News - Security Ticks

6 key elements for building a healthcare cybersecurity response plan

cyber risk, healthcare, Incident Response, News, Ransomware, report, risk assessment, Software Advice, strategy, survey / SecurityTicks

6 key elements for building a healthcare cybersecurity response plan 2024-10-30 at 06:33 By Help Net Security Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes healthcare providers to risks of patient data breaches, HIPAA violations, financial penalties, and […]

6 key elements for building a healthcare cybersecurity response plan Read More »

US charges suspected Redline infostealer developer, admin

Don't miss, ESET, Eurojust, Hot stuff, Justice Department, law enforcement, Malware, News / SecurityTicks

US charges suspected Redline infostealer developer, admin 2024-10-29 at 18:22 By Zeljka Zorz The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure takedown As promised on Monday when they announced the disruption of the Redline and Meta infostealer operations, law enforcement Operation Magnus

US charges suspected Redline infostealer developer, admin Read More »

Phishers reach targets via Eventbrite services

Don't miss, Eventbrite, Hot stuff, News, Perception Point, phishing / SecurityTicks

Phishers reach targets via Eventbrite services 2024-10-29 at 15:17 By Zeljka Zorz Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets. “Since July, these attacks have increased 25% week over week, resulting in a total growth rate of 900%,” Perception Point researchers say. The phishing emails

Phishers reach targets via Eventbrite services Read More »

Patching problems: The “return” of a Windows Themes spoofing vulnerability

0-day, 0patch, ACROS Security, Data leak, Don't miss, Hot stuff, micropatch, News, Windows / SecurityTicks

Patching problems: The “return” of a Windows Themes spoofing vulnerability 2024-10-29 at 12:18 By Zeljka Zorz Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered. The path to discovery The story

Patching problems: The “return” of a Windows Themes spoofing vulnerability Read More »

Inside console security: How innovations shape future hardware protection

cybersecurity, Don't miss, exploit, Features, hardware, Hot stuff, News, online gaming, opinion, Sony / SecurityTicks

Inside console security: How innovations shape future hardware protection 2024-10-29 at 08:00 By Mirko Zorz In this Help Net Security interview, security researchers Specter and ChendoChap discuss gaming consoles’ unique security model, highlighting how it differs from other consumer devices. They also share their thoughts on how advancements in console security could shape future consumer

Inside console security: How innovations shape future hardware protection Read More »

OT PCAP Analyzer: Free PCAP analysis tool

EmberOT, networking, News, software / SecurityTicks

OT PCAP Analyzer: Free PCAP analysis tool 2024-10-29 at 07:34 By Mirko Zorz EmberOT’s OT PCAP Analyzer, developed for the industrial security community, is a free tool providing a high-level overview of the devices and protocols in packet capture files. “The OT PCAP Analyzer was designed specifically with critical OT environments in mind. We’ve created

OT PCAP Analyzer: Free PCAP analysis tool Read More »

Cybersecurity jobs available right now: October 29, 2024

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: October 29, 2024 2024-10-29 at 07:03 By Anamarija Pogorelec API Gateway Security Engineer Ness Technologies | Israel | Hybrid – View job details As an API Gateway Security Engineer, you will be responsible for managing and implementing API Gateway solutions with a strong focus on information security. Your responsibilities will

Cybersecurity jobs available right now: October 29, 2024 Read More »

Trust and risk in the AI era

Artificial Intelligence, automation, cybersecurity, News, report, survey, Vanta / SecurityTicks

Trust and risk in the AI era 2024-10-29 at 06:07 By Help Net Security 55% of organizations say the security risks for their business have never been higher, according to Vanta. Yet the average company only dedicates 11% of its IT budget to security — far from the ideal allocation of 17%, according to business

Trust and risk in the AI era Read More »

Black Basta operators phish employees via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft Teams, News, phishing, Ransomware, ReliaQuest, SMBs, social engineering / SecurityTicks

Black Basta operators phish employees via Microsoft Teams 2024-10-28 at 18:51 By Zeljka Zorz Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams. Phishing via MS Teams Earlier this year, Rapid7 warned about Black Basta using the

Black Basta operators phish employees via Microsoft Teams Read More »

Police hacks, disrupts Redline, Meta infostealer operations

Don't miss, Hot stuff, law enforcement, Malware, News / SecurityTicks

Police hacks, disrupts Redline, Meta infostealer operations 2024-10-28 at 16:25 By Zeljka Zorz The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware. Screenshot of the Redline License Server panel

Police hacks, disrupts Redline, Meta infostealer operations Read More »

A good cyber leader prioritizes the greater good

cyber hygiene, cybersecurity, Don't miss, Expert analysis, Expert corner, ExtraHop, Hot stuff, News, opinion, strategy / SecurityTicks

