June, 2023 - Security Ticks

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta 14/06/2023 at 15:00 By This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. This article […]

React to this headline:

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta Read More »

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates

Vulnerabilities / SecurityTicks

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates 14/06/2023 at 14:34 By Ionut Arghire SAP has released eight new security notes on June 2023 Security Patch Day, including two that address high-severity vulnerabilities. The post SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

SAP Patches High-Severity Vulnerabilities With June 2023 Security Updates Read More »

ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities

Uncategorized / SecurityTicks

ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities 14/06/2023 at 14:34 By Eduard Kovacs ICS Patch Tuesday: Siemens and Schneider Electric have published more than a dozen advisories addressing over 200 vulnerabilities. The post ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities appeared first on SecurityWeek. This article is an excerpt

React to this headline:

ICS Patch Tuesday: Siemens Addresses Over 180 Third-Party Component Vulnerabilities Read More »

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs

Uncategorized / SecurityTicks

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs 14/06/2023 at 14:34 By A new Golang-based information stealer called Skuld has compromised Windows systems across Europe, Southeast Asia, and the U.S. “This new malware strain tries to steal sensitive information from its victims,” Trellix researcher Ernesto Fernández Provecho said in a Tuesday analysis. “To accomplish this

React to this headline:

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs Read More »

Where from, Where to — The Evolution of Network Security

Uncategorized / SecurityTicks

Where from, Where to — The Evolution of Network Security 14/06/2023 at 14:34 By For the better part of the 90s and early aughts, the sysadmin handbook said, “Filter your incoming traffic, not everyone is nice out there” (later coined by Gandalf as “You shall not pass”). So CIOs started to supercharge their network fences

React to this headline:

Where from, Where to — The Evolution of Network Security Read More »

Switzerland under cyberattack

Data leak, data theft, DDoS, Don't miss, enterprise, Government, Hot stuff, News, Ransomware, Switzerland / SecurityTicks

Switzerland under cyberattack 14/06/2023 at 14:18 By Helga Labus Swiss government websites are under DDoS attacks, but several ransomware gangs have also turned their sights on Swiss government organizations, cantonal governments, cities and companies in the last few months. Government sites under DDoS attacks “Several Federal Administration websites are/were inaccessible on Monday 12 June 2023,

React to this headline:

Switzerland under cyberattack Read More »

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

Uncategorized / SecurityTicks

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits 14/06/2023 at 13:46 By At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be

React to this headline:

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits Read More »

Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin

Uncategorized / SecurityTicks

Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin 14/06/2023 at 11:49 By A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. The flaw, tracked as CVE-2023-34000, impacts versions 7.4.0 and below. It was addressed by the plugin maintainers in version 7.4.1,

React to this headline:

Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin Read More »

Zscaler unveils a set of security solutions designed to leverage the full potential of generative AI

Industry news, Zscaler / SecurityTicks

Zscaler unveils a set of security solutions designed to leverage the full potential of generative AI 14/06/2023 at 11:02 By Industry News Zscaler has unveiled a set of security solutions designed for IT and security teams to leverage the full potential of generative AI while preserving the safety of enterprises’ intellectual property and their customers’

React to this headline:

Zscaler unveils a set of security solutions designed to leverage the full potential of generative AI Read More »

Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software

Uncategorized / SecurityTicks

Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software 14/06/2023 at 11:02 By Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two

React to this headline:

Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software Read More »

Beyond MFA: 3 steps to improve security and reduce customer authentication friction

authentication, CISA, Don't miss, Expert analysis, Expert corner, F5 Networks, GDPR, Hot stuff, identity, identity verification, MFA, opinion, PCI DSS / SecurityTicks

Beyond MFA: 3 steps to improve security and reduce customer authentication friction 14/06/2023 at 07:42 By Help Net Security For many people, life’s fundamental activities are now conducted online. We do our banking and shopping online, turn to the digital realm for entertainment and to access medical records, and pursue our romantic interests via dating

React to this headline:

Beyond MFA: 3 steps to improve security and reduce customer authentication friction Read More »

Enhancing security team capabilities in tough economic times

CISO, cybersecurity, Don't miss, Hot stuff, strategy, tips, Video / SecurityTicks

Enhancing security team capabilities in tough economic times 14/06/2023 at 07:02 By Help Net Security According to ESG, 70% of cybersecurity pros expect budget cuts or freezes this year, which, in turn, will trigger project delays and greater vendor scrutiny. Understaffing and low budgets are ever-present challenges, but security teams are uniquely affected by alert

React to this headline:

Enhancing security team capabilities in tough economic times Read More »

Ignoring digital transformation is more dangerous than a recession

cyber resilience, cybersecurity, digital transformation, Insight, investment, News / SecurityTicks

Ignoring digital transformation is more dangerous than a recession 14/06/2023 at 07:02 By Help Net Security Business leaders worldwide understand they need to invest in digital transformation to meet a new innovation imperative, despite ongoing macroeconomic pressures and an increasingly uncertain, competitive business environment, according to Insight. The pandemic accelerated transformation in every industry as

React to this headline:

Ignoring digital transformation is more dangerous than a recession Read More »

IT providers become go-to for cybersecurity advice

attacks, BlackFog, data breach, Malware, MSP, News, Ransomware, report, SMBs / SecurityTicks

IT providers become go-to for cybersecurity advice 14/06/2023 at 06:31 By Help Net Security 61% of SMBs have been hit by a successful cyberattack in the last year, according to BlackFog. The research study, which examined the business impact of cybersecurity for organizations in the US and UK, also revealed the growing importance of engaging

React to this headline:

IT providers become go-to for cybersecurity advice Read More »

3 ways we’ve made the CIS Controls more automation-friendly

Center for Internet Security, News / SecurityTicks

3 ways we’ve made the CIS Controls more automation-friendly 14/06/2023 at 06:02 By Help Net Security Compliance obligations that support data privacy and cyber risk are nearly ubiquitous. Not only that, but they’re expanding. According to Gartner, government regulations covering these areas of emphasis will apply to five billion citizens and more than 70% of

React to this headline:

3 ways we’ve made the CIS Controls more automation-friendly Read More »

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange

Automox, Don't miss, Hot stuff, Microsoft Exchange, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows / SecurityTicks

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange 13/06/2023 at 21:48 By Zeljka Zorz For June 2023 Patch Tuesday, Microsoft has delivered 70 new patches but, for once, none of the fixed vulnerabilities are currently exploited by attackers nor were publicly known before today! Microsoft has previously fixed CVE-2023-3079, a type confusion

React to this headline:

June 2023 Patch Tuesday: Critical patches for Microsoft Windows, SharePoint, Exchange Read More »

Matt Hillary hired as VP, Security and CISO at Drata

Uncategorized / SecurityTicks

Matt Hillary hired as VP, Security and CISO at Drata 13/06/2023 at 21:48 By Matt Hillary has been hired as VP, Security and Chief Information Security Officer at Drata. Hillary brings more than 15 years of security experience. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to

React to this headline:

Matt Hillary hired as VP, Security and CISO at Drata Read More »

99% of organizations expect identity-related compromise this year

Uncategorized / SecurityTicks

99% of organizations expect identity-related compromise this year 13/06/2023 at 21:19 By Current economic conditions and technology development have shown a rise in identity-based cybersecurity exposure, according to a report by CyberArk. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

99% of organizations expect identity-related compromise this year Read More »

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks

CVE-2023-29363, CVE-2023-32014, CVE-2023-32015, Microsoft, Network Security, Patch Tuesday, Vulnerabilities / SecurityTicks

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks 13/06/2023 at 21:19 By Ryan Naraine Patch Tuesday: Microsoft ships updates to over at least 70 documented vulnerabilities affecting the Windows ecosystem. The post Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Microsoft Patches Critical Windows Vulns, Warn of Code Execution Risks Read More »