Featured - Security Ticks

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack

Featured, OpenSSH, regreSSHion, Vulnerabilities / SecurityTicks

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack 2024-07-01 at 15:31 By Eduard Kovacs Millions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387. The post Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack appeared first on SecurityWeek. This article […]

Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack Read More »

TeamViewer Hack Officially Attributed to Russian Cyberspies

APT29, Featured, Midnight Blizzard, Nation-State, Russia, TeamViewer / SecurityTicks

TeamViewer Hack Officially Attributed to Russian Cyberspies 2024-07-01 at 12:01 By Eduard Kovacs TeamViewer has confirmed that the Russian cyberespionage group APT29 appears to be behind the recent hack. The post TeamViewer Hack Officially Attributed to Russian Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

TeamViewer Hack Officially Attributed to Russian Cyberspies Read More »

Russian APT Reportedly Behind New TeamViewer Hack

cyberattack, Data Breaches, Featured, Russia, TeamViewer / SecurityTicks

Russian APT Reportedly Behind New TeamViewer Hack 2024-06-28 at 12:46 By Eduard Kovacs TeamViewer’s corporate network was hacked and some reports say the Russian group APT29 is behind the attack. The post Russian APT Reportedly Behind New TeamViewer Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Russian APT Reportedly Behind New TeamViewer Hack Read More »

Inside the Mind of a CISO: Survey and Analysis

CISO, CISO Strategy, Featured / SecurityTicks

Inside the Mind of a CISO: Survey and Analysis 2024-06-27 at 17:01 By Kevin Townsend Inside the Mind of a CISO 2024 is a survey of 209 security leaders to understand the thinking and operational methods and motivations of CISOs. The post Inside the Mind of a CISO: Survey and Analysis appeared first on SecurityWeek.

Inside the Mind of a CISO: Survey and Analysis Read More »

Evolve Bank Data Leaked After LockBit’s ‘Federal Reserve Hack’

Data leak, Featured, LockBit, Ransomware / SecurityTicks

Evolve Bank Data Leaked After LockBit’s ‘Federal Reserve Hack’ 2024-06-27 at 13:56 By Eduard Kovacs The LockBit ransomware group claimed to have hacked the US Federal Reserve, but leaked data from an Arkansas-based bank. The post Evolve Bank Data Leaked After LockBit’s ‘Federal Reserve Hack’ appeared first on SecurityWeek. This article is an excerpt from

Evolve Bank Data Leaked After LockBit’s ‘Federal Reserve Hack’ Read More »

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher

Featured, Meta, Ransomware, vr, Vulnerabilities / SecurityTicks

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher 2024-06-25 at 15:01 By Kevin Townsend Researcher shows how hackers could use social engineering to deliver ransomware and other malware to Meta’s Quest 3 VR headset. The post Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher appeared first on SecurityWeek. This article is an excerpt

Meta’s Virtual Reality Headset Vulnerable to Ransomware Attacks: Researcher Read More »

Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information

data breach, Data Breaches, Featured, Neiman Marcus, Snowflake / SecurityTicks

Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information 2024-06-25 at 12:06 By Eduard Kovacs Neiman Marcus has disclosed a data breach impacting 64,000 people just as a hacker announced the sale of customer data. The post Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information appeared first on

Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information Read More »

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity

Featured, side-channel attack, Vulnerabilities / SecurityTicks

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity 2024-06-24 at 19:31 By Eduard Kovacs New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic. The post New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity Read More »

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens

car hacking, cyberattack, cybercrime, Featured / SecurityTicks

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens 2024-06-21 at 12:46 By Eduard Kovacs Car dealership software provider CDK Global was in the process of restoring services impacted by a cyberattack when it discovered an additional hack. The post Disruptions at Many Car Dealerships Continue as CDK Hack Worsens appeared first on SecurityWeek.

