enterprise - Security Ticks

44% of the zero-days exploited in 2024 were in enterprise solutions

0-day, cyber espionage, Don't miss, enterprise, exploit, Google, government-backed attacks, Hot stuff, News, report, spyware, tips, trends / SecurityTicks

44% of the zero-days exploited in 2024 were in enterprise solutions 2025-04-29 at 21:18 By Zeljka Zorz In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of attacks. Of these, 33 vulnerabilities (44%) affected enterprise solutions, which is up […]

React to this headline:

44% of the zero-days exploited in 2024 were in enterprise solutions Read More »

What’s worth automating in cyber hygiene, and what’s not

1Password, authentication, automation, BitSight, CISO, credentials, cyber hygiene, cybersecurity, Don't miss, enterprise, Features, Hot stuff, News, passwords, patching, strategy, Swimlane, tips / SecurityTicks

What’s worth automating in cyber hygiene, and what’s not 2025-04-29 at 09:05 By Mirko Zorz Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. Teams are scattered. Some machines haven’t been rebooted in months. Automation can help. But

React to this headline:

What’s worth automating in cyber hygiene, and what’s not Read More »

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)

Don't miss, enterprise, Government, Hot stuff, News, Onapsis, ReliaQuest, SAP / SecurityTicks

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) 2025-04-28 at 13:00 By Zeljka Zorz CVE-2025-31324, a critical vulnerability in the SAP NetWeaver platform, is being actively exploited by attackers to upload malicious webshells to enable unauthorized file uploads and code execution. The vulnerability was initially leveraged in zero-day attacks spotted by ReliaQuest

React to this headline:

Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324) Read More »

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

0patch, APT, Check Point, Don't miss, enterprise, exploit, Government, HarfangLab, Hot stuff, News, phishing, vulnerability, Windows / SecurityTicks

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed

React to this headline:

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

Critical flaws fixed in Nagios Log Server

Don't miss, enterprise, exploit, Hot stuff, log management, Nagios Log Server, News, PoC, SMBs, vulnerability / SecurityTicks

Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability

React to this headline:

Critical flaws fixed in Nagios Log Server Read More »

Organizations can’t afford to be non-compliant

Compliance, cybersecurity, Data Protection, enterprise, News, regulation, report, Secureframe, survey / SecurityTicks

Organizations can’t afford to be non-compliant 2025-04-14 at 07:01 By Help Net Security Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even data breaches

React to this headline:

Organizations can’t afford to be non-compliant Read More »

RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406)

0-day, CISA, Don't miss, enterprise, file-sharing, Gladinet, Hot stuff, MSP, News / SecurityTicks

RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) 2025-04-09 at 13:43 By Zeljka Zorz A critical RCE vulnerability (CVE-2025-30406) affecting the Gladinet CentreStack file-sharing/remote access platform has been added to CISA’s Known Exploited Vulnerabilities catalog on Tuesday. According to the vulnerability’s entry in NIST’s National Vulnerability Database, the flaw has been leveraged

React to this headline:

RCE flaw in MSP-friendly file sharing platform exploited by attackers (CVE-2025-30406) Read More »

Transforming cybersecurity into a strategic business enabler

CISO, cyber risk, cybersecurity, Don't miss, Ecolab, enterprise, Features, Hot stuff, News, Risk Management, security standard, strategy, tips / SecurityTicks

Transforming cybersecurity into a strategic business enabler 2025-04-09 at 08:20 By Mirko Zorz In this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the organization, and approaching third-party risk with agility. How do you define cyber risk within your organization’s overall enterprise

React to this headline:

Transforming cybersecurity into a strategic business enabler Read More »

Google is making sending end-to-end encrypted emails easy

Don't miss, email security, Encryption, enterprise, Gmail, Google Workspace, Hot stuff, News, Outlook, Privacy, secure communications, SMBs / SecurityTicks

Google is making sending end-to-end encrypted emails easy 2025-04-02 at 15:03 By Zeljka Zorz Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will first make available this simplified capability to users who want to send E2EE emails

React to this headline:

Google is making sending end-to-end encrypted emails easy Read More »

Attackers are probing Palo Alto Networks GlobalProtect portals

Don't miss, enterprise, GreyNoise, Hot stuff, News, Palo Alto Networks, scanning, VPN / SecurityTicks

Attackers are probing Palo Alto Networks GlobalProtect portals 2025-04-01 at 14:21 By Zeljka Zorz Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and look for signs of compromise. “The

