Hot stuff - Security Ticks

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917)

continuous integration, Don't miss, Hot stuff, JetBrains, News, security update, vulnerability / SecurityTicks

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) 2024-02-07 at 12:31 By Helga Labus JetBrains has patched a critical authentication bypass vulnerability (CVE-2024-23917) affecting TeamCity On-Premises continuous integration and deployment servers. About CVE-2024-23917 CVE-2024-23917 could allow an unauthenticated threat actor with HTTP(S) access to a TeamCity server to bypass authentication controls and gain administrative […]

React to this headline:

On-premises JetBrains TeamCity servers vulnerable to auth bypass (CVE-2024-23917) Read More »

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893)

Don't miss, exploit, Hot stuff, Ivanti, News, Shadowserver, vulnerability / SecurityTicks

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) 2024-02-07 at 12:16 By Zeljka Zorz CVE-2024-21893, a server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure VPN gateways and Policy Secure (a network access control solution), is being exploited by attackers. About CVE-2024-21893 CVE-2024-21893 allows a attackers to bypass authentication requirements and access certain restricted

React to this headline:

Ivanti Connect Secure flaw massively exploited by attackers (CVE-2024-21893) Read More »

Common cloud security mistakes and how to avoid them

cloud security, cyber risk, Data Protection, Don't miss, Hot stuff, misconfiguration, News, strategy, threats, tips / SecurityTicks

Common cloud security mistakes and how to avoid them 2024-02-07 at 08:01 By Helga Labus According to recent surveys, 98% of organizations keep their financial, business, customer and/or employee information in the cloud but, at the same time, 95% of cloud security professionals are not sure their security protections and their team would manage to

React to this headline:

Common cloud security mistakes and how to avoid them Read More »

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure

AWS, cybersecurity, database security, Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure 2024-02-07 at 07:31 By Mirko Zorz Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s also equipped for incident response, continuous monitoring, hardening, and forensics preparation. Details The tool includes hundreds of controls that

React to this headline:

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure Read More »

Enhancing adversary simulations: Learn the business to attack the business

attacks, cybersecurity, Don't miss, DVULN, Features, Hot stuff, News, red team, strategy / SecurityTicks

Enhancing adversary simulations: Learn the business to attack the business 2024-02-07 at 07:01 By Mirko Zorz In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats. Unveiling the interplay between red and blue teams, O’Reilly talks

React to this headline:

Enhancing adversary simulations: Learn the business to attack the business Read More »

Demystifying SOC-as-a-Service (SOCaaS)

access management, attacks, Cloud, Cyber Guards, cybersecurity, Don't miss, Hot stuff, identity, Incident Response, monitoring, SOC, Video / SecurityTicks

Demystifying SOC-as-a-Service (SOCaaS) 2024-02-07 at 06:31 By Help Net Security Threat actors aren’t looking for companies of specific sizes or industries, they are looking for opportunities. Given that many companies operate in the dark and overlook breaches until ransomware attacks occur, this makes the threat actors’ job easy. It also underscores the urgency for proactive

React to this headline:

Demystifying SOC-as-a-Service (SOCaaS) Read More »

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users

account hijacking, API security, data breach, Don't miss, Hot stuff, News, social media, Spoutible, vulnerability / SecurityTicks

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users 2024-02-06 at 16:33 By Helga Labus A publicly exposed API of social media platform Spoutible may have allowed threat actors to scrape information that can be used to hijack user accounts. The problem with the Spoutible API Security consultant Troy Hunt has been tipped

React to this headline:

Spoutible API exposed encrypted password reset tokens, 2FA secrets of users Read More »

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832)

account hijacking, Cure53, Don't miss, Hot stuff, Mastodon, News, security update, social media, vulnerability / SecurityTicks

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832) 2024-02-06 at 12:02 By Zeljka Zorz Five days after Mastodon developers pushed out fixes for a remotely exploitable account takeover vulnerability (CVE-2024-23832), over 66% of Mastodon servers out there have been upgraded to close the hole. About Mastodon Mastodon is open-source (server) software for

React to this headline:

Lagging Mastodon admins urged to patch critical account takeover flaw (CVE-2024-23832) Read More »

How CISOs navigate policies and access across enterprises

access management, Check Point, cloud security, cybersecurity, Data Protection, Don't miss, Features, framework, Hot stuff, identity management, News, opinion, strategy, zero trust / SecurityTicks

How CISOs navigate policies and access across enterprises 2024-02-06 at 08:01 By Mirko Zorz In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of balancing data protection with diverse policies, devices, and access controls in a distributed enterprise. He also highlights the significance of security validations, especially internal

React to this headline:

How CISOs navigate policies and access across enterprises Read More »

3 ways to achieve crypto agility in a post-quantum world

AppViewX, certificate authority, certificates, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, News, opinion, standards, strategy / SecurityTicks

3 ways to achieve crypto agility in a post-quantum world 2024-02-06 at 07:31 By Help Net Security Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability to (at the moment of compromise) switch rapidly and seamlessly between certificate authorities, encryption standards

React to this headline:

3 ways to achieve crypto agility in a post-quantum world Read More »