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens Read More »

AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence

AI, Artificial Intelligence, Featured / SecurityTicks

AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence 2024-06-20 at 15:31 By Kevin Townsend AI model weights govern outputs from the system, but altered or ‘poisoned’, they can make the output erroneous and, in extremis, useless and dangerous. The post AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence appeared

AI Weights: Securing the Heart and Soft Underbelly of Artificial Intelligence Read More »

AMD Investigating Breach Claims After Hacker Offers to Sell Data

Amd, data breach, Data Breaches, Featured, IntelBroker / SecurityTicks

AMD Investigating Breach Claims After Hacker Offers to Sell Data 2024-06-19 at 12:31 By Eduard Kovacs AMD has launched an investigation after a notorious hacker announced selling sensitive data allegedly belonging to the company. The post AMD Investigating Breach Claims After Hacker Offers to Sell Data appeared first on SecurityWeek. This article is an excerpt

AMD Investigating Breach Claims After Hacker Offers to Sell Data Read More »

New TikTag Attack Targets Arm CPU Security Feature

Arm, CPU, CPU vulnerability, Endpoint Security, Featured / SecurityTicks

New TikTag Attack Targets Arm CPU Security Feature 2024-06-18 at 19:45 By Eduard Kovacs Researchers have targeted the MTE security feature in Arm CPUs and showed how attackers could bypass protections. The post New TikTag Attack Targets Arm CPU Security Feature appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

New TikTag Attack Targets Arm CPU Security Feature Read More »

Microsoft Delaying Recall Feature to Improve Security

AI, Artificial Intelligence, Endpoint Security, Featured, Microsoft, Privacy, Windows Recall / SecurityTicks

Microsoft Delaying Recall Feature to Improve Security 2024-06-14 at 13:46 By Eduard Kovacs Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security. The post Microsoft Delaying Recall Feature to Improve Security appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Microsoft Delaying Recall Feature to Improve Security Read More »

Ransomware Group Exploits PHP Vulnerability Days After Disclosure

exploited, Featured, PHP, Ransomware / SecurityTicks

Ransomware Group Exploits PHP Vulnerability Days After Disclosure 2024-06-12 at 12:16 By Ionut Arghire The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure. The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Ransomware Group Exploits PHP Vulnerability Days After Disclosure Read More »

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’

apple, Featured, IoT Security, Vision Pro / SecurityTicks

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’ 2024-06-11 at 17:01 By Eduard Kovacs Apple has released a visionOS update that patches CVE-2024-27812, which may be the first flaw specific to the VR headset. The post Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’ appeared

Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’ Read More »

Arm Warns of Exploited Kernel Driver Vulnerability

Arm, exploited, Featured, GPU, Malware & Threats, Vulnerabilities / SecurityTicks

Arm Warns of Exploited Kernel Driver Vulnerability 2024-06-11 at 13:16 By Ionut Arghire Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks. The post Arm Warns of Exploited Kernel Driver Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

Arm Warns of Exploited Kernel Driver Vulnerability Read More »

Fortinet Expands Cloud Security Portfolio with Lacework Acquisition

cloud security, CNAPP, DSPM, Featured, Fortinet, Funding/M&A, Lacework, M&A Tracker / SecurityTicks

Fortinet Expands Cloud Security Portfolio with Lacework Acquisition 2024-06-10 at 18:31 By Ryan Naraine Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a “unicorn” company valued north of $1 billion. The post Fortinet Expands Cloud Security Portfolio with Lacework Acquisition appeared first on SecurityWeek. This article is

Fortinet Expands Cloud Security Portfolio with Lacework Acquisition Read More »

Christie’s Says Ransomware Attack Impacts 45,000 People

data breach, Data Breaches, Featured, Ransomware / SecurityTicks

Christie’s Says Ransomware Attack Impacts 45,000 People 2024-06-10 at 13:01 By Eduard Kovacs Auction house Christie’s says the data breach caused by the recent ransomware attack impacts the information of 45,000 individuals. The post Christie’s Says Ransomware Attack Impacts 45,000 People appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Christie’s Says Ransomware Attack Impacts 45,000 People Read More »

Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default

AI/ML, Artificial Intelligence, CSRB, Data Protection, Featured, Microsoft, Windows Recall / SecurityTicks

Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default 2024-06-07 at 20:17 By Ryan Naraine Amidst public pressure, Microsoft changes the set-up experience of Copilot+ PCs to disable the controversial Windows Recall feature by default. The post Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default appeared first on SecurityWeek. This

Microsoft Bows to Public Pressure, Disables Controversial Windows Recall by Default Read More »

Why Hackers Love Logs

Featured, Incident Response, Log4Shell / SecurityTicks

Why Hackers Love Logs 2024-06-06 at 17:46 By Kevin Townsend Log tampering is an almost inevitable part of a compromise. Why and how do cybercriminals target logs, and what can be done to protect them? The post Why Hackers Love Logs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

Why Hackers Love Logs Read More »