2024 - Security Ticks

Chrome 129 Patches High-Severity Vulnerability in V8 Engine

Chrome, Vulnerabilities, vulnerability / SecurityTicks

Chrome 129 Patches High-Severity Vulnerability in V8 Engine 2024-09-18 at 15:31 By Ionut Arghire Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine. The post Chrome 129 Patches High-Severity Vulnerability in V8 Engine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

Chrome 129 Patches High-Severity Vulnerability in V8 Engine Read More »

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach

AT&T, Compliance, Data Breaches, fcc, settlement / SecurityTicks

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach 2024-09-18 at 15:31 By Ionut Arghire AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach at a third-party vendor’s cloud environment. The post AT&T to Pay $13 Million in Settlement Over 2023 Data Breach appeared

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach Read More »

Ghost: Criminal communication platform compromised, dismantled by international law enforcement

arrest, Australia, crime, cybercrime, Don't miss, Encryption, Europol, Government, Hot stuff, law enforcement, News, secure communications, supply chain compromise / SecurityTicks

Ghost: Criminal communication platform compromised, dismantled by international law enforcement 2024-09-18 at 15:16 By Zeljka Zorz Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. “AFP Operation Kraken charged a NSW man, aged 32, for creating and administering Ghost, a dedicated

Ghost: Criminal communication platform compromised, dismantled by international law enforcement Read More »

Claims of hacked voter data aims to cause distrust in elections

Uncategorized / SecurityTicks

Claims of hacked voter data aims to cause distrust in elections 2024-09-18 at 15:16 By Claims of hacked voter data are intended to cause distrust in the election process, the FBI and CISA warn. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Claims of hacked voter data aims to cause distrust in elections Read More »

Open source maintainers underpaid, swamped by security, and going gray

Uncategorized / SecurityTicks

Open source maintainers underpaid, swamped by security, and going gray 2024-09-18 at 14:46 By Thomas Claburn AI-coded contributions? Most would rather skip the bot’s work The majority of open source project maintainers are not being paid for their work, spend three times as much time on security than they did three years ago, and have

Open source maintainers underpaid, swamped by security, and going gray Read More »

Why Pay A Pentester?

Uncategorized / SecurityTicks

Why Pay A Pentester? 2024-09-18 at 14:46 By The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine claimed victory. Fast forward to today, would we have imagined just

Why Pay A Pentester? Read More »

UK pensions department’s project to unite government ERP systems comes to £1.9B

Uncategorized / SecurityTicks

UK pensions department’s project to unite government ERP systems comes to £1.9B 2024-09-18 at 14:16 By Lindsay Clark Four branches attempt to streamline HR and business processes The UK’s Department for Work and Pensions (DWP) is leading a £958.7 million ($1.2 billion) search for a supplier to develop business processes for new ERP and HR

UK pensions department’s project to unite government ERP systems comes to £1.9B Read More »

Fivetran Hybrid Deployment keeps sensitive data within the customer’s environment

Fivetran, Industry news / SecurityTicks

Fivetran Hybrid Deployment keeps sensitive data within the customer’s environment 2024-09-18 at 14:01 By Industry News Fivetran announced Hybrid Deployment, a new solution that allows customers to securely run data pipelines within their own environment from the Fivetran managed platform, providing a single control plane to manage all data sources, whether they are cloud-based SaaS

Fivetran Hybrid Deployment keeps sensitive data within the customer’s environment Read More »

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

Uncategorized / SecurityTicks

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware 2024-09-18 at 14:01 By A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware Read More »

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Exploits & Vulnerabilities, Trend Micro Research : Network, Trend Micro Research : Research / SecurityTicks

Vulnerabilities in Cellular Packet Cores Part IV: Authentication 2024-09-18 at 13:46 By Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message to crash the control plane, leading to potential service outages. The second (ZDI-CAN-23960) disconnects and replaces attached base stations, disrupting network

Vulnerabilities in Cellular Packet Cores Part IV: Authentication Read More »

Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

Don't miss, Hot stuff, News / SecurityTicks

Critical VMware vCenter Server bugs fixed (CVE-2024-38812) 2024-09-18 at 13:46 By Zeljka Zorz Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to remote code execution (CVE-2024-38812) or privilege escalation (CVE-2024-38813). “Broadcom is not currently aware of exploitation ‘in

