Incident Response - Security Ticks

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News / SecurityTicks

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this […]

React to this headline:

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

Apple Ships Urgent iOS Patch for WebKit Zero-Day

apple, CVE-2023-37450, Incident Response, iOS, iPadOS, Mobile & Wireless, Vulnerabilities, WebKit, Zero-Day / SecurityTicks

Apple Ships Urgent iOS Patch for WebKit Zero-Day 11/07/2023 at 02:02 By Ryan Naraine Apple rolls out urgent iOS and iPadOS software updates and warned that zero-day exploitation has already been detected. The post Apple Ships Urgent iOS Patch for WebKit Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Apple Ships Urgent iOS Patch for WebKit Zero-Day Read More »

Cyware Snags $30M for Threat Intel Infrastructure Tech

Cyware, Funding/M&A, Incident Response, Series C, SOAR, Threat Intelligence, threat-intel, venture capital / SecurityTicks

Cyware Snags $30M for Threat Intel Infrastructure Tech 29/06/2023 at 20:38 By Ryan Naraine New York startup $30 million in new financing to fuel plans to take advantage of the demand for AI-powered threat-intel security tools. The post Cyware Snags $30M for Threat Intel Infrastructure Tech appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Cyware Snags $30M for Threat Intel Infrastructure Tech Read More »

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws

and CVE-2021-44026, CISA, CVE-2020-12641, CVE-2020-35730, Government, Incident Response, KEV catalog, Vulnerabilities / SecurityTicks

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws 23/06/2023 at 18:43 By Ionut Arghire The US government’s cybersecurity agency adds VMware and Roundcube server flaws to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws appeared first on SecurityWeek. This article is an excerpt

React to this headline:

CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws Read More »

Ransomware Attack Played Major Role in Shutdown of Illinois Hospital

healthcare, Incident Response, Ransomware / SecurityTicks

Ransomware Attack Played Major Role in Shutdown of Illinois Hospital 13/06/2023 at 14:49 By Ionut Arghire St. Margaret’s Health in Illinois is shutting down hospitals partly due to a 2021 ransomware attack that caused serious payment system disruptions. The post Ransomware Attack Played Major Role in Shutdown of Illinois Hospital appeared first on SecurityWeek. This

React to this headline:

Ransomware Attack Played Major Role in Shutdown of Illinois Hospital Read More »

Threat actors can exfiltrate data from Google Drive without leaving a trace

digital forensics, Don't miss, enterprise, Google, Google Drive, Google Workspace, Hot stuff, Incident Response, Mitiga, News, SMBs, threat hunting / SecurityTicks

Threat actors can exfiltrate data from Google Drive without leaving a trace 01/06/2023 at 15:43 By Zeljka Zorz Google Workspace (formerly G Suite) has a weak spot that can prevent the discovery of data exfiltration from Google Drive by a malicious outsider or insider, Mitiga researchers say. A problem for digital forensic analysts and incident

React to this headline:

Threat actors can exfiltrate data from Google Drive without leaving a trace Read More »

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Incident Response, Threat Intelligence / SecurityTicks

Security Pros: Before You Do Anything, Understand Your Threat Landscape 25/05/2023 at 17:48 By Marc Solomon Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape. The post Security Pros: Before You Do Anything, Understand

React to this headline:

Security Pros: Before You Do Anything, Understand Your Threat Landscape Read More »

Huntress Closes $60M Series C for MDR Expansion

Funding/M&A, Incident Response / SecurityTicks

Huntress Closes $60M Series C for MDR Expansion 16/05/2023 at 17:48 By Ryan Naraine Huntress closes a $60 million Series C financing round led by Sapphire Ventures. The company has now raised $118 million. The post Huntress Closes $60M Series C for MDR Expansion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Huntress Closes $60M Series C for MDR Expansion Read More »

Dragos Says Ransomware Hackers Failed at Elaborate Extortion Scheme

Dragos, Incident Response, Ransomware / SecurityTicks

Dragos Says Ransomware Hackers Failed at Elaborate Extortion Scheme 10/05/2023 at 19:45 By Ryan Naraine ICS cybersecurity vendor Dragos discloses breach and data theft but says ransomware group failed at elaborate extortion scheme. The post Dragos Says Ransomware Hackers Failed at Elaborate Extortion Scheme appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Dragos Says Ransomware Hackers Failed at Elaborate Extortion Scheme Read More »