February, 2024 - Security Ticks

How a Managed Detection and Response Provider’s Global Footprint Helps Defend Against Cyber Threats

How a Managed Detection and Response Provider’s Global Footprint Helps Defend Against Cyber Threats 2024-02-07 at 15:01 By Cyber threats can originate from anywhere around the globe, so it only makes sense that services such as managed detection and response (MDR) to defend against these threats effectively require a managed security service provider (MSSP) with a global […]

React to this headline:

How a Managed Detection and Response Provider’s Global Footprint Helps Defend Against Cyber Threats Read More »

JetBrains urges swift patching of latest critical TeamCity flaw

Uncategorized / SecurityTicks

JetBrains urges swift patching of latest critical TeamCity flaw 2024-02-07 at 14:47 By Connor Jones Cloud version is safe, but no assurances offered about possible on-prem exploits JetBrains is encouraging all users of TeamCity (on-prem) to upgrade to the latest version following the disclosure of a critical vulnerability in the CI/CD tool.… This article is

React to this headline:

JetBrains urges swift patching of latest critical TeamCity flaw Read More »

The fight against commercial spyware misuse is heating up

Don't miss, Google, Government, Hot stuff, News, policy, report, spyware, USA / SecurityTicks

The fight against commercial spyware misuse is heating up 2024-02-07 at 14:46 By Zeljka Zorz Though there are organizations out there investigating how commercial spyware is misused to target journalists, human rights defenders and dissidents, the growing market related to the development and sale of this type of software and the exploits used to deploy

React to this headline:

The fight against commercial spyware misuse is heating up Read More »

DynaRisk Cyber Intelligence Data Lake enhances the accuracy of data breach predictions

DynaRisk, Industry news / SecurityTicks

DynaRisk Cyber Intelligence Data Lake enhances the accuracy of data breach predictions 2024-02-07 at 14:31 By Industry News DynaRisk launched Cyber Intelligence Data Lake. This major feature upgrade propels the company’s capabilities in preventing and predicting hacker activity. DynaRisk’s Cyber Intelligence Data Lake is a leap forward in the cyber risk management landscape, offering next-generation

React to this headline:

DynaRisk Cyber Intelligence Data Lake enhances the accuracy of data breach predictions Read More »

Bank boss has pay slashed after presiding over tech outages in 2023

Uncategorized / SecurityTicks

Bank boss has pay slashed after presiding over tech outages in 2023 2024-02-07 at 14:16 By Laura Dobberstein Singapore’s DBS wants accountability for digital dropouts Singapore banking group DBS has slashed its CEO’s variable pay by 30 percent as an accountability measure after digital disruptions hit the organization in 2023.… This article is an excerpt

React to this headline:

Bank boss has pay slashed after presiding over tech outages in 2023 Read More »

Cybersecurity M&A Roundup: 34 Deals Announced in January 2024

M&A, M&A Tracker / SecurityTicks

Cybersecurity M&A Roundup: 34 Deals Announced in January 2024 2024-02-07 at 14:16 By Eduard Kovacs Thirty-four cybersecurity-related merger and acquisition (M&A) deals were announced in January 2024. The post Cybersecurity M&A Roundup: 34 Deals Announced in January 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Cybersecurity M&A Roundup: 34 Deals Announced in January 2024 Read More »

Fortinet Patches Critical Vulnerabilities in FortiSIEM

Fortinet, Vulnerabilities / SecurityTicks

Fortinet Patches Critical Vulnerabilities in FortiSIEM 2024-02-07 at 14:16 By Ionut Arghire Two critical OS command injection flaws in FortiSIEM could allow remote attackers to execute arbitrary code. The post Fortinet Patches Critical Vulnerabilities in FortiSIEM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Fortinet Patches Critical Vulnerabilities in FortiSIEM Read More »

OneTrust launches Data Privacy Maturity Model

Industry news, OneTrust / SecurityTicks

OneTrust launches Data Privacy Maturity Model 2024-02-07 at 14:01 By Industry News OneTrust introduced Data Privacy Maturity Model. The model provides privacy, security, marketing, and data teams with the resources to transform their privacy programs from tactical compliance initiatives that mitigate risk, to strategic customer trust imperatives that unlock the value of data for AI

React to this headline:

OneTrust launches Data Privacy Maturity Model Read More »

HoRNDIS MacGyvers your Mac to get online with Androids

Uncategorized / SecurityTicks

HoRNDIS MacGyvers your Mac to get online with Androids 2024-02-07 at 13:17 By Liam Proven Apple makes this harder every macOS release, but there are ways nonetheless FOSS Fest These days, Macs will only talk to Apple phones to get online out of the box, but you can get around the restrictions if you’re determined

