2024-11-12 - Security Ticks

Here’s what we know about the suspected Snowflake data extortionists

Here’s what we know about the suspected Snowflake data extortionists 2024-11-12 at 23:20 By Jessica Lyons A Canadian and an American living in Turkey ‘walk into’ cloud storage environments… Two men allegedly compromised what’s believed to be multiple organizations’ Snowflake-hosted cloud environments, stole sensitive data within, and extorted at least $2.5 million from at least […]

React to this headline:

Here’s what we know about the suspected Snowflake data extortionists Read More »

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

0-day, Active Directory, CVE, Don't miss, Hot stuff, Immersive Labs, Ivanti, Microsoft, Microsoft Defender, News, OpenSSL, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows, Windows Server / SecurityTicks

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) 2024-11-12 at 23:03 By Zeljka Zorz November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (CVE-2024-43451, CVE-2024-49039) CVE-2024-43451 is yet another

React to this headline:

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039) Read More »

Apple’s Vision Pro flop: Company scales back production of $3,500 VR headset amid lackluster sales, customer complaints

Uncategorized / SecurityTicks

Apple’s Vision Pro flop: Company scales back production of $3,500 VR headset amid lackluster sales, customer complaints 2024-11-12 at 22:46 By Alex Mitchell They didn’t see this coming. This article is an excerpt from Latest Technology News and Product Reviews | New York Post View Original Source React to this headline:

React to this headline:

Apple’s Vision Pro flop: Company scales back production of $3,500 VR headset amid lackluster sales, customer complaints Read More »

Canada passes new right to repair rules with the same old problem

Uncategorized / SecurityTicks

Canada passes new right to repair rules with the same old problem 2024-11-12 at 22:34 By Brandon Vigliarolo No mention of how to get the tools to bypass software locks means owner still legally beholden to OEMs Digital software locks have just become flimsier in Canada with the passage of a pair of laws allowing

React to this headline:

Canada passes new right to repair rules with the same old problem Read More »

X rivals Bluesky, Threads see influx of users after Trump election victory

Uncategorized / SecurityTicks

X rivals Bluesky, Threads see influx of users after Trump election victory 2024-11-12 at 21:47 By Ariel Zilber As of Tuesday, Threads was the top rated “free” app on Apple’s App Store. Bluesky was seventh on the list — ahead of Instagram, Facebook and X. This article is an excerpt from Latest Technology News and

React to this headline:

X rivals Bluesky, Threads see influx of users after Trump election victory Read More »

‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem

Uncategorized / SecurityTicks

‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem 2024-11-12 at 21:34 By Connor Jones Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others Retail giant Ahold Delhaize, which owns Food Lion and Stop & Shop, among others, is confirming outages at several of

React to this headline:

‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem Read More »

Verizon wobbles on the East Coast, outage cuts off night owls

Uncategorized / SecurityTicks

Verizon wobbles on the East Coast, outage cuts off night owls 2024-11-12 at 20:33 By Iain Thomson T-Mobile US and Comcast also stutter slightly The holiday weekend in the US ended badly for Verizon FiOS users on the East Coast after over 40,000 customers reported being forced offline.… This article is an excerpt from The

React to this headline:

Verizon wobbles on the East Coast, outage cuts off night owls Read More »

What might a second term of Trump mean for the US space program?

Uncategorized / SecurityTicks

What might a second term of Trump mean for the US space program? 2024-11-12 at 19:48 By Richard Speed Moon, Mars, and Mayhem? President-elect Donald Trump is set to return to the US White House. What does this mean for the US space program, NASA, and a return to the Moon?… This article is an

React to this headline:

What might a second term of Trump mean for the US space program? Read More »

Will Windows Insiders find Recall lurking under the Christmas tree?

Uncategorized / SecurityTicks

Will Windows Insiders find Recall lurking under the Christmas tree? 2024-11-12 at 18:45 By Richard Speed Satya Claus has something special for all the good little girls and boys Microsoft’s next deadline for shipping its controversial Recall technology to Windows Insiders is fast approaching. Following a privacy outcry and mushrooming conspiracy theories, will the service

React to this headline:

Will Windows Insiders find Recall lurking under the Christmas tree? Read More »

HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code

Uncategorized / SecurityTicks

HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code 2024-11-12 at 18:19 By Connor Jones ‘Once again, we’ve lost a little more faith in the internet,’ researcher says Researchers are publicizing a proof of concept (PoC) exploit for what they’re calling an unauthenticated remote code execution (RCE) vulnerability in Citrix’s Virtual

React to this headline:

HTTP your way into Citrix’s Virtual Apps and Desktops with fresh exploit code Read More »

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value

DFIR, Managed Detection and Response, News, Spotlights / SecurityTicks

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value 2024-11-12 at 17:20 By Eric Harmon I am thrilled to share some monumental news that marks a significant milestone in our journey of fortifying the cybersecurity landscape. Today, Trustwave is announcing a definitive merger agreement with Cybereason, a leader

React to this headline:

Trustwave and Cybereason Join Forces to Create a Leading Global MDR Provider, Offering Unmatched Cybersecurity Value Read More »

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Uncategorized / SecurityTicks

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration 2024-11-12 at 17:18 By Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows

React to this headline:

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration Read More »

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Uncategorized / SecurityTicks

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns 2024-11-12 at 17:18 By Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D’ Luffy) on

React to this headline:

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns Read More »

BlackFog platform enhancements boost data loss prevention

BlackFog, Industry news / SecurityTicks

BlackFog platform enhancements boost data loss prevention 2024-11-12 at 17:00 By Industry News BlackFog launched its next generation enterprise platform to deliver even more powerful ransomware and insider threat prevention. BlackFog’s pioneering platform focuses specifically on anti data exfiltration to prevent unauthorized data from leaving a device, ensuring that an organization’s most sensitive information is

React to this headline:

BlackFog platform enhancements boost data loss prevention Read More »

To kill memory safety bugs in C code, try the TrapC fork

Uncategorized / SecurityTicks

To kill memory safety bugs in C code, try the TrapC fork 2024-11-12 at 16:49 By Thomas Claburn Memory-safe variant is planned for next year Exclusive C and C++ programmers may not need to learn Rust after all to participate in the push for memory safety.… This article is an excerpt from The Register View

React to this headline:

To kill memory safety bugs in C code, try the TrapC fork Read More »

Akamai App Platform reduces the complexity associated with managing Kubernetes clusters

Akamai, Industry news / SecurityTicks

Akamai App Platform reduces the complexity associated with managing Kubernetes clusters 2024-11-12 at 16:31 By Industry News Akamai announced the Akamai App Platform, a ready-to-run solution that makes it easy to deploy, manage, and scale highly distributed applications. The Akamai App Platform is built on top of the cloud native Kubernetes technology Otomi, which Akamai

React to this headline:

Akamai App Platform reduces the complexity associated with managing Kubernetes clusters Read More »

Druva empowers businesses to secure data throughout Microsoft environments

Druva, Industry news / SecurityTicks

Druva empowers businesses to secure data throughout Microsoft environments 2024-11-12 at 16:04 By Industry News Druva announced support for Microsoft Dynamics 365 to help enterprises secure mission-critical data across Dynamics 365 Sales and Customer Service CRM modules. With support for Dynamics 365, Druva ensures customers can keep business-critical CRM data secure and maintain business operations

React to this headline:

Druva empowers businesses to secure data throughout Microsoft environments Read More »

HPE Aruba Access Points have Critical Command Injection Vulnerabilities

Vulnerabilities, vulnerability / SecurityTicks

HPE Aruba Access Points have Critical Command Injection Vulnerabilities 2024-11-12 at 15:49 By daksh sharma Overview Hewlett Packard Enterprise (HPE) Aruba Networking has identified multiple critical security vulnerabilities affecting its Access Points running Instant AOS-8 and AOS-10. The vulnerabilities, tracked under several CVEs including CVE-2024-42509 and CVE-2024-47460, could allow unauthenticated attackers to remotely execute commands

React to this headline:

HPE Aruba Access Points have Critical Command Injection Vulnerabilities Read More »

North Korean Hackers Target macOS Using Flutter-Embedded Malware

Uncategorized / SecurityTicks

North Korean Hackers Target macOS Using Flutter-Embedded Malware 2024-11-12 at 15:49 By Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs,

React to this headline:

North Korean Hackers Target macOS Using Flutter-Embedded Malware Read More »

Amazon confirms employee data exposed in leak linked to MOVEit vulnerability

Uncategorized / SecurityTicks

Amazon confirms employee data exposed in leak linked to MOVEit vulnerability 2024-11-12 at 15:33 By Laura Dobberstein Over 5 million records from 25 organizations posted to black hat forum Amazon employees’ data is part of a stolen trove posted to a cybercrime forum linked to last year’s MOVEit vulnerability.… This article is an excerpt from

React to this headline:

Amazon confirms employee data exposed in leak linked to MOVEit vulnerability Read More »

November 12, 2024