2024 - Security Ticks

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals 2024-10-02 at 18:31 By A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job applicant lures. “A sophisticated spear-phishing lure tricked a recruitment officer into downloading […]

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals Read More »

Satellite phones are coming, but users not happy to pay much extra for the capability

Uncategorized / SecurityTicks

Satellite phones are coming, but users not happy to pay much extra for the capability 2024-10-02 at 18:16 By Dan Robinson Has someone told all the direct-to-cell investors? Two out of five mobile phone subscribers are unwilling to pay any extra for direct-to-cell satellite services, which may give operators pause for thought as they continue

Satellite phones are coming, but users not happy to pay much extra for the capability Read More »

Microsoft throws in the towel on HoloLens 2

Uncategorized / SecurityTicks

Microsoft throws in the towel on HoloLens 2 2024-10-02 at 17:46 By Richard Speed Five years of mixed reality – now just mixed feelings Microsoft has axed its HoloLens 2 mixed reality headset and there won’t be a hardware replacement, The Register can confirm.… This article is an excerpt from The Register View Original Source

Microsoft throws in the towel on HoloLens 2 Read More »

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities

Uncategorized / SecurityTicks

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities 2024-10-02 at 17:16 By A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. “These vulnerabilities could enable attackers to take control of a router

Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities Read More »

Two years after entering the graphics card game, Intel has nothing to show for it

Uncategorized / SecurityTicks

Two years after entering the graphics card game, Intel has nothing to show for it 2024-10-02 at 17:01 By Gavin Bonshor Chipzilla’s AIB market share a rounding error compared to Nvidia, AMD Comment Add-in board (AIB) market share figures for Q2 2024 are out and despite an uptick in overall sector shipments, relatively recent entrant

Two years after entering the graphics card game, Intel has nothing to show for it Read More »

Trustwave’s 7-Step Guide to Building a Healthcare-Focused Cybersecurity Framework

Database Protection, DFIR, Managed Detection and Response, Managed Security Services, penetration testing, Tips & Tricks / SecurityTicks

Trustwave’s 7-Step Guide to Building a Healthcare-Focused Cybersecurity Framework 2024-10-02 at 17:01 By Healthcare organizations face increasing challenges in safeguarding patient data. This article is an excerpt from Trustwave Blog View Original Source

Trustwave’s 7-Step Guide to Building a Healthcare-Focused Cybersecurity Framework Read More »

Venafi helps organizations solve more machine identity security problems

Industry news, Venafi / SecurityTicks

Venafi helps organizations solve more machine identity security problems 2024-10-02 at 17:01 By Industry News Venafi introduced new product capabilities in its Control Plane for Machine Identities. This latest version of the Venafi Control Plane will enable security and platform teams to address the most critical machine identity security challenges and help future-proof their organizations,

Venafi helps organizations solve more machine identity security problems Read More »

MITRE Adds Mitigations to EMB3D Threat Model

ICS, ICS/OT, MITRE / SecurityTicks

MITRE Adds Mitigations to EMB3D Threat Model 2024-10-02 at 17:01 By Ionut Arghire MITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices. The post MITRE Adds Mitigations to EMB3D Threat Model appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

MITRE Adds Mitigations to EMB3D Threat Model Read More »

US, Allies Release Guidance on Securing OT Environments

CISA, Government, guidance, ICS, ICS/OT / SecurityTicks

US, Allies Release Guidance on Securing OT Environments 2024-10-02 at 17:01 By Ionut Arghire New guidance provides information on how to create and maintain a secure operational technology (OT) environment. The post US, Allies Release Guidance on Securing OT Environments appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

US, Allies Release Guidance on Securing OT Environments Read More »

Metomic Data Classification automates complex data management workflows

Industry news, Metomic / SecurityTicks

Metomic Data Classification automates complex data management workflows 2024-10-02 at 16:46 By Industry News Metomic released its Data Classification solution, making it possible to discover, classify and secure sensitive data at scale across Google Workspaces. Metomic’s latest innovation is an AI-powered tool that automates complex data management workflows, enabling IT and security teams to maintain