React to this headline:

HoRNDIS MacGyvers your Mac to get online with Androids Read More »

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos

Clipper, Cryptominer, Malware / SecurityTicks

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos 2024-02-07 at 13:17 By neetha871ad236bd Key Takeaways Overview CRIL has identified a malware campaign aimed at cryptocurrency users. In this campaign, Threat Actors (TA) employed deceptive websites masquerading as legitimate cryptocurrency applications. Notably, we encountered several phishing sites targeting users of

React to this headline:

Doppelganger Dilemma: New XPhase Clipper’s Proliferation via Deceptive Crypto Sites and Cloned YouTube Videos Read More »

Entrust in final talks to acquire Onfido

Entrust, Industry news, Onfido / SecurityTicks

Entrust in final talks to acquire Onfido 2024-02-07 at 13:17 By Industry News Entrust has entered into exclusive discussions to acquire Onfido. With this contemplated acquisition, Entrust would add a compliant AI/ML-based biometric and document IDV tech stack to its portfolio of identity solutions. Additionally, Entrust would have the opportunity to advance the use of

React to this headline:

Entrust in final talks to acquire Onfido Read More »

New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs

Uncategorized / SecurityTicks

New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs 2024-02-07 at 12:46 By 2024 will be the year of the vCISO. An incredible 45% of MSPs and MSSPs are planning to start offering vCISO services in 2024. As an MSP/MSSP providing vCISO services, you own the organization’s cybersecurity infrastructure and strategy. But you also need

React to this headline:

New Webinar: 5 Steps to vCISO Success for MSPs and MSSPs Read More »

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse

Uncategorized / SecurityTicks

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse 2024-02-07 at 12:46 By A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to curb the abuse of commercial spyware to commit human rights abuses.

React to this headline:

Global Coalition and Tech Giants Unite Against Commercial Spyware Abuse Read More »

UK government plans to spend over £100M on AI … but copyright code is held up

Uncategorized / SecurityTicks

UK government plans to spend over £100M on AI … but copyright code is held up 2024-02-07 at 12:31 By Richard Speed ‘Pro-innovation’ but perhaps not for the folks whose data was trained on The UK government is to spend over £100 million ($125 million) to support regulators and researchers as it publishes its response

React to this headline:

UK government plans to spend over £100M on AI … but copyright code is held up Read More »

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)

continuous integration, Don't miss, Hot stuff, JetBrains, News, security update, vulnerability / SecurityTicks

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) 2024-02-07 at 12:31 By Helga Labus JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917 could allow an unauthenticated threat actor with HTTP(S) access to a TeamCity server to bypass authentication controls and gain administrative

React to this headline:

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) Read More »

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Don't miss, exploit, Hot stuff, Ivanti, News, Shadowserver, vulnerability / SecurityTicks

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) 2024-02-07 at 12:16 By Zeljka Zorz CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted

React to this headline:

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) Read More »

How Neuraspace aims to clean up orbital clutter with AI

Uncategorized / SecurityTicks

How Neuraspace aims to clean up orbital clutter with AI 2024-02-07 at 11:46 By Richard Speed Can tech and regulations beat the great satellite landgrab? Interview Debris speeding along in orbit is becoming an increasing hazard for spacecraft. We can either ignore the problem and hope it resolves itself or accept there is an issue

React to this headline:

How Neuraspace aims to clean up orbital clutter with AI Read More »

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

Trend Micro Research : Cyber Threats, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Research / SecurityTicks

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks 2024-02-07 at 11:33 By In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution. This article is an excerpt from Trend Micro Research, News

React to this headline:

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks Read More »

The spyware business is booming despite government crackdowns

Uncategorized / SecurityTicks

The spyware business is booming despite government crackdowns 2024-02-07 at 10:47 By Jessica Lyons ‘Almost zero data being shared across the industry on this particular threat,’ we’re told The commercial spyware economy – despite government and big tech’s efforts to crack down – appears to be booming.… This article is an excerpt from The Register

React to this headline:

The spyware business is booming despite government crackdowns Read More »

Alaska Airlines’ door-dropping flight was missing bolts

Uncategorized / SecurityTicks

Alaska Airlines’ door-dropping flight was missing bolts 2024-02-07 at 09:48 By Thomas Claburn Preliminary investigation confirms pilot chat was overwritten but doesn’t mention attempts to recover data The door plug that fell out of Alaska Airlines flight 1282 last month wasn’t properly bolted into place, according to a preliminary investigation.… This article is an excerpt

React to this headline:

Alaska Airlines’ door-dropping flight was missing bolts Read More »

February 2024