The new service will expand Check Point’s comprehensive security services and enable organizations to build and enhance their cybersecurity practices and controls, demonstrating cyber resilience.

“Organizations of all sizes are struggling to monitor the growing threat landscape and adequately prevent cyberattacks. Our customers and partners reach out to us to support the build out of their cyber resilience strategy,”

said Sharon Schusheim, CIO and VP Technical Services at Check Point Software Technologies.

“Check Point Infinity Global Services provides a comprehensive, consolidated and collaborative security solution, in a simple to deploy format so organizations can go on the security offensive to prevent attacks before they happen”,

he continued.

A recent World Economic Forum survey found that 86% of business leaders believe there will be a “large-scale, catastrophic cyber event” in the next two years, but 34% of them say their teams lack cybersecurity skills. On average, organizations are subjected to more than 1,100 cyberattacks each week.

The complexity of managing SOC operations has only added to this challenge, making it difficult for companies to defend against cyber threats. Infinity Global Services provides comprehensive security offerings that help organizations prevent advanced threats, respond to widespread attacks, and improve their cybersecurity practices and controls.

The Infinity Global Services’ comprehensive end-to-end model delivers thirty proactive services across four main pillars:

– Assess: Strengthens an organization’s team expertise from security practitioner to CISO. Includes cyber and IoT risk assessments, hybrid cloud security blueprints and Zero Trust best practices.
– Optimize: Support for baking threat prevention into cyber defenses with SOC as a Service, Cyber Resilience as a Service, security development and optimization and managed cloud CSPM.
– Master: Optimizes an organization’s security and extends its team’s capabilities offering cloud security bootcamps, CISO training, cyber knowledge programs and workforce development.
– Respond: Increases response readiness with services designed to enhance incident response planning with compromise assessments, Penetration testing, managed detection and response and tabletop exercises.

Taiwan-based MediaTek supplies chips for Android handsets and “internet of things” products. Their silicon powers 37% of all smartphones and IoT devices, according to market research cited by Check Point Software.

The four vulnerabilities discovered by the cybersecurity firm affect some of MediaTek’s systems, which combine a central processing unit with additional computing modules. Those modules include an artificial intelligence accelerator and a digital signal processor that performs audio processing tasks.

The vulnerabilities affect the digital signal processor. Three of them are in the processor’s firmware, the low-level software that controls how a chip operates. The fourth security issue was found in the hardware abstraction layer. The hardware abstraction layer is a technology that is used by a device’s operating system, in this case, Android, to control the chip on which it runs.

According to Check Point Software, the vulnerabilities can be used by a malicious Android application to infect a MediaTek digital signal processor with malware users. Hackers can install the malware by causing the processor to generate a software flaw known as a heap overflow. In a heap overflow, parts of a processor’s memory that contain application data are overwritten with malicious code.

By themselves, the settings cannot cause a severe risk because they can’t be accessed by Android apps under normal conditions. But access is made possible by a separate set of problems affecting a piece of software that the digital signal processor uses to coordinate its work with other components.

Check Point Software has added the vulnerabilities to the CVE system that the cybersecurity community uses to track cybersecurity flaws.

The vulnerabilities are tracked as following: CVE-2021-0661, CVE-2021-0662, CVE-2021-0663 and CVE-2021-0673.