enterprise - Security Ticks

Microsoft will offer extended security updates for Windows 10

consumer, Don't miss, end of support, enterprise, Hot stuff, News, security update, Windows / SecurityTicks

Microsoft will offer extended security updates for Windows 10 06/12/2023 at 16:16 By Zeljka Zorz Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support (EOS) on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates (ESU), but will have to pay […]

React to this headline:

Microsoft will offer extended security updates for Windows 10 Read More »

PoCs for critical Arcserve UDP vulnerabilities released

Arcserve, Data Protection, disaster recovery, Don't miss, enterprise, News, PoC, Tenable, vulnerability / SecurityTicks

PoCs for critical Arcserve UDP vulnerabilities released 29/11/2023 at 17:46 By Zeljka Zorz Arcserve has fixed critical security vulnerabilities (CVE-2023-41998, CVE-2023-41999, CVE-2023-42000) in its Unified Data Protection (UDP) solution, PoCs for which have been published by Tenable researchers on Monday. The vulnerabilities Arcserve UDP is a popular enterprise data protection, backup and disaster recovery solution

React to this headline:

PoCs for critical Arcserve UDP vulnerabilities released Read More »

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

data analytics, Don't miss, enterprise, Hot stuff, News, PoC, Splunk, vulnerability / SecurityTicks

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) 27/11/2023 at 13:47 By Zeljka Zorz A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a solution

React to this headline:

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) Read More »

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA, Don't miss, enterprise, exploit, Hot stuff, News, PoC, Sophos, vulnerability / SecurityTicks

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability

React to this headline:

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

From PKI to PQC: Devising a strategy for the transition

DigiCert, Don't miss, Encryption, enterprise, Features, News, Ponemon Institute, quantum computing, strategy / SecurityTicks

From PKI to PQC: Devising a strategy for the transition 16/11/2023 at 09:31 By Zeljka Zorz Quantum computers capable of breaking currently used encryption algorithms are an inevitability. And since the US, China and Europe are sprinting to win that arms race, we know that day is coming sooner rather than later. Will organizations be

React to this headline:

From PKI to PQC: Devising a strategy for the transition Read More »

Juniper networking devices under attack

CISA, Don't miss, enterprise, exploit, firewall, Hot stuff, Juniper Networks, News, vulnerability, WatchTowr / SecurityTicks

Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained

React to this headline:

Juniper networking devices under attack Read More »

Microsoft introduces new access policies in Entra to boost MFA usage

access management, Don't miss, enterprise, Hot stuff, identity protection, MFA, Microsoft, Microsoft Entra ID, News, policy / SecurityTicks

Microsoft introduces new access policies in Entra to boost MFA usage 07/11/2023 at 18:17 By Helga Labus As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to increase the use of multifactor authentication (MFA) for enterprise accounts. Microsoft Entra Conditional

React to this headline:

Microsoft introduces new access policies in Entra to boost MFA usage Read More »

F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, PoC, Praetorian, Project Discovery, SQL injection, traffic monitoring, vulnerability / SecurityTicks

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? 02/11/2023 at 14:01 By Zeljka Zorz The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems may show the same indicators,

React to this headline:

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? Read More »

MITRE ATT&CK v14 released

Don't miss, enterprise, framework, Hot stuff, MITRE, MITRE ATT&CK, News / SecurityTicks

MITRE ATT&CK v14 released 02/11/2023 at 12:16 By Zeljka Zorz MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in real-world attacks. The framework is

React to this headline:

MITRE ATT&CK v14 released Read More »

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, Praetorian, traffic monitoring, vulnerability / SecurityTicks

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) 30/10/2023 at 18:46 By Helga Labus F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability (CVE-2023-46747) that could lead to unauthenticated remote code execution (RCE). About CVE-2023-46747 Discovered and reported by Thomas Hendrickson and Michael Weber of Praetorian

React to this headline:

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) Read More »

Quishing: Tricks to look out for

consumer, Darktrace, Don't miss, enterprise, Hot stuff, Hoxhunt, Kaspersky, Malwarebytes, News, phishing, QR codes, tips / SecurityTicks

Quishing: Tricks to look out for 26/10/2023 at 11:01 By Zeljka Zorz QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are two-dimensional matrix barcodes used for tracking products, identifying items, simplifying actions such as connecting to a

React to this headline:

Quishing: Tricks to look out for Read More »

Microsoft announces wider availability of AI-powered Security Copilot

Artificial Intelligence, Don't miss, enterprise, Hot stuff, machine learning, malware analysis, Microsoft, News, threat hunting / SecurityTicks

Microsoft announces wider availability of AI-powered Security Copilot 23/10/2023 at 15:04 By Helga Labus Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on the latest in large

React to this headline:

Microsoft announces wider availability of AI-powered Security Copilot Read More »

Settlements giant DTTC acquires blockchain infrastructure developer Securrency

Digital Asset, enterprise, security / SecurityTicks

Settlements giant DTTC acquires blockchain infrastructure developer Securrency 20/10/2023 at 02:02 By Cointelegraph By Derek Andersen Securrency will help DTTC increase its role in developing digital asset clearance options. DTTC settled $2.5 quadrillion worth of securities transactions in 2022. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Settlements giant DTTC acquires blockchain infrastructure developer Securrency Read More »

Google ads for KeePass, Notepad++ lead to malware

consumer, Don't miss, enterprise, Google Search, Hot stuff, KeePass, malvertising, Malware, Malwarebytes, News, search engine, SMBs / SecurityTicks

Google ads for KeePass, Notepad++ lead to malware 19/10/2023 at 12:16 By Zeljka Zorz Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search engine ads is a constant,

React to this headline:

Google ads for KeePass, Notepad++ lead to malware Read More »

Researchers warn of increased malware delivery via fake browser updates

consumer, Don't miss, enterprise, Hot stuff, Malware, News, Proofpoint, Sekoia.io, WordPress / SecurityTicks

Researchers warn of increased malware delivery via fake browser updates 17/10/2023 at 13:32 By Zeljka Zorz ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoia researchers have concluded. About ClearFake ClearFake

React to this headline:

Researchers warn of increased malware delivery via fake browser updates Read More »

Compromised Skype accounts deliver DarkGate malware to employees

account hijacking, Don't miss, enterprise, Hot stuff, Malware, Microsoft Teams, News, Skype, Trend Micro / SecurityTicks

Compromised Skype accounts deliver DarkGate malware to employees 16/10/2023 at 16:46 By Helga Labus A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate have been advertised on Russian language forum eCrime since May 2023. Since then, an increase in the

React to this headline:

Compromised Skype accounts deliver DarkGate malware to employees Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR / SecurityTicks

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

React to this headline:

Microsoft Defender can automatically contain compromised user accounts Read More »

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

DMARC, Don't miss, Email, enterprise, Hot stuff, Microsoft, Microsoft 365, News, spam / SecurityTicks

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC 09/10/2023 at 13:32 By Helga Labus In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records verify that

React to this headline:

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC Read More »

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, patch, security update, Trend Micro, vulnerability / SecurityTicks

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) 21/09/2023 at 11:46 By Zeljka Zorz Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know

React to this headline:

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) Read More »

Shadow IT: Security policies may be a problem

Don't miss, enterprise, Hot stuff, Kolide, News, policy, shadow IT, survey, training / SecurityTicks

Shadow IT: Security policies may be a problem 20/09/2023 at 08:23 By Zeljka Zorz 3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent report by Kolide and Dimensional Research has revealed. When asked why they use

React to this headline:

Shadow IT: Security policies may be a problem Read More »