10 must-read cybersecurity books for 2024

books, cybersecurity, Don't miss, Hot stuff, how-to, Learning Tree, News, No Starch Press, skill development, strategy, tips / SecurityTicks

10 must-read cybersecurity books for 2024 2024-02-06 at 07:01 By Help Net Security Our list of cybersecurity books has been curated to steer your professional growth in 2024. This selection aims to provide comprehensive information security insights and knowledge, ensuring you stay ahead in your career learning journey throughout the year. Cyber for Builders: The

React to this headline:

10 must-read cybersecurity books for 2024 Read More »

Deepfaked video conference call makes employee send $25 million to scammers

Asia, deepfakes, Don't miss, enterprise, Hot stuff, News, scams, video conferencing / SecurityTicks

Deepfaked video conference call makes employee send $25 million to scammers 2024-02-05 at 17:01 By Zeljka Zorz A deepfake video conference call paired with social engineering tricks has led to the theft of over US$25 million from a multinational firm, the South China Morning Post has reported. The scheme and the deepfake video conference call

React to this headline:

Deepfaked video conference call makes employee send $25 million to scammers Read More »

AnyDesk has been hacked, users urged to change passwords

AnyDesk, certificates, credentials, CrowdStrike, data breach, Don't miss, Hot stuff, News, remote access, Resecurity / SecurityTicks

AnyDesk has been hacked, users urged to change passwords 2024-02-05 at 14:31 By Zeljka Zorz AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their production systems have been compromised. The statement was published on Friday evening and lacks

React to this headline:

AnyDesk has been hacked, users urged to change passwords Read More »

Latio Application Security Tester: Use AI to scan your code

Artificial Intelligence, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenAI, software / SecurityTicks

Latio Application Security Tester: Use AI to scan your code 2024-02-05 at 08:02 By Mirko Zorz Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans James Berthoty, the creator of Latio Application Security Tester, told

React to this headline:

Latio Application Security Tester: Use AI to scan your code Read More »

Migrating to the cloud: An overview of process and strategy

Center for Internet Security, Cloud, cloud security, cybersecurity, Don't miss, Expert analysis, Hot stuff, News, opinion / SecurityTicks

Migrating to the cloud: An overview of process and strategy 2024-02-05 at 06:01 By Help Net Security Over the next few years, the number of organizations navigating to the cloud to advance their business goals is expected to grow exponentially. According to Gartner, more than 70% of enterprises will use cloud platforms to accelerate their

React to this headline:

Migrating to the cloud: An overview of process and strategy Read More »

NIS2 Directive raises stakes for security leaders

cyber hygiene, cyber resilience, cyberattacks, cybersecurity, Don't miss, EU, Features, framework, Hot stuff, News, opinion, regulation, Risk Management, standards, Sumo Logic / SecurityTicks

NIS2 Directive raises stakes for security leaders 2024-02-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to standardize cybersecurity practices across sectors. NIS2 mandates minimal cybersecurity requirements for member companies, encompassing policies on

React to this headline:

NIS2 Directive raises stakes for security leaders Read More »

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

Akamai, botnet, Don't miss, exploit, Hot stuff, Linux, Log4j, Malware, News, vulnerability / SecurityTicks

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities 2024-02-01 at 17:31 By Helga Labus The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet The FritzFrog botnet, initially identified in August 2020, is

React to this headline:

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities Read More »

FBI disrupts Chinese botnet used for targeting US critical infrastructure

botnet, China, critical infrastructure, Don't miss, FBI, Hot stuff, News, USA / SecurityTicks

FBI disrupts Chinese botnet used for targeting US critical infrastructure 2024-02-01 at 15:17 By Helga Labus The FBI has disrupted the KV botnet, used by People’s Republic of China (PRC) state-sponsored hackers (aka “Volt Typhoon”) to target US-based critical infrastructure organizations. A botnet for probing critical infrastructure organizations The threat actors used the KV botnet

React to this headline:

FBI disrupts Chinese botnet used for targeting US critical infrastructure Read More »

Threat actor used Vimeo, Ars Technica to serve second-stage malware

cybercrime, Don't miss, EU, Hot stuff, Malware, Mandiant, News, theft, USB devices / SecurityTicks

Threat actor used Vimeo, Ars Technica to serve second-stage malware 2024-02-01 at 12:31 By Zeljka Zorz A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, Vimeo, GitHub and GitLab to surreptitiously deliver malware. Another interesting detail about UNC4990 it’s

React to this headline:

Threat actor used Vimeo, Ars Technica to serve second-stage malware Read More »

Zero trust implementation: Plan, then execute, one step at a time

access management, authentication, Don't miss, Hot stuff, News, strategy, tips, zero trust / SecurityTicks

Zero trust implementation: Plan, then execute, one step at a time 2024-02-01 at 08:02 By Helga Labus 82% of cybersecurity professionals have been working on implementing zero trust last year, and 16% should be on it by the end of this year. The challenges of zero trust implementation You’ve probably heard it before: zero trust

React to this headline:

Zero trust implementation: Plan, then execute, one step at a time Read More »