Don't miss - Security Ticks

Sumo Logic discloses potential breach via compromised AWS credential

AWS, credentials, data breach, Don't miss, Hot stuff, News, Sumo Logic / SecurityTicks

Sumo Logic discloses potential breach via compromised AWS credential 08/11/2023 at 14:49 By Helga Labus Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. The Sumo Logic incident “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security […]

React to this headline:

Sumo Logic discloses potential breach via compromised AWS credential Read More »

Marina Bay Sands breach exposed data of 665,000 customers

Asia, data breach, Don't miss, hospitality industry, News, Singapore / SecurityTicks

Marina Bay Sands breach exposed data of 665,000 customers 08/11/2023 at 12:31 By Helga Labus Singapore-based luxury resort and casino Marina Bay Sands has suffered a data breach that exposed data of 665,000 non-casino rewards program members. The Marina Bay Sands data breach “Marina Bay Sands became aware of a data security incident on 20

React to this headline:

Marina Bay Sands breach exposed data of 665,000 customers Read More »

The 3 key stages of ransomware attacks and useful indicators of compromise

attacks, cybersecurity, data, DNS, Don't miss, Email, Encryption, Expert analysis, Expert corner, Gurucul, hacker, Hot stuff, network, News, opinion, phishing, Ransomware, servers, SOC / SecurityTicks

The 3 key stages of ransomware attacks and useful indicators of compromise 08/11/2023 at 09:02 By Help Net Security For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. In this article, we

React to this headline:

The 3 key stages of ransomware attacks and useful indicators of compromise Read More »

Aqua Trivy open-source security scanner now finds Kubernetes security risks

Aqua Security, cybersecurity, Don't miss, GitHub, Kubernetes, News, scanning, software / SecurityTicks

Aqua Trivy open-source security scanner now finds Kubernetes security risks 08/11/2023 at 08:31 By Mirko Zorz The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua

React to this headline:

Aqua Trivy open-source security scanner now finds Kubernetes security risks Read More »

AI-assisted coding and its impact on developers

Artificial Intelligence, code, cybersecurity, Don't miss, Hot stuff, Pluralsight, resilience, skill development, software development, Video / SecurityTicks

AI-assisted coding and its impact on developers 08/11/2023 at 08:02 By Help Net Security The emergence of AI has put into question the roles of software developers everywhere. In this Help Net Security video, Cat Hicks, VP of Research Insights at Pluralsight, discusses pressing questions that engineering organizations face regarding the rapidly-changing possibilities of AI-assisted

React to this headline:

AI-assisted coding and its impact on developers Read More »

Uphold Linux systems’ performance and availability in Azure

Center for Internet Security, Don't miss, News / SecurityTicks

Uphold Linux systems’ performance and availability in Azure 08/11/2023 at 07:01 By Help Net Security Cloud computing carries many benefits for your business… as long as you can ensure the performance and availability of your cloud environments. Let’s take the following three cloud computing benefits as examples. Rapidly scale cloud services: In the absence of

React to this headline:

Uphold Linux systems’ performance and availability in Azure Read More »

Microsoft introduces new access policies in Entra to boost MFA usage

access management, Don't miss, enterprise, Hot stuff, identity protection, MFA, Microsoft, Microsoft Entra ID, News, policy / SecurityTicks

Microsoft introduces new access policies in Entra to boost MFA usage 07/11/2023 at 18:17 By Helga Labus As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to increase the use of multifactor authentication (MFA) for enterprise accounts. Microsoft Entra Conditional

React to this headline:

Microsoft introduces new access policies in Entra to boost MFA usage Read More »

Looney Tunables bug exploited for cryptojacking

Aqua Security, cloud computing, cryptojacking, Don't miss, exploit, Hot stuff, Linux, News, vulnerability / SecurityTicks

Looney Tunables bug exploited for cryptojacking 07/11/2023 at 12:46 By Helga Labus Kinsing threat actors have been spotted exploiting the recently disclosed Looney Tunables (CVE-2023-4911) vulnerability to covertly install cryptomining software into cloud-native environments. Kinsing (aka Money Libra) is a threat actor group that has been active since late 2021, targeting cloud-native environments and applications

React to this headline:

Looney Tunables bug exploited for cryptojacking Read More »

7 free cyber threat maps showing attack intensity and frequency

Arbor Networks, Bitdefender, Check Point, cybersecurity, Don't miss, Fortinet, Hot stuff, Netscout, News, Radware, Spamhaus / SecurityTicks

7 free cyber threat maps showing attack intensity and frequency 07/11/2023 at 09:03 By Help Net Security Cyber threat maps are one of the most visually engaging tools in the arsenal of cybersecurity professionals. These real-time visualizations provide a global perspective on digital threats, showcasing the intensity and frequency of attacks as they happen. This

React to this headline:

7 free cyber threat maps showing attack intensity and frequency Read More »

How AI is transforming consumer privacy expectations

Artificial Intelligence, Cisco, cybersecurity, data, Don't miss, Hot stuff, Privacy, Video / SecurityTicks

How AI is transforming consumer privacy expectations 07/11/2023 at 08:01 By Help Net Security Consumers are concerned about their privacy with AI. Cisco discovered that 60% had lost trust in organizations due to their AI use. In this Help Net Security video, Robert Waitman, Director of Cisco’s Privacy Center of Excellence, discusses consumers’ perceptions and

React to this headline:

How AI is transforming consumer privacy expectations Read More »

eBook: Keeping Active Directory out of hackers’ cross-hairs

Don't miss, Enzoic, News, Whitepapers and webinars / SecurityTicks

eBook: Keeping Active Directory out of hackers’ cross-hairs 07/11/2023 at 06:46 By Help Net Security Active Directory is a prime target for threat actors, and companies must act now to eliminate it as a threat vector permanently. Read the e-book to review: Active Directory (AD) and what it provides Threats and how to keep hackers

React to this headline:

eBook: Keeping Active Directory out of hackers’ cross-hairs Read More »

Okta breach post mortem reveals weaknesses exploited by attackers

1Password, account hijacking, BeyondTrust, Cloudflare, Don't miss, Hot stuff, Incident Response, News, Okta / SecurityTicks

Okta breach post mortem reveals weaknesses exploited by attackers 06/11/2023 at 17:18 By Zeljka Zorz The recent breach of the Okta Support system was carried out via a compromised service account with permissions to view and update customer support cases. “During our investigation into suspicious use of this account, Okta Security identified that an employee

React to this headline:

Okta breach post mortem reveals weaknesses exploited by attackers Read More »

Google Play will mark independently validated VPN apps

Android, Application Security, Don't miss, Google, Google Play, Hot stuff, mobile apps, News, VPN / SecurityTicks

Google Play will mark independently validated VPN apps 06/11/2023 at 13:49 By Helga Labus Android VPN apps that have gone through an independent security validation will now be able to claim that distinction on Google Play with a prominent badge in their Data Safety section. “We’ve launched this banner beginning with VPN apps due to

React to this headline:

Google Play will mark independently validated VPN apps Read More »

Atlassian Confluence data-wiping vulnerability exploited

Atlassian Confluence, Don't miss, GreyNoise, Hot stuff, News, PoC, Shadowserver / SecurityTicks

Atlassian Confluence data-wiping vulnerability exploited 06/11/2023 at 13:19 By Zeljka Zorz Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence installations. From security updates

React to this headline:

Atlassian Confluence data-wiping vulnerability exploited Read More »

How global password practices are changing

authentication, CISO, credentials, cybersecurity, Dashlane, Don't miss, MFA, News, password manager, passwords, report / SecurityTicks

How global password practices are changing 06/11/2023 at 09:33 By Help Net Security Password health and hygiene improved globally over the past year, reducing the risk of account takeover for consumers and businesses, according to Dashlane. Password reuse remains prevalent, however, leaving user accounts particularly vulnerable to password-spraying attacks if they’re not protected by strong

React to this headline:

How global password practices are changing Read More »

Exploring the global shift towards AI-specific legislation

Artificial Intelligence, cybersecurity, data, Don't miss, EU, Features, framework, GDPR, Government, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, Privacy, regulation, UK, USA / SecurityTicks

Exploring the global shift towards AI-specific legislation 06/11/2023 at 09:01 By Mirko Zorz In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce explores key principles, public participation, the future of AI laws in a world of rapid

React to this headline:

Exploring the global shift towards AI-specific legislation Read More »

Securing data at the intersection of the CISO and CDO

ALTR, CISO, cybersecurity, data, Don't miss, framework, Hot stuff, Risk Management, security practices, strategy, Video / SecurityTicks

Securing data at the intersection of the CISO and CDO 06/11/2023 at 08:34 By Help Net Security Two groups in particular play a key and critical role in ensuring data governance and security: the CISO and the CDO. CISOs are responsible for identifying and managing risks associated with data security, while CDOs are responsible for

React to this headline:

Securing data at the intersection of the CISO and CDO Read More »

KandyKorn macOS malware lobbed at blockchain engineers

Cryptocurrency, Don't miss, Elastic, Hot stuff, macOS, Malware, News, North Korea / SecurityTicks

KandyKorn macOS malware lobbed at blockchain engineers 03/11/2023 at 15:46 By Helga Labus North Korean hackers are using novel MacOS malware named KandyKorn to target blockchain engineers of a cryptocurrency exchange platform. The attack By impersonating blockchain engineering community members on Discord, the attackers used social engineering techniques to make victims download a malicious ZIP

React to this headline:

KandyKorn macOS malware lobbed at blockchain engineers Read More »

Microsoft launches new initiative to augment security

Application Security, Artificial Intelligence, cloud security, Don't miss, Hot stuff, identity protection, Microsoft, News, software development, strategy / SecurityTicks

Microsoft launches new initiative to augment security 03/11/2023 at 14:48 By Zeljka Zorz Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost the overall security of Microsoft’s products and its customers and users. A new Microsoft initiative focused on

React to this headline:

Microsoft launches new initiative to augment security Read More »

How cybercriminals adapt and thrive amidst changing consumer trends

cybercriminals, cybersecurity, Don't miss, email security, Hot stuff, threat, Video, VIPRE Security / SecurityTicks

How cybercriminals adapt and thrive amidst changing consumer trends 03/11/2023 at 08:36 By Help Net Security The email threat landscape is experiencing a profound transformation, adapting to new challenges and exploiting emerging vulnerabilities with speed and sophistication. In this Help Net Security video, Usman Choudhary, CPTO at VIPRE Security Group, discusses how cybercriminals modify their

React to this headline:

How cybercriminals adapt and thrive amidst changing consumer trends Read More »

Don’t miss