Critical VMware vCenter Server bugs fixed (CVE-2024-38812) Read More »

Cloud giants point the finger at each other during regulator hearings

Uncategorized / SecurityTicks

Cloud giants point the finger at each other during regulator hearings 2024-09-18 at 13:16 By Dan Robinson Those are some mighty powerful underdogs you’ve got there Google thinks Microsoft’s software licensing is impeding customer choice; Microsoft says AWS has “first mover” advantage; AWS also picks on Microsoft’s licensing – but all are against remedies being

Cloud giants point the finger at each other during regulator hearings Read More »

Russian Security Firm Doctor Web Hacked

antivirus, Data Breaches, Doctor Web, security company hacked / SecurityTicks

Russian Security Firm Doctor Web Hacked 2024-09-18 at 13:16 By Eduard Kovacs Antimalware company Doctor Web was recently targeted in a cyberattack that prompted it to disconnect all resources from its networks. The post Russian Security Firm Doctor Web Hacked appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Russian Security Firm Doctor Web Hacked Read More »

Rapid7 launches Vector Command for continuous red teaming and security gap identification

Industry news, Rapid7 / SecurityTicks

Rapid7 launches Vector Command for continuous red teaming and security gap identification 2024-09-18 at 13:01 By Industry News Rapid7 has unveiled Vector Command, a fully-managed offensive security service. Vector Command combines the external attack surface assessment capabilities of Rapid7’s recently launched Command Platform with continuous Red Teaming services by its internal experts to help customers

Rapid7 launches Vector Command for continuous red teaming and security gap identification Read More »

Despite Russia warnings, Western critical infrastructure remains unprepared

Uncategorized / SecurityTicks

Despite Russia warnings, Western critical infrastructure remains unprepared 2024-09-18 at 12:32 By Jessica Lyons ‘Lives will be lost’ as Moscow ramps up offensive cyber military units Feature As Russian special forces push more overtly into online operations, network defenders should be on the hunt for digital intruders looking to carry out cyberattacks that end in

Despite Russia warnings, Western critical infrastructure remains unprepared Read More »

PlainID introduces identity security for Zscaler

Industry news, PlainID, Zscaler / SecurityTicks

PlainID introduces identity security for Zscaler 2024-09-18 at 12:31 By Industry News PlainID announces the PlainID Authorizer for Zscaler, available via PlainID SaaS Authorization Management, centralizes policy management for Zscaler and SaaS applications and tools. Zscaler and other SASE (Secure Access Service Edge) solutions have made significant strides in integrating identity-aware controls into their authorization

PlainID introduces identity security for Zscaler Read More »

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Uncategorized / SecurityTicks

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing 2024-09-18 at 12:16 By Google has announced that it’s rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects against online threats. “With the newest version of Chrome, you

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing Read More »

Verimatrix XTD Network Monitoring provides real-time detection of malicious activities

Industry news, Verimatrix / SecurityTicks

Verimatrix XTD Network Monitoring provides real-time detection of malicious activities 2024-09-18 at 12:01 By Industry News Verimatrix intoduced its Verimatrix XTD Network Monitoring feature, expanding its suite of application cybersecurity solutions to combat evolving network-related threats. Verimatrix XTD has long been at the forefront of identifying and neutralizing mobile app cyberthreats. The new Verimatrix XTD

Verimatrix XTD Network Monitoring provides real-time detection of malicious activities Read More »

The case for handcrafted software in a mass-produced world

Uncategorized / SecurityTicks

The case for handcrafted software in a mass-produced world 2024-09-18 at 11:47 By Liam Proven As AI automates programming, it could be worth exploring the value of bespoke code Part 2 A thought experiment: If the computer business responds to commoditization and globalization like other manufacturing industries do, where does that leave programmers – and

The case for handcrafted software in a mass-produced world Read More »

Intezer raises $33 million to further develop its AI-based security operations solution

Industry news, Intezer / SecurityTicks

Intezer raises $33 million to further develop its AI-based security operations solution 2024-09-18 at 11:31 By Industry News Intezer announced that it has raised $33 million in Series C funding, bringing its total capital raised to $60 million. The funding round was led by Norwest Venture Partners, with participation from all existing investors, including Intel

Intezer raises $33 million to further develop its AI-based security operations solution Read More »