Hot stuff - Security Ticks

CUPS vulnerabilities could be abused for DDoS attacks

Akamai, DDoS, Don't miss, enterprise, Hot stuff, Linux, News, vulnerability / SecurityTicks

CUPS vulnerabilities could be abused for DDoS attacks 2024-10-03 at 16:18 By Zeljka Zorz While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable systems, they could offer more opportunity to attackers who engage in DDoS attacks, Akamai threat researchers […]

React to this headline:

CUPS vulnerabilities could be abused for DDoS attacks Read More »

Private US companies targeted by Stonefly APT

APT, Don't miss, enterprise, extortion, government-backed attacks, Hot stuff, Mandiant, News, North Korea, Symantec, USA / SecurityTicks

Private US companies targeted by Stonefly APT 2024-10-03 at 14:01 By Zeljka Zorz Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About Stonefly Also known as Andariel and OnyxFleet, Stonefly has been linked to

React to this headline:

Private US companies targeted by Stonefly APT Read More »

Three hard truths hindering cloud-native detection and response

authentication, cloud computing, cloud security, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Sweet Security / SecurityTicks

Three hard truths hindering cloud-native detection and response 2024-10-03 at 08:01 By Help Net Security According to Gartner, the market for cloud computing services is expected to reach $675 billion in 2024. Companies are shifting from testing the waters of cloud computing to making substantive investments in cloud-native IT, and attackers are shifting with them.

React to this headline:

Three hard truths hindering cloud-native detection and response Read More »

Spotting AI-generated scams: Red flags to watch for

Artificial Intelligence, blockchain, cybersecurity, deepfakes, Don't miss, Features, fraud, Hot stuff, Mano Bank, News, opinion, penetration testing, regulation / SecurityTicks

Spotting AI-generated scams: Red flags to watch for 2024-10-03 at 07:32 By Mirko Zorz In this Help Net Security interview, Andrius Popovas, Chief Risk Officer at Mano Bank, discusses the most prevalent AI-driven fraud schemes, such as phishing attacks and deepfakes. He explains how AI manipulates videos and audio to deceive victims and highlights key

React to this headline:

Spotting AI-generated scams: Red flags to watch for Read More »

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

CVE, Don't miss, exploit, Hot stuff, News, PoC, ProjectDiscovery, Proofpoint, Synacor, vulnerability / SecurityTicks

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) 2024-10-02 at 14:16 By Zeljka Zorz Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and

React to this headline:

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) Read More »

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed

cybercriminals, Europol, Hot stuff, Justice Department, law enforcement, National Crime Agency, News, Ransomware, Russian Federation / SecurityTicks

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed 2024-10-02 at 12:46 By Zeljka Zorz The third phase of Operation Cronos, which involved officers from the UK National Crime Agency (NCA), the FBI, Europol and other law enforcement agencies, has resulted in the arrest of four persons for allegedly participating in the

React to this headline:

4 new LockBit-related arrests, identities of suspected Evil Corp members, affiliates revealed Read More »

Enhancing firewall management with automation tools

automation, Compliance, cybersecurity, Don't miss, Features, firewall, Hot stuff, News, opinion, Tufin / SecurityTicks

Enhancing firewall management with automation tools 2024-10-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Raymond Brancato, CEO at Tufin, discusses the considerations organizations must weigh when selecting a next-generation firewall to effectively balance security needs with network performance. What factors should organizations prioritize when selecting a next-generation firewall to balance security

React to this headline:

Enhancing firewall management with automation tools Read More »

Suricata: Open-source network analysis and threat detection

cybersecurity, Don't miss, Hot stuff, intrusion detection, network analysis, News, OISF, open source, penetration testing, software, threat detection / SecurityTicks

Suricata: Open-source network analysis and threat detection 2024-10-02 at 07:31 By Help Net Security Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files

React to this headline:

Suricata: Open-source network analysis and threat detection Read More »

Cybersecurity jobs available right now: October 2, 2024

cybersecurity jobs, Don't miss, Hot stuff, News / SecurityTicks

Cybersecurity jobs available right now: October 2, 2024 2024-10-02 at 07:01 By Anamarija Pogorelec Applied Cybersecurity Engineer (Center for Securing the Homeland) MITRE | USA | Hybrid – View job details As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat

React to this headline:

Cybersecurity jobs available right now: October 2, 2024 Read More »

What bots mean for businesses and consumers

bot, CISO, cybersecurity, DataDome, Don't miss, Hot stuff, News, report, research, strategy, tips, Video / SecurityTicks

What bots mean for businesses and consumers 2024-10-02 at 06:31 By Help Net Security Simple bots have existed since the early to mid-2000s when organizations had no means to protect themselves or their website’s users from them. Yet today, despite having tools to protect against these simple bots, two in three organizations have made no

React to this headline:

What bots mean for businesses and consumers Read More »

Use Windows event logs for ransomware investigations, JPCERT/CC advises

Don't miss, Hot stuff, Incident Response, logging, News, Ransomware, Windows / SecurityTicks

Use Windows event logs for ransomware investigations, JPCERT/CC advises 2024-10-01 at 13:46 By Zeljka Zorz The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware attacks and potentially limit the

React to this headline:

Use Windows event logs for ransomware investigations, JPCERT/CC advises Read More »

3 easy microsegmentation projects

12Port, access control, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, network, News, opinion, regulation, resilience, software, zero trust / SecurityTicks

3 easy microsegmentation projects 2024-10-01 at 07:31 By Help Net Security Like many large-scale network security projects, microsegmentation can seem complex, time-consuming, and expensive. It involves managing intricate details about inter-device service connectivity. One web server should connect to specific databases but not to others, or load balancers should connect to some web servers while

React to this headline:

3 easy microsegmentation projects Read More »

Reducing credential complexity with identity federation

authentication, credentials, cybersecurity, Descope, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO / SecurityTicks

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Reducing credential complexity with identity federation Read More »

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

account hijacking, Cloud, credentials, Don't miss, Hot stuff, Microsoft, Microsoft Entra ID, News, privileged accounts, Ransomware / SecurityTicks

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts 2024-09-30 at 17:01 By Zeljka Zorz Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’

React to this headline:

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts Read More »

Microsoft revised the controversial Copilot+ Recall feature

Artificial Intelligence, data security, Don't miss, Hot stuff, Microsoft, News, Privacy, Windows / SecurityTicks

Microsoft revised the controversial Copilot+ Recall feature 2024-09-30 at 13:46 By Zeljka Zorz Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about security and privacy. The security of the feature has been assessed by Microsoft’s Offensive Research & Security Engineering

React to this headline:

Microsoft revised the controversial Copilot+ Recall feature Read More »

Could APIs be the undoing of AI?

API security, Artificial Intelligence, Cequence Security, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, LLMs, News, opinion / SecurityTicks

Could APIs be the undoing of AI? 2024-09-30 at 08:01 By Help Net Security Application programming interfaces (APIs) are essential to how generative AI (GenAI) functions with agents (e.g., calling upon them for data). But the combination of API and LLM issues coupled with rapid rollouts is likely to see numerous organizations having to combat

React to this headline:

Could APIs be the undoing of AI? Read More »

Open source maintainers: Key to software health and security

cybersecurity, Don't miss, Hot stuff, News, open source, research, survey, Tidelift, Video / SecurityTicks

Open source maintainers: Key to software health and security 2024-09-30 at 07:01 By Help Net Security Open source has become the foundation of modern application development, with up to 98% of applications incorporating open-source components and open-source code accounting for 70% or more of the typical application. In this Help Net Security video, Donald Fischer,

React to this headline:

Open source maintainers: Key to software health and security Read More »

Businesses turn to private AI for enhanced security and data management

Artificial Intelligence, Broadcom, cybersecurity, data security, Don't miss, Features, Hot stuff, News, opinion, regulation / SecurityTicks

Businesses turn to private AI for enhanced security and data management 2024-09-30 at 06:31 By Mirko Zorz In this Help Net Security interview, Joe Baguley, CTO EMEA at Broadcom, shares insights on private AI and its significance in data security. He explains how it helps organizations maintain control over sensitive information while addressing the complexities

React to this headline:

Businesses turn to private AI for enhanced security and data management Read More »

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE

CVE, Don't miss, Hot stuff, Linux, News, PoC, Rapid7, Red Hat, Tenable, vulnerability / SecurityTicks

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE 2024-09-27 at 13:31 By Zeljka Zorz After much hyping and following prematurely leaked information by a third party, security researcher Simone Margaritelli has released details about four zero-day vulnerabilities in the Common UNIX Printing System (CUPS) that can be abused by remote, unauthenticated attackers to

React to this headline:

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE Read More »

3 tips for securing IoT devices in a connected world

access control, authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, IoT, News, opinion, tips, WatchGuard / SecurityTicks

3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present

React to this headline:

3 tips for securing IoT devices in a connected world Read More »