React to this headline:

Attackers are probing Palo Alto Networks GlobalProtect portals Read More »

Windows 11 quick machine recovery: Restoring devices with boot issues

consumer, Don't miss, enterprise, Hot stuff, Microsoft, News, SMBs, Windows / SecurityTicks

Windows 11 quick machine recovery: Restoring devices with boot issues 2025-03-31 at 12:46 By Zeljka Zorz Microsoft has rolled out quick machine recovery, a new Windows feature aimed at preventing prolonged widespread outages like the one caused by a faulty CrowdStrike update in July 2024. The goal of the feature is to allow IT administrators

React to this headline:

Windows 11 quick machine recovery: Restoring devices with boot issues Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability / SecurityTicks

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

React to this headline:

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)

backup, disaster recovery, Don't miss, enterprise, Hot stuff, MSP, Nakivo, News, PoC, SMBs, vulnerability, WatchTowr / SecurityTicks

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) 2025-03-21 at 13:33 By Zeljka Zorz A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) has

React to this headline:

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) Read More »

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)

backup, Don't miss, enterprise, Hot stuff, News, PoC, Rapid7, SMBs, Veeam Software, vulnerability, WatchTowr / SecurityTicks

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) 2025-03-20 at 14:29 By Zeljka Zorz Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly upgrade to a fixed version. There is currently no indication that the

React to this headline:

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) Read More »

2024 phishing trends tell us what to expect in 2025

Don't miss, enterprise, Hot stuff, Kroll, News, phishing, Prodaft, SMBs, social engineering / SecurityTicks

2024 phishing trends tell us what to expect in 2025 2025-02-27 at 14:18 By Zeljka Zorz Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been

React to this headline:

2024 phishing trends tell us what to expect in 2025 Read More »

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)

Don't miss, endpoint management, enterprise, Horizon3.ai, Hot stuff, Ivanti, News, PoC / SecurityTicks

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) 2025-02-24 at 16:18 By Zeljka Zorz A proof-of-concept (PoC) exploit for four critical Ivanti Endpoint Manager vulnerabilities has been released by Horizon3.ai researchers. The vulnerabilities – CVE-2024-10811, CVE-2024-13161, CVE-2024-13160 and CVE-2024-13159 – may be exploited by remote, unauthenticated attackers to leverage Ivanti EPM machine account credentials

React to this headline:

PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) Read More »

Account takeover detection: There’s no single tell

account hijacking, account protection, Don't miss, enterprise, Hot stuff, MFA, News, Proofpoint / SecurityTicks

Account takeover detection: There’s no single tell 2025-02-24 at 14:48 By Zeljka Zorz Account takeover (ATO) is one of the most prevalent attack types; Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one account takeover attempt, and 62% of the customers experienced at least one

React to this headline:

Account takeover detection: There’s no single tell Read More »

Attackers are chaining flaws to breach Palo Alto Networks firewalls

Assetnote, Don't miss, enterprise, GreyNoise, Hot stuff, News, Palo Alto Networks, vulnerability / SecurityTicks

Attackers are chaining flaws to breach Palo Alto Networks firewalls 2025-02-19 at 11:03 By Zeljka Zorz Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13,” the

React to this headline:

Attackers are chaining flaws to breach Palo Alto Networks firewalls Read More »

BlackLock ransomware onslaught: What to expect and how to fight it

Don't miss, enterprise, ESXi, extortion, Hot stuff, News, Ransomware, ReliaQuest, SMBs, tips, VMWare, Windows / SecurityTicks

BlackLock ransomware onslaught: What to expect and how to fight it 2025-02-18 at 18:33 By Zeljka Zorz BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their

React to this headline:

BlackLock ransomware onslaught: What to expect and how to fight it Read More »

DeepSeek’s popularity exploited by malware peddlers, scammers

Artificial Intelligence, China, consumer, data security, DeepSeek, Don't miss, enterprise, Hot stuff, KELA, LLMs, Malware, News, Privacy, threat / SecurityTicks

DeepSeek’s popularity exploited by malware peddlers, scammers 2025-01-29 at 15:18 By Zeljka Zorz As US-based AI companies struggle with the news that the recently released Chinese-made open source DeepSeek-R1 reasoning model performs as well as theirs for a fraction of the cost, users are rushing to try out DeepSeek’s AI tool. In the process, they

React to this headline: