News - Security Ticks

LockBit leader unmasked: US charges Russian national

Australia, cybercrime, cybercriminals, disruption, DOJ, Don't miss, Europol, Hot stuff, law enforcement, News, Ransomware, UK, USA / SecurityTicks

LockBit leader unmasked: US charges Russian national 2024-05-07 at 18:33 By Zeljka Zorz Russian national Dmitry Khoroshev is “LockBitSupp”, the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies. The US Justice Deparment has unsealed charges against Khoroshev and the US Department of the Treasury’s […]

LockBit leader unmasked: US charges Russian national Read More »

Ransomware operations are becoming less profitable

Chainalysis, cybercrime, disruption, Don't miss, Hot stuff, law enforcement, News, Ransomware / SecurityTicks

Ransomware operations are becoming less profitable 2024-05-07 at 14:01 By Zeljka Zorz As the number of real (and fake) victims of ransomware gangs continues to rise, the number of ransomware payments is falling, along with the average ransom payment. The reasons behind this decrease are many: increased cyber resilience of organizations (which includes having recoverable

Ransomware operations are becoming less profitable Read More »

6 tips to implement security gamification effectively

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SeeMetrics, tips, training / SecurityTicks

6 tips to implement security gamification effectively 2024-05-07 at 08:01 By Help Net Security There’s not a CISO in the industry who’s not aware of the extremely short median CISO tenure. That’s why the best CISOs are those who constantly seek ways to strengthen their teams. They help members evolve and grow in their roles,

6 tips to implement security gamification effectively Read More »

Cybercrime stats you can’t ignore

Abnormal Security, Akamai, Cofense, cybercrime, cybersecurity, Don't miss, Egress, GuidePoint Security, Hot stuff, Imperva, Ironscales, News, Osterman Research, ReliaQuest, report, SecurityScorecard, Sophos, SpyCloud, survey, Thales, Trustwave, VIPRE Security, Visa / SecurityTicks

Cybercrime stats you can’t ignore 2024-05-07 at 07:31 By Help Net Security In this article, you will find excerpts from various reports that offer stats and insights about the current cybercrime landscape. Behavioral patterns of ransomware groups are changing GuidePoint Security | GRIT Q1 2024 Ransomware Report | April 2024 Q1 2024 resulted in a

Cybercrime stats you can’t ignore Read More »

Ransomware activity is back on track despite law enforcement efforts

Corvus Insurance, cybercrime, cybersecurity, News, Ransomware, report, survey / SecurityTicks

Ransomware activity is back on track despite law enforcement efforts 2024-05-07 at 06:31 By Help Net Security Despite significant disruptions for high-profile ransomware gangs LockBit and BlackCat, Q1 2024 became the most active first quarter ever recorded — a 21% increase over Q1 2023, according to Corvus Insurance. In January, Corvus reported that global ransomware

Ransomware activity is back on track despite law enforcement efforts Read More »

Only 45% of organizations use MFA to protect against fraud

cybersecurity, fraud, identity, identity protection, News, Ping Identity, report, survey / SecurityTicks

Only 45% of organizations use MFA to protect against fraud 2024-05-07 at 06:01 By Help Net Security Most businesses struggle with identity verification and have concerns over ability to protect against AI, according to Ping Identity. Despite stronger protection solutions available, many organizations aren’t taking full advantage. The report, based on responses from 700 IT

Only 45% of organizations use MFA to protect against fraud Read More »

BlackBasta claims Synlab attack, leaks some stolen documents

Data leak, Don't miss, Europe, Hot stuff, News, Ransomware / SecurityTicks

BlackBasta claims Synlab attack, leaks some stolen documents 2024-05-06 at 14:16 By Zeljka Zorz The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately

BlackBasta claims Synlab attack, leaks some stolen documents Read More »

Strategies for preventing AI misuse in cybersecurity

analytics, Artificial Intelligence, awareness, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, News, opinion, remediation, risk, SecurityPal, strategy / SecurityTicks

Strategies for preventing AI misuse in cybersecurity 2024-05-06 at 08:01 By Mirko Zorz As organizations increasingly adopt AI, they face unique challenges in updating AI models to keep pace with evolving threats while ensuring seamless integration into existing cybersecurity frameworks. In this Help Net Security interview, Pukar Hamal, CEO at SecurityPal, discusses the integration of

