Israeli security firms Check Point, CyberArk in talks – report

Possible ‘Cyber Googleplex’ in the making, says paper


Israeli security firm Check Point is reportedly in preliminary talks with local rival CyberArk about a possible acquisition/merger.

Rumours of the courtship surfaced in Hebrew-language Israeli financial newspaper TheMarker on Wednesday, and lead to twitterings in some quarters that we were about to witness the birth of some sort Israeli "Cyber Googleplex”. Like that's a good thing.

CyberArk markets tech designed to prevent miscreants using insider privileges to attack enterprises, which might be thought of as a secondary layer of security defence.

Check Point sells a wide range of security technologies but is best known for its firewalls, historically the first line of enterprise security defences.

Deperimeterisation (protecting a company's data on multiple levels) and the BYOD trend have, of course, changed the role of firewalls, and Check Point has long diversified into VPNs, intrusion prevention and mobile security. The latter two were accomplished in large part via the acquisitions of NFR and Lacoon Mobile Security, respectively.

These earlier deals provide precedents. Check Point is sitting on a nest egg of $3.6bn in cash as of the third quarter 2015, Reuters reports, so it certainly has the financial wherewithal to pull off the deal. CyberArk's valuation has halved over the last six months and it’s currently capitalised at around $1.2bn.

A Check Point PR representative is yet to respond to El Reg’s request to comment. ®

Broader topics


Other stories you might like

  • To cut off all nearby phones with these Chinese chips, this is the bug to exploit
    Android patches incoming for NAS-ty memory overwrite flaw

    A critical flaw in the LTE firmware of the fourth-largest smartphone chip biz in the world could be exploited over the air to block people's communications and deny services.

    The vulnerability in the baseband – or radio modem – of UNISOC's chipset was found by folks at Check Point Research who were looking for ways the silicon could be used to remotely attack devices. It turns out the flaw doesn't just apply to lower-end smartphones but some smart TVs, too.

    Check Point found attackers could transmit a specially designed radio packet to a nearby device to crash the firmware, ending that equipment's cellular connectivity, at least, presumably until it's rebooted. This would be achieved by broadcasting non-access stratum (NAS) messages over the air that when picked up and processed by UNISOC's firmware would end in a heap memory overwrite.

    Continue reading
  • China-linked Twisted Panda caught spying on Russian defense R&D
    Because Beijing isn't above covert ops to accomplish its five-year goals

    Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

    The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop.

    In a technical analysis, the researchers detail the various malicious stages and payloads of the campaign that used sanctions-related phishing emails to attack Russian entities, which are part of the state-owned defense conglomerate Rostec Corporation.

    Continue reading
  • Flaw could have granted criminals control over Ever Surf crypto wallets
    Check Point uncovers web vulnerability that could have led to cryptocurrency theft

    A flaw detected in the browser version of the Ever Surf cryptocurrency wallet could have given hackers who exploited it full control over a targeted user's wallet, say threat hunters at Check Point Research.

    The security vulnerability made it possible for threat actors to decrypt the private keys and seed phrases found in the browser's local storage, opening the door to cracking the victim's wallet and accessing the cryptocurrency stored there, the researchers wrote in a blog post Monday.

    "As the browser's local storage is unprotected, the data stored there must be securely encrypted," they wrote. "Despite the fact that Surf uses reliable cryptographic libraries for the key derivation and the encryption, the sensitive data in the web version of Surf doesn't appear to have adequate protection."

    Continue reading

Biting the hand that feeds IT © 1998–2022