" applications, representing a promising avenue for addressing FAP expressing cancers regardless of disease site; the Company's prediction that complementary imaging diagnostics that incorporate certain targeting peptides provide the opportunity to personalize treatment and optimize patient outcomes; the Company's expectation that its "theranostic" approach enables the ability to see specific tumors and then treat it to potentially improve efficacy and minimize toxicity; the Company's ability to develop a proprietary 212 Pb generator to secure key isotopes for clinical trial and commercial operations; the Company's clinical development plans and the expected timing thereof; the expected timing for availability and release of data; expectations regarding the potential market opportunities for the Company's product candidates; the potential functionality, capabilities, and benefits of the Company's product candidates and the potential application of these product candidates for other disease indications; the Company's expectations, beliefs, intentions, and strategies regarding the future; the Company's intentions to improve important aspects of care in cancer treatment; and other statements that are not historical fact.

The Company may not actually achieve the plans, intentions or expectations disclosed in the forward-looking statements and you should not place undue reliance on the forward-looking statements. These forward-looking statements involve risks and uncertainties that could cause the Company's actual results to differ materially from the results described in or implied by the forward-looking statements, including, without limitation, the potential that regulatory authorities may not grant or may delay approval for the Company's product candidates; uncertainties and delays relating to the design, enrollment, completion, and results of clinical trials; unanticipated costs and expenses; pre-clinical and early clinical trials may not be indicative of the results in later clinical trials; clinical trial results may not support regulatory approval or further development in a specified indication or at all; actions or advice of regulatory authorities may affect the design, initiation, timing, continuation and/or progress of clinical trials or result in the need for additional clinical trials; the Company's ability to obtain and maintain regulatory approval for the Company's product candidates; delays, interruptions or failures in the manufacture and supply of the Company's product candidates; the size and growth potential of the markets for the Company's product candidates, and the Company's ability to service those markets; the Company's cash and cash equivalents may not be sufficient to support its operating plan for as long as anticipated; the Company's expectations, projections and estimates regarding expenses, future revenue, capital requirements, and the availability of and the need for additional financing; the Company's ability to obtain additional funding to support its clinical development programs; the availability or potential availability of alternative products or treatments for conditions targeted by the Company that could affect the availability or commercial potential of its product candidates; the ability of the Company to manage growth and successfully integrate its businesses; the Company's ability to maintain its key employees; sufficient training and use of the Company's products and product candidates; the market acceptance and recognition of the Company's products and product candidates; the Company's ability to maintain and enforce its intellectual property rights; the Company's ability to maintain its therapeutic isotope supply agreement with the Department of Energy; the Company's ability to continue to comply with the procedures and regulatory requirements mandated by the FDA for additional trials, Phase 1 and 2 approvals, Fast Track approvals, and 510(k) approval and reimbursement codes; and any changes in applicable laws and regulations. Other factors that may cause the Company's actual results to differ materially from those expressed or implied in the forward-looking statements in this press release are described under the heading "Risk Factors" in the Company's most recent Annual Report on Form 10-K and Quarterly Report on Form 10-Q filed with the Securities and Exchange Commission (the "SEC"), in the Company's other filings with the SEC, and in the Company's future reports to be filed with the SEC and available at www.sec.gov . Forward-looking statements contained in this news release are made as of this date. Unless required to do so by law, we undertake no obligation to publicly update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise.

Perspective Therapeutics IR: Annie Cheng [email protected]

Russo Partners, LLC Nic Johnson / Adanna G. Alexander, Ph.D.

[email protected]