A good cyber leader prioritizes the greater good 2024-10-28 at 08:01 By Help Net Security In the war against malicious cyber activity, it’s time for security vendors to step in – and it’s not how you might think. CISA Director Jen Easterly put it right at this year’s Black Hat conference: “We got ourselves into

A good cyber leader prioritizes the greater good Read More »

How isolation technologies are shaping the future of Kubernetes security

containers, cybersecurity, Don't miss, Edera, Features, Hot stuff, Kubernetes, News, opinion, regulation / SecurityTicks

How isolation technologies are shaping the future of Kubernetes security 2024-10-28 at 08:01 By Mirko Zorz In this Help Net Security interview, Emily Long, CEO at Edera, discusses the most common vulnerabilities in Kubernetes clusters and effective mitigation strategies. Long shares insights on emerging isolation technologies that could enhance Kubernetes security and better protect containerized

How isolation technologies are shaping the future of Kubernetes security Read More »

Fraudsters revive old tactics mixed with modern technology

cybercrime, cybersecurity, fraud, News, report, scams, survey, Visa / SecurityTicks

Fraudsters revive old tactics mixed with modern technology 2024-10-28 at 07:04 By Help Net Security Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes affecting multiple financial institutions, technologies, and processes, according to Visa. The resurgence of physical theft Scammers are going back to basics with an

Fraudsters revive old tactics mixed with modern technology Read More »

Top 10 strategic technology trends shaping the future of business

Artificial Intelligence, CIO, cybersecurity, digital transformation, Gartner, News, report, strategy, survey / SecurityTicks

Top 10 strategic technology trends shaping the future of business 2024-10-28 at 06:03 By Help Net Security The ethical and responsible use of technology is fast becoming part of the mandate for CIOs, as organizations balance the need for progress with the protection of stakeholders’ trust and well-being, according to Gartner. “This year’s top strategic

Top 10 strategic technology trends shaping the future of business Read More »

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE

News, Week in review / SecurityTicks

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE 2024-10-27 at 11:19 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last couple of days, Fortinet has released critical security

Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE Read More »

SEC fines tech companies for misleading SolarWinds disclosures

Avaya, Check Point, Compliance, cyber risk, Don't miss, Mimecast, News, SolarWinds, Unisys / SecurityTicks

SEC fines tech companies for misleading SolarWinds disclosures 2024-10-25 at 15:07 By Help Net Security The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also

SEC fines tech companies for misleading SolarWinds disclosures Read More »

Exploited: Cisco, SharePoint, Chrome vulnerabilities

brute-force, Chrome, CISA, Cisco, Don't miss, enterprise, exploit, Hot stuff, Kaspersky, News, PoC, SharePoint, vulnerability / SecurityTicks

Exploited: Cisco, SharePoint, Chrome vulnerabilities 2024-10-25 at 13:33 By Zeljka Zorz Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947). CVE-2024-20481 (Cisco ASA/FTD) In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its

Exploited: Cisco, SharePoint, Chrome vulnerabilities Read More »

Proof Verify reduces false positives and improves fraud detection accuracy

News, Proof / SecurityTicks

Proof Verify reduces false positives and improves fraud detection accuracy 2024-10-25 at 12:04 By Industry News Proof launched Verify, a live face-to-face experience that delivers high-level assurance with identity verification performed in the presence of an agent, reducing the risk of fraudulent activities such as deepfakes by ensuring that users are legitimate. Organizations and consumers

Proof Verify reduces false positives and improves fraud detection accuracy Read More »

Achieving peak cyber resilience

Artificial Intelligence, cyber resilience, cyberattacks, cybersecurity, Data Protection, disaster recovery, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Veritas Technologies / SecurityTicks

Achieving peak cyber resilience 2024-10-25 at 08:03 By Help Net Security Climbing Mount Everest isn’t a feat for the faint hearted. Extreme weather, dangerous terrain and acclimatization requirements make the trek challenging for even the most experienced climbers. It’s estimated that the expedition takes more than two months, on average. That’s a lengthy process that

Achieving peak cyber resilience Read More »

The future of cyber insurance: Meeting the demand for non-attack coverage

access control, Allianz, cyber insurance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Privacy, Ransomware, risk assessment / SecurityTicks

The future of cyber insurance: Meeting the demand for non-attack coverage 2024-10-25 at 07:35 By Mirko Zorz In this Help Net Security interview, Michael Daum, Head of Global Cyber Claims for Allianz Commercial, discusses the significant rise in cyber claims in 2024, driven by an increase in data breaches and ransomware attacks. Daum highlights the

The future of cyber insurance: Meeting the demand for non-attack coverage Read More »