Don't miss - Security Ticks

US companies commit to safe, transparent AI development

Abnormal Security, Artificial Intelligence, Cado Security, Don't miss, generative AI, Government, Hot stuff, News, research, Risk Management, USA / SecurityTicks

US companies commit to safe, transparent AI development 24/07/2023 at 16:30 By Helga Labus Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move toward safe, secure, and transparent development of AI technology.” The commitments “Companies that are developing these emerging technologies have […]

React to this headline:

US companies commit to safe, transparent AI development Read More »

Average cost of a data breach reaches $4.45 million in 2023

Artificial Intelligence, CISO, cybersecurity, data, data breach, Don't miss, Hot stuff, IBM, News, Ransomware, report, survey / SecurityTicks

Average cost of a data breach reaches $4.45 million in 2023 24/07/2023 at 11:18 By Help Net Security IBM released its annual Cost of a Data Breach Report, showing the global average cost of a data breach reached $4.45 million in 2023 – an all-time high for the report and a 15% increase over the

React to this headline:

Average cost of a data breach reaches $4.45 million in 2023 Read More »

Bridging the cybersecurity skills gap through cyber range training

attacks, Cloud Range, critical infrastructure, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, SOC, threats, training / SecurityTicks

Bridging the cybersecurity skills gap through cyber range training 24/07/2023 at 07:31 By Mirko Zorz In this Help Net Security interview, Debbie Gordon, CEO of Cloud Range explains the concept of a cyber range, its crucial role in preparing for real-world cyber threats, and the importance of realism in cyber training scenarios. Gordon also discusses

React to this headline:

Bridging the cybersecurity skills gap through cyber range training Read More »

Strengthening the weakest links in the digital supply chain

CISO, cybersecurity, Don't miss, Hot stuff, how-to, strategy, supply chain, tips, Video / SecurityTicks

Strengthening the weakest links in the digital supply chain 24/07/2023 at 07:05 By Help Net Security In this Help Net Security video, Marc Gaffan, CEO at IONIX, discusses how businesses’ biggest cybersecurity mistake is not protecting the full external attack surface that continues to expand to include a businesses’ entire digital supply chain. This is

React to this headline:

Strengthening the weakest links in the digital supply chain Read More »

North Korean hackers targeted tech companies through JumpCloud and GitHub

APT, CrowdStrike, Don't miss, GitHub, government-backed attacks, Hot stuff, JumpCloud, Mandiant, News, North Korea, social engineering, spear-phishing / SecurityTicks

North Korean hackers targeted tech companies through JumpCloud and GitHub 21/07/2023 at 16:03 By Helga Labus North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech employees on GitHub through a social engineering campaign. The JumpCloud intrusion On June 27, JumpCloud

React to this headline:

North Korean hackers targeted tech companies through JumpCloud and GitHub Read More »

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News / SecurityTicks

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this

React to this headline:

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

How healthcare organizations should measure their device security success

CISO, cybersecurity, Don't miss, healthcare, Hot stuff, security ROI, strategy, Video / SecurityTicks

How healthcare organizations should measure their device security success 21/07/2023 at 07:04 By Help Net Security In this Help Net Security video, Chris Westphal, Head of Product Marketing at Ordr, discusses how healthcare organizations should measure their device security success and where they should be concentrating their future security investments. The post How healthcare organizations

React to this headline:

How healthcare organizations should measure their device security success Read More »

CISOs are making cybersecurity a business problem

cyber resilience, cybersecurity, data breach, Don't miss, investment, ISG, News, report, risk assessment, threats, zero trust / SecurityTicks

CISOs are making cybersecurity a business problem 21/07/2023 at 06:02 By Help Net Security U.S. enterprises are responding to growing cybersecurity threats by working to make the best use of tools and services to ensure business resilience, according to ISG. Enterprises face growing cybersecurity threats The report for the U.S. finds that the U.S. security

React to this headline:

CISOs are making cybersecurity a business problem Read More »

Microsoft Exchange servers compromised by Turla APT

APT, backdoor, cyber espionage, data theft, Don't miss, Hot stuff, Microsoft, News, Ukraine / SecurityTicks

Microsoft Exchange servers compromised by Turla APT 20/07/2023 at 15:17 By Helga Labus Turla has been targeting defense sector organizations in Ukraine and Eastern Europe with DeliveryCheck and Kazuar backdoors / infostealers and has been using compromised Microsoft Exchange servers to control them. Turla APT Turla (aka Secret Blizzard, Snake, UAC-0003) is a sophisticated and

React to this headline:

Microsoft Exchange servers compromised by Turla APT Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News / SecurityTicks

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

Why data travel is healthcare’s next big cybersecurity challenge

ClearDATA, Cloud, cybersecurity, data management, digital transformation, Don't miss, Encryption, Expert analysis, Expert corner, healthcare, Hot stuff, opinion / SecurityTicks

Why data travel is healthcare’s next big cybersecurity challenge 20/07/2023 at 08:02 By Help Net Security Do you know where your patients’ data lives once it’s in the cloud? Unfortunately, for many healthcare organizations, the answer is no – or, at least, it’s not a definitive yes. Knowing how (or where) data is used, shared

React to this headline:

Why data travel is healthcare’s next big cybersecurity challenge Read More »

A fresh look at the current state of financial fraud

cybercrime, cybersecurity, Don't miss, financial industry, fraud, Hot stuff, strategy, tips, Video / SecurityTicks

A fresh look at the current state of financial fraud 20/07/2023 at 07:02 By Help Net Security In this Help Net Security video, Greg Woolf, CEO at FiVerity, discusses how the emergence of sophisticated fraud tools powered by AI and recent upheavals in the banking sector have forged an ideal environment for financial fraud. This

React to this headline:

A fresh look at the current state of financial fraud Read More »

Cybersecurity measures SMBs should implement

cyberattack, Don't miss, Hot stuff, News, security awareness, security controls, SMBs / SecurityTicks

Cybersecurity measures SMBs should implement 19/07/2023 at 13:33 By Helga Labus Small and medium-sized businesses (SMBs) are targeted by cyberattackers as much as large companies, the 2023 Verizon Data Breach Investigations Report (DBIR) has revealed; here are some cybersecurity controls they should prioritize. Company size does not matter to cyber attackers SMBs often underestimate their

React to this headline:

Cybersecurity measures SMBs should implement Read More »

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)

0-day, Citrix, Don't miss, Hot stuff, News, security update, vulnerability / SecurityTicks

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519) 19/07/2023 at 12:34 By Helga Labus Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is a zero-day being exploited by attackers. A zero-day patched (CVE-2023-3519) CVE-2023-3519 is a remote

React to this headline:

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519) Read More »

Trends in ransomware-as-a-service and cryptocurrency to monitor

Cryptocurrency, cybercrime, cybersecurity, data breach, Don't miss, Expert analysis, Expert corner, Hot stuff, opinion, Ransomware, WatchGuard / SecurityTicks

Trends in ransomware-as-a-service and cryptocurrency to monitor 19/07/2023 at 08:02 By Help Net Security In January, law enforcement officials disrupted the operations of the Hive cybercriminal group, which profited off a ransomware-as-a-service (RaaS) business model. Hive is widely believed to be affiliated with the Conti ransomware group, joining a list of other groups associated with

React to this headline:

Trends in ransomware-as-a-service and cryptocurrency to monitor Read More »

Using AI/ML to optimize your tech stack and enhance business efficiency

Artificial Intelligence, CIO, digital transformation, Don't miss, Features, Hot stuff, how-to, Lenovo, machine learning, News, opinion, regulation, strategy, tips / SecurityTicks

Using AI/ML to optimize your tech stack and enhance business efficiency 19/07/2023 at 07:32 By Mirko Zorz In this Help Net Security interview, Arthur Hu, SVP, Global CIO and Services & Solutions Group CTO at Lenovo, discusses how AI/ML is optimizing tech stacks, the hurdles anticipated in its integration, the role of AI in enterprise

React to this headline:

Using AI/ML to optimize your tech stack and enhance business efficiency Read More »

What to do (and what not to do) after a data breach

CISO, cybersecurity, data breach, Don't miss, Hot stuff, how-to, strategy, tips, Video / SecurityTicks

What to do (and what not to do) after a data breach 19/07/2023 at 07:02 By Help Net Security Data breaches have been hitting the headlines left and right. Every time a breach occurs, the impacted organization’s response differs from the last. In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead at

React to this headline:

What to do (and what not to do) after a data breach Read More »

Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)

0-day, Adobe, Adobe ColdFusion, Don't miss, exploit, Hot stuff, News, Project Discovery, Rapid7, security update, vulnerability / SecurityTicks

Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203) 18/07/2023 at 17:17 By Zeljka Zorz Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers. Flaws with incomplete fixes On July 11, 2023,

React to this headline:

Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203) Read More »

VirusTotal leaked data of 5,600 registered users

Data leak, Don't miss, enterprise, Google, Government, Hot stuff, News, social engineering, spear-phishing, user data, VirusTotal / SecurityTicks

VirusTotal leaked data of 5,600 registered users 18/07/2023 at 15:47 By Helga Labus VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about employees of US and German intelligence agencies (among others). VirusTotal data leak exposed exploitable information Google-owned

React to this headline:

VirusTotal leaked data of 5,600 registered users Read More »

12 open-source penetration testing tools you might not know about

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, Red Siege, software / SecurityTicks

12 open-source penetration testing tools you might not know about 18/07/2023 at 07:34 By Mirko Zorz Red Siege has developed and made available many open-source tools to help with your penetration testing work. The company plans to continue to support the tools listed below, whether in the form of bug fixes or new features. Give

React to this headline:

12 open-source penetration testing tools you might not know about Read More »

Don’t miss