Metomic Data Classification automates complex data management workflows Read More »

PlexTrac unveils new capabilities to prioritize proactive security remediation

Industry news, PlexTrac / SecurityTicks

PlexTrac unveils new capabilities to prioritize proactive security remediation 2024-10-02 at 16:31 By Industry News PlexTrac announced significant enhancements to its platform. These updates are designed to help enterprises and security service providers harness proactive security by offering business context, automating risk scoring to focus on what matters most, streamlining remediation workflows with event-driven interoperability,

PlexTrac unveils new capabilities to prioritize proactive security remediation Read More »

Concentric AI helps monitor and remediate risky Copilot activity

Concentric AI, Industry news / SecurityTicks

Concentric AI helps monitor and remediate risky Copilot activity 2024-10-02 at 16:16 By Industry News Concentric AI announced an AI-based DSPM functionality that identifies data access and activity risk from Copilot requests. With this launch, enterprises can now for leverage AI-driven DSPM to track, monitor and seamlessly enforce access governance around Copilot activity and abnormal

Concentric AI helps monitor and remediate risky Copilot activity Read More »

Harmonic Security raises $17.5 million to improve data security for organizations

Harmonic, Industry news / SecurityTicks

Harmonic Security raises $17.5 million to improve data security for organizations 2024-10-02 at 16:01 By Industry News Harmonic Security has secured $17.5 million in Series A funding to bring its “zero-touch data protection” capabilities to enterprises. Total funding has now reached more than $26 million since the company launched in October last year with enterprise

Harmonic Security raises $17.5 million to improve data security for organizations Read More »

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit

Uncategorized / SecurityTicks

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit 2024-10-02 at 16:01 By Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction

Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit Read More »

NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great

Uncategorized / SecurityTicks

NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great 2024-10-02 at 15:46 By Jessica Lyons Logjam ‘hurting infosec processes world over’ one expert tells us as US body blows its own Sept deadline NIST has made some progress clearing its backlog of security vulnerability reports to process – though it’s not quite

NIST’s security flaw database still backlogged with 17K+ unprocessed bugs. Not great Read More »

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

Malware & Threats, PyPI, Python / SecurityTicks

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI 2024-10-02 at 15:46 By Ionut Arghire Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI. The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI Read More »

Harmonic Raises $17.5M to Defend Against AI Data Harvesting

AI Automation, Artificial Intelligence, Funding/M&A, Harmonic, LLMs, Next47, Ten Eleven Ventures / SecurityTicks

Harmonic Raises $17.5M to Defend Against AI Data Harvesting 2024-10-02 at 15:46 By Ryan Naraine Harmonic has raised a total of $26 million to develop a new approach to data protection using pre-trained, specialized language models. The post Harmonic Raises $17.5M to Defend Against AI Data Harvesting appeared first on SecurityWeek. This article is an

Harmonic Raises $17.5M to Defend Against AI Data Harvesting Read More »

Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps

Cloudflare, DDoS, DDoS record, Featured, Network Security / SecurityTicks

Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps 2024-10-02 at 15:46 By Eduard Kovacs Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps. The post Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps Read More »

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks

Vulnerabilities / SecurityTicks

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks 2024-10-02 at 15:46 By Eduard Kovacs Over 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai. The post After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks appeared first on SecurityWeek. This article

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks Read More »

Security leaders discuss INC ransomware attacks targeting healthcare

Uncategorized / SecurityTicks

Security leaders discuss INC ransomware attacks targeting healthcare 2024-10-02 at 15:16 By Ransomware group Vanilla Tempest, formerly known as DEV-0832, is reportedly targeting healthcare providers in the United States. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Security leaders discuss INC ransomware attacks targeting healthcare Read More »