Strategies for preventing AI misuse in cybersecurity Read More »

How to prepare for the CISSP exam: Tips from industry leaders

certification, CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, ISC2, News, skill development, strategy, tips / SecurityTicks

How to prepare for the CISSP exam: Tips from industry leaders 2024-05-06 at 07:31 By Mirko Zorz The Certified Information Systems Security Professional (CISSP) is the most widely recognized certification in the information security industry. CISSP certifies that an information security professional possesses extensive technical and managerial expertise for designing, engineering, and managing an organization’s

How to prepare for the CISSP exam: Tips from industry leaders Read More »

Organizations go ahead with AI despite security risks

Artificial Intelligence, cybersecurity, data security, Immuta, News, report, survey / SecurityTicks

Organizations go ahead with AI despite security risks 2024-05-06 at 07:01 By Help Net Security AI adoption remains sky high, with 54% of data experts saying that their organization already leverages at least four AI systems or applications, according to Immuta. 79% also report that their budget for AI systems, applications, and development has increased

Organizations go ahead with AI despite security risks Read More »

Privacy requests increased 246% in two years

cybersecurity, data, DataGrail, News, Privacy, report, survey / SecurityTicks

Privacy requests increased 246% in two years 2024-05-06 at 06:36 By Help Net Security Data Subject Requests (DSRs) — formal requests made to a company by a person to access, delete, or request not to sell/share the personal data that the company holds on them — increased by 32% from 2022 to 2023, according to

Privacy requests increased 246% in two years Read More »

eBook: CISSP fundamentals in focus

Don't miss, Hot stuff, ISC2, News, Whitepapers and webinars / SecurityTicks

eBook: CISSP fundamentals in focus 2024-05-06 at 05:31 By Help Net Security From the technical tools that help manage access control to non-technical skills like collaboration, learn about the fundamentals required in cybersecurity – and how CISSP guides you with the knowledge and skills you need to succeed. Inside the eBook: The Many Sides of

eBook: CISSP fundamentals in focus Read More »

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks

News, Week in review / SecurityTicks

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks 2024-05-05 at 11:01 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades There are proof-of-concept techniques allowing attackers to achieve

Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks Read More »

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps

Android, bug bounty, Don't miss, Google, Hot stuff, mobile apps, News / SecurityTicks

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 2024-05-03 at 17:16 By Zeljka Zorz Google has drastically increased the rewards bug hunters can get for reporting vulnerabilities in Android apps it develops and maintains. “We increased reward amounts by up to 10x in some categories (for example Remote Arbitrary

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps Read More »

Microsoft, Google widen passkey support for its users

account protection, Bitwarden, consumer, Don't miss, enterprise, FIDO Alliance, Google, Hot stuff, Microsoft, News, passwordless, passwords / SecurityTicks

Microsoft, Google widen passkey support for its users 2024-05-03 at 14:46 By Zeljka Zorz Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives. Despite decades of often-repeated statements proclaiming the death of

Microsoft, Google widen passkey support for its users Read More »

Ransom recovery costs reach $2.73 million

cybercrime, cybersecurity, Don't miss, News, Ransomware, report, Sophos, survey / SecurityTicks

Ransom recovery costs reach $2.73 million 2024-05-03 at 08:01 By Help Net Security Average ransom payment has increased 500% in the last year, according to Sophos. Organizations that paid the ransom reported an average payment of $2 million, up from $400,000 in 2023. However, ransoms are just one part of the cost. Excluding ransoms, the

Ransom recovery costs reach $2.73 million Read More »

Most companies changed their cybersecurity strategy in the past year

cybersecurity, LogRhythm, News, report, strategy, survey / SecurityTicks

Most companies changed their cybersecurity strategy in the past year 2024-05-03 at 07:31 By Help Net Security Businesses worldwide have faced a rate of change in the threat environment evidenced by 95% of companies reporting cybersecurity strategy adjustments within just the past year, according to LogRhythm. Strategic shifts within organizations At the heart of these

Most companies changed their cybersecurity strategy in the past year Read More »

What is cybersecurity mesh architecture (CSMA)?

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Gutsy, Hot stuff, Incident Response, News, opinion, Threat Intelligence / SecurityTicks

What is cybersecurity mesh architecture (CