Endpoint Security - Security Ticks

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking

ATM, Endpoint Security, Featured, Vulnerabilities, vulnerability / SecurityTicks

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking 14/08/2023 at 13:46 By Eduard Kovacs Several vulnerabilities discovered in Iagona ScrutisWeb ATM fleet monitoring software could be exploited to remotely hack ATMs. The post Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

Iagona ScrutisWeb Vulnerabilities Could Expose ATMs to Remote Hacking Read More »

Automated Security Control Assessment: When Self-Awareness Matters

ASCA, Endpoint Security / SecurityTicks

Automated Security Control Assessment: When Self-Awareness Matters 09/08/2023 at 15:17 By Torsten George Automated Security Control Assessment enhances security posture by verifying proper, consistent configurations of security controls, rather than merely confirming their existence. The post Automated Security Control Assessment: When Self-Awareness Matters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

Automated Security Control Assessment: When Self-Awareness Matters Read More »

Intel Addresses 80 Firmware, Software Vulnerabilities

Endpoint Security, Intel, patch, Patch Tuesday, Vulnerabilities / SecurityTicks

Intel Addresses 80 Firmware, Software Vulnerabilities 09/08/2023 at 15:17 By Eduard Kovacs Intel has addressed 80 vulnerabilities affecting its products, including 18 high-severity privilege escalation and DoS flaws. The post Intel Addresses 80 Firmware, Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Intel Addresses 80 Firmware, Software Vulnerabilities Read More »

New ‘Inception’ Side-Channel Attack Targets AMD Processors

Amd, CPU, Endpoint Security, Vulnerabilities / SecurityTicks

New ‘Inception’ Side-Channel Attack Targets AMD Processors 09/08/2023 at 12:17 By Eduard Kovacs Researchers have disclosed the details of a new side-channel attack targeting AMD CPUs named Inception. The post New ‘Inception’ Side-Channel Attack Targets AMD Processors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

New ‘Inception’ Side-Channel Attack Targets AMD Processors Read More »

Downfall: New Intel CPU Attack Exposing Sensitive Information

CPU, Endpoint Security, Featured, Intel, Vulnerabilities / SecurityTicks

Downfall: New Intel CPU Attack Exposing Sensitive Information 09/08/2023 at 09:32 By Eduard Kovacs Google researcher discloses the details of an Intel CPU attack method named Downfall that may be remotely exploitable. The post Downfall: New Intel CPU Attack Exposing Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

Downfall: New Intel CPU Attack Exposing Sensitive Information Read More »

The ransomware rollercoaster continues as criminals advance their business models

Black Hat USA 2023, CVE, cybercrime, cybersecurity, Endpoint Security, Fortinet, Malware, MITRE, News, Ransomware, report, survey / SecurityTicks

The ransomware rollercoaster continues as criminals advance their business models 09/08/2023 at 06:02 By Help Net Security Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to Fortinet. Ransomware detections 1H 2023 FortiGuard Labs has documented substantial

The ransomware rollercoaster continues as criminals advance their business models Read More »

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack

CPU, Endpoint Security, Featured, side-channel attack / SecurityTicks

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack 01/08/2023 at 20:15 By Eduard Kovacs A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU. The post Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack appeared first

Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack Read More »

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information

Endpoint Security, Vulnerabilities / SecurityTicks

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information 25/07/2023 at 15:48 By Eduard Kovacs AMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek. This article is

AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information Read More »

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices

AMI, BMC, Endpoint Security, Vulnerabilities / SecurityTicks

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices 20/07/2023 at 21:18 By Eduard Kovacs Two new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and

New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices Read More »

MOVEit: Testing the Limits of Supply Chain Security

Endpoint Security, MOVEit, Risk Management / SecurityTicks

MOVEit: Testing the Limits of Supply Chain Security 12/07/2023 at 14:54 By Torsten George The need for cyber resilience arises from the growing realization that traditional security measures are no longer enough to protect systems, data, and the network from compromise. The post MOVEit: Testing the Limits of Supply Chain Security appeared first on SecurityWeek.

MOVEit: Testing the Limits of Supply Chain Security Read More »

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals

certificates, China, cybercrime, driver, Endpoint Security / SecurityTicks

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals 12/07/2023 at 14:54 By Eduard Kovacs Microsoft has revoked signed drivers used for post-exploitation activity, in many cases by Chinese cybercriminals. The post Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Microsoft Revokes Many Signed Drivers Used by Chinese Cybercriminals Read More »

Is your browser betraying you? Emerging threats in 2023

Endpoint Security, Malware, News, Ransomware, report, social engineering, Threat Intelligence, threats, WatchGuard / SecurityTicks

Is your browser betraying you? Emerging threats in 2023 07/07/2023 at 07:02 By Help Net Security Network attacks (IPS detections) have remained relatively flat over the last three quarters, technically down a bit more than 3%, according to WatchGuard. “Organisations need to pay more active, ongoing attention to the existing security solutions and strategies their

Is your browser betraying you? Emerging threats in 2023 Read More »

Western Digital Blocks Unpatched Devices From Cloud Services

CVE-2022-36327, Endpoint Security, firmware, Vulnerabilities, Western Digital / SecurityTicks

Western Digital Blocks Unpatched Devices From Cloud Services 19/06/2023 at 18:08 By Ionut Arghire Western Digital is blocking access to its cloud services for devices running firmware versions impacted by a critical security vulnerability. The post Western Digital Blocks Unpatched Devices From Cloud Services appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Western Digital Blocks Unpatched Devices From Cloud Services Read More »

CISA, NSA Share Guidance on Hardening Baseboard Management Controllers

BMC, Endpoint Security, guidance / SecurityTicks

CISA, NSA Share Guidance on Hardening Baseboard Management Controllers 15/06/2023 at 21:40 By Ionut Arghire CISA and the NSA have published new guidance to help organizations harden baseboard management controllers (BMCs). The post CISA, NSA Share Guidance on Hardening Baseboard Management Controllers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

CISA, NSA Share Guidance on Hardening Baseboard Management Controllers Read More »

Top factors driving enterprise demand for new cybersecurity technology

Application Security, CCgroup, cybersecurity, Endpoint Security, News, report / SecurityTicks

Top factors driving enterprise demand for new cybersecurity technology 08/06/2023 at 06:31 By Help Net Security Despite prevailing economic headwinds, the market for cybersecurity products and services remains buoyant, according to CCgroup. The study found that 78% of enterprises in the U.S. and 58% in the UK have increased cybersecurity investment in the last year,

Top factors driving enterprise demand for new cybersecurity technology Read More »

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security

Endpoint Security, Security Architecture, SMB, Windows / SecurityTicks

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security 05/06/2023 at 16:47 By Ionut Arghire Microsoft is making SMB signing a default requirement in Windows 11 Enterprise editions, starting with insider preview build 25381. The post Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security appeared first on SecurityWeek.

Microsoft Makes SMB Signing Default Requirement in Windows 11 to Boost Security Read More »

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards

Endpoint Security, Vulnerabilities / SecurityTicks

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards 05/06/2023 at 14:39 By Ionut Arghire Gigabyte has announced BIOS updates that remove a recently identified backdoor feature in hundreds of its motherboards. The post Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards appeared first on SecurityWeek. This article is an excerpt from

Gigabyte Rolls Out BIOS Updates to Remove Backdoor From Motherboards Read More »

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

backdoor, Endpoint Security, Featured, Gigabyte, Malware & Threats / SecurityTicks

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards 31/05/2023 at 18:34 By Eduard Kovacs A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations. The post Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards appeared first on SecurityWeek. This article is an

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards Read More »