SecurityTicks - Security Ticks

Microsoft wants Activision so badly, it’s handing streaming rights over to … Ubisoft?

Microsoft wants Activision so badly, it’s handing streaming rights over to … Ubisoft? 22/08/2023 at 14:33 By Richard Currie All to appease the UK’s competition watchdog, the last hurdle to the deal Microsoft so desperately wants its $68.7 billion takeover of Activision Blizzard to happen that it’s willing to divest cloud streaming rights for the […]

React to this headline:

Microsoft wants Activision so badly, it’s handing streaming rights over to … Ubisoft? Read More »

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

China, Malware & Threats, supply chain, Supply Chain Security / SecurityTicks

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack 22/08/2023 at 14:33 By Ionut Arghire A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong. The post New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack appeared first

React to this headline:

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack Read More »

Grip Security Lands $41 Million Series B Financing

cloud security, Funding/M&A, Grip Security, identity, Identity & Access, venture capital / SecurityTicks

Grip Security Lands $41 Million Series B Financing 22/08/2023 at 14:33 By Ryan Naraine Israeli startup Grip Security has banked $41 million in new financing from a group of investors led by Third Point Ventures. The post Grip Security Lands $41 Million Series B Financing appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Grip Security Lands $41 Million Series B Financing Read More »

CISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report Finds

Uncategorized / SecurityTicks

CISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report Finds 22/08/2023 at 14:33 By A new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business leaders alike recognize SaaS cybersecurity as an increasingly important part of the cyber threat landscape. And at first glance, respondents appear

React to this headline:

CISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report Finds Read More »

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035)

0-day, enterprise, gateway, Ivanti, Mnemonic, News, security update / SecurityTicks

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035) 22/08/2023 at 13:48 By Zeljka Zorz Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we are only

React to this headline:

Ivanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035) Read More »

Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications

Cybersecurity Funding, funding, IAM, Identity & Access / SecurityTicks

Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications 22/08/2023 at 13:47 By Ionut Arghire Cerby has raised $17 million in Series A funding for its access management platform for applications not supported by identity providers. The post Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications appeared first on SecurityWeek.

React to this headline:

Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications Read More »

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability

ColdFusion, exploited, Featured, Malware & Threats, Vulnerabilities / SecurityTicks

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability 22/08/2023 at 13:47 By Eduard Kovacs CISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

CISA Warns of Another Exploited Adobe ColdFusion Vulnerability Read More »

ICANN warns UN may sideline tech community from future internet governance

Uncategorized / SecurityTicks

ICANN warns UN may sideline tech community from future internet governance 22/08/2023 at 13:16 By Simon Sharwood ‘We built this thing and now you don’t want to hear from us – WTF?’ is the gist of it The United Nations’ proposed Global Digital Compact will exclude technical experts as a distinct voice in internet governance,

React to this headline:

ICANN warns UN may sideline tech community from future internet governance Read More »

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

Uncategorized / SecurityTicks

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates 22/08/2023 at 13:16 By A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed

React to this headline:

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates Read More »

Seiko joins growing list of ALPHV/BlackCat ransomware victims

data breach, Don't miss, Hot stuff, News, Ransomware / SecurityTicks

Seiko joins growing list of ALPHV/BlackCat ransomware victims 22/08/2023 at 12:03 By Helga Labus Japanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August. The Seiko data breach The company published a data breach and response notice on August 10, 2023, stating that an

React to this headline:

Seiko joins growing list of ALPHV/BlackCat ransomware victims Read More »

Juniper Networks fixes flaws leading to RCE in firewalls and switches

Don't miss, firewall, Hot stuff, Juniper Networks, News, security update, vulnerability / SecurityTicks

Juniper Networks fixes flaws leading to RCE in firewalls and switches 22/08/2023 at 11:46 By Helga Labus Juniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers to achieve remote code execution (RCE) on the company’s SRX firewalls and EX switches. The fixed Junos OS

React to this headline:

Juniper Networks fixes flaws leading to RCE in firewalls and switches Read More »

Apple’s defense against apps vandalizing other apps still broken, developer claims

Uncategorized / SecurityTicks

Apple’s defense against apps vandalizing other apps still broken, developer claims 22/08/2023 at 11:32 By Thomas Claburn Cupertino appears to be blasé about long-standing macOS bug, so coder has blabbed Apple last year introduced a security feature called App Management that’s designed to prevent one application from modifying another without authorization under macOS Ventura –

React to this headline:

Apple’s defense against apps vandalizing other apps still broken, developer claims Read More »

New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App

Uncategorized / SecurityTicks

New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App 22/08/2023 at 10:32 By A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called “OfficeNote.” “The new version of XLoader is bundled inside a standard Apple disk image with the

React to this headline:

New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App Read More »

NASA still serious about astronauts living it up on Moon space station in 2028

Uncategorized / SecurityTicks

NASA still serious about astronauts living it up on Moon space station in 2028 22/08/2023 at 10:17 By Katyanna Quach Assuming the orbital hotel is even built by then The first group of astronauts to set foot into NASA’s Moon-orbiting Gateway space station will be the Artemis IV crew in 2028, if everything goes as

React to this headline:

NASA still serious about astronauts living it up on Moon space station in 2028 Read More »

Controversial Chinese drone maker DJI debuts a cargo carrier

Uncategorized / SecurityTicks

Controversial Chinese drone maker DJI debuts a cargo carrier 22/08/2023 at 09:47 By Laura Dobberstein For dropping stuff in remote locations. Just don’t mention the war in Ukraine, where DJI kit repeatedly appeared Chinese drone-maker DJI, the subject of US sanctions, has released its first consumer cargo carrying drone – the FlyCart 30.… This article

React to this headline:

Controversial Chinese drone maker DJI debuts a cargo carrier Read More »

Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software

Uncategorized / SecurityTicks

Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software 22/08/2023 at 08:01 By Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue

React to this headline:

Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software Read More »

North Korea’s neighbors issue warnings ahead of attempted ‘satellite’ launch

Uncategorized / SecurityTicks

North Korea’s neighbors issue warnings ahead of attempted ‘satellite’ launch 22/08/2023 at 07:47 By Simon Sharwood The last one splashed down badly, but this is no laughing matter – Japan’s PM thinks it could be a missile North Korea intends to launch another “satellite” in coming days, and its neighbors – and the world –

React to this headline:

North Korea’s neighbors issue warnings ahead of attempted ‘satellite’ launch Read More »

IT’s rising role in physical security technology

cloud adoption, collaboration, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, IoT, Motorola Solutions, opinion, physical security, policy, surveillance / SecurityTicks

IT’s rising role in physical security technology 22/08/2023 at 07:34 By Help Net Security As the adoption of cloud-based and mobile-access security systems continues to increase among both new and established businesses, the lines between traditional physical security personnel and IT staff are beginning to blur. Traditionally, the common approach towards organizational security has always

React to this headline:

IT’s rising role in physical security technology Read More »

Maintaining consistent security in diverse cloud infrastructures

CISO, Cloud, cloud computing, cloud security, cyber resilience, cybersecurity, DevOps, Don't miss, Features, Hot stuff, misconfiguration, Mitigant, monitoring, News, opinion, training / SecurityTicks

Maintaining consistent security in diverse cloud infrastructures 22/08/2023 at 07:01 By Mirko Zorz As cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge is the integration of DevOps practices, microservices, and container technologies, which, while fostering agility and scalability, introduce additional layers of complexity and

React to this headline:

Maintaining consistent security in diverse cloud infrastructures Read More »

Critical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog

Uncategorized / SecurityTicks

Critical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog 22/08/2023 at 07:01 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 (CVSS score: 9.8), relates to a deserialization flaw present in

React to this headline:

Critical Adobe ColdFusion Flaw Added to CISA’s Exploited Vulnerability Catalog Read More »