December, 2024 - Security Ticks

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection 2024-12-17 at 12:15 By Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. “Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks,” Morphisec researcher […]

React to this headline:

Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection Read More »

London’s Met Police seeks business services, ERP refresh in £370M deal

Uncategorized / SecurityTicks

London’s Met Police seeks business services, ERP refresh in £370M deal 2024-12-17 at 11:37 By Lindsay Clark Contract could be worth a cool £1 billion if associated organizations join The UK’s largest police force is scoping the market for business outsourcing, an ERP upgrade and support in a tender that could be worth £1 billion

React to this headline:

London’s Met Police seeks business services, ERP refresh in £370M deal Read More »

Arctic Wolf acquires BlackBerry’s Cylance endpoint security assets

Arctic Wolf Networks, BlackBerry, Industry news / SecurityTicks

Arctic Wolf acquires BlackBerry’s Cylance endpoint security assets 2024-12-17 at 11:15 By Industry News Arctic Wolf and BlackBerry announced they have entered into a definitive agreement for Arctic Wolf to acquire BlackBerry’s Cylance endpoint security assets. Cylance is the pioneer of AI-based endpoint protection trusted by thousands of organizations around the world. With this acquisition,

React to this headline:

Arctic Wolf acquires BlackBerry’s Cylance endpoint security assets Read More »

Kali Linux 2024.4 released! 14 new shiny tools added

Kali Linux, News, open source, penetration testing / SecurityTicks

Kali Linux 2024.4 released! 14 new shiny tools added 2024-12-17 at 11:15 By Help Net Security Kali Linux 2024.4 includes a broad set of updates and changes. The summary of the changelog since the 2024.3 release from September: Python 3.12 – New default Python version (Au revoir pip, hello pipx). The end of the i386

React to this headline:

Kali Linux 2024.4 released! 14 new shiny tools added Read More »

AWS now renting monster HPE servers, even in clusters of 7,680-vCPUs and 128TB

Uncategorized / SecurityTicks

AWS now renting monster HPE servers, even in clusters of 7,680-vCPUs and 128TB 2024-12-17 at 09:50 By Simon Sharwood Heir to Superdome goes cloudy for those who run large in-memory databases and apps that need them Amazon Web Services usually stays schtum about the exact disposition of the servers it rents in its Elastic Compute

React to this headline:

AWS now renting monster HPE servers, even in clusters of 7,680-vCPUs and 128TB Read More »

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

Uncategorized / SecurityTicks

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal 2024-12-17 at 09:19 By A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat actor that has been performing

React to this headline:

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal Read More »

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign

Uncategorized / SecurityTicks

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign 2024-12-17 at 09:19 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below – CVE-2024-20767 (CVSS score:

React to this headline:

CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign Read More »

VPN vs Firewall: What’s the Difference and Which One to Use

Uncategorized / SecurityTicks

VPN vs Firewall: What’s the Difference and Which One to Use 2024-12-17 at 08:30 View original post at vpnMentor A VPN and a firewall each protect your online security but in different ways. A VPN hides your IP address and encrypts your internet traffic, keeping your browsing private. In contrast, a firewall monitors and controls

React to this headline:

VPN vs Firewall: What’s the Difference and Which One to Use Read More »

BlackBerry offloads Cylance’s endpoint security products to Arctic Wolf

Uncategorized / SecurityTicks

BlackBerry offloads Cylance’s endpoint security products to Arctic Wolf 2024-12-17 at 08:15 By Simon Sharwood Fresh attempt to mix the perfect cocktail of IoT and Infosec BlackBerry’s ambition to mix infosec and the Internet of Things has been squeezed, after the Canadian firm announced it is offloading Cylance’s endpoint security products.… This article is an

React to this headline:

BlackBerry offloads Cylance’s endpoint security products to Arctic Wolf Read More »

Best practices for risk mitigation and mail threat detection

Uncategorized / SecurityTicks

Best practices for risk mitigation and mail threat detection 2024-12-17 at 08:03 By Ongoing geopolitical issues provide increasing motivation for all security professionals to adopt safeguards against mail-based threats This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Best practices for risk mitigation and mail threat detection Read More »

The shifting security landscape: 2025 predictions and challenges

Artificial Intelligence, Blancco Technology Group, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, predictions, quantum computing / SecurityTicks

The shifting security landscape: 2025 predictions and challenges 2024-12-17 at 07:33 By Help Net Security As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem. CISA’s plan calls for integrated cyber defense across borders, addressing the complex, global cybersecurity challenges that businesses, governments

React to this headline:

The shifting security landscape: 2025 predictions and challenges Read More »

27 DDoS-for-hire operations shut down by law enforcement

Uncategorized / SecurityTicks

27 DDoS-for-hire operations shut down by law enforcement 2024-12-17 at 07:18 By Law enforcement agencies across 15 countries have shut down 27 DDoS-for-hire operations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

27 DDoS-for-hire operations shut down by law enforcement Read More »

Balancing security and user experience to improve fraud prevention strategies

account protection, cybersecurity, Don't miss, Features, financial industry, fraud, Hot stuff, J.D. Power, News, opinion / SecurityTicks

Balancing security and user experience to improve fraud prevention strategies 2024-12-17 at 07:03 By Mirko Zorz In this Help Net Security interview, Jennifer White, Senior Director for Banking and Payments Intelligence at J.D. Power, discusses how financial institutions can improve customer satisfaction during fraud resolution, covering proactive fraud prevention, clear communication, and empathetic issue resolution.

React to this headline:

Balancing security and user experience to improve fraud prevention strategies Read More »

Australia moves to drop some cryptography by 2030 – before quantum carves it up

Uncategorized / SecurityTicks

Australia moves to drop some cryptography by 2030 – before quantum carves it up 2024-12-17 at 06:06 By Thomas Claburn The likes of SHA-256, RSA, ECDSA and ECDH won’t be welcome in just five years Australia’s chief cyber security agency has decided local orgs should stop using the tech that forms the current cryptographic foundation

React to this headline:

Australia moves to drop some cryptography by 2030 – before quantum carves it up Read More »

Cybersecurity jobs available right now: December 17, 2024

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: December 17, 2024 2024-12-17 at 06:06 By Anamarija Pogorelec CISO ONE Security | Israel | Hybrid – View job details As a CISO, you will be responsible for overseeing information security, cybersecurity, application security, and business continuity strategies. The role involves implementing and managing security measures and collaborating with internal

React to this headline:

Cybersecurity jobs available right now: December 17, 2024 Read More »

SoftBank pledges to pour $100B into US, create 100,000 jobs in Trump’s second term

Uncategorized / SecurityTicks

SoftBank pledges to pour $100B into US, create 100,000 jobs in Trump’s second term 2024-12-17 at 04:19 By Tobias Mann Details? Who needs ’em! But AI seems a likely focus SoftBank CEO Masayoshi Son revealed plans to invest $100 billion in the US and create a minimum of 100,000 jobs in the next four years.…

React to this headline:

SoftBank pledges to pour $100B into US, create 100,000 jobs in Trump’s second term Read More »

Link Trap: GenAI Prompt Injection Attack

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Artificial Intelligence (AI), Trend Micro Research : Cyber Threats, Trend Micro Research : Data center, Trend Micro Research : Endpoints, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Security Strategies / SecurityTicks

Link Trap: GenAI Prompt Injection Attack 2024-12-17 at 03:20 By Prompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected. This article is an excerpt from Trend Micro Research,

React to this headline:

Link Trap: GenAI Prompt Injection Attack Read More »

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of ) claims responsibility

Uncategorized / SecurityTicks

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of ) claims responsibility 2024-12-17 at 01:48 By Jessica Lyons But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October patch was circumvented, leading to widespread ransomware attacks

React to this headline:

Ransomware scum blow holes in Cleo software patches, Cl0p (sort of ) claims responsibility Read More »

TikTok turns to US Supreme Court in last-ditch bid to avert ban

Uncategorized / SecurityTicks

TikTok turns to US Supreme Court in last-ditch bid to avert ban 2024-12-16 at 23:34 By Reuters TokTok and ByteDance sought an injunction to halt the looming ban on the social media app used by about 170 million Americans while they appeal a lower court’s ruling that upheld the law. This article is an excerpt from Latest

React to this headline:

TikTok turns to US Supreme Court in last-ditch bid to avert ban Read More »

Computer Users Once Again Insist ‘123456’ and ‘password’ are the Pinnacle of Cybersecurity

Uncategorized / SecurityTicks

Computer Users Once Again Insist ‘123456’ and ‘password’ are the Pinnacle of Cybersecurity 2024-12-16 at 23:34 By … At least according to a recent report posted by the password manager firm NordPass. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Computer Users Once Again Insist ‘123456’ and ‘password’ are the Pinnacle of Cybersecurity Read More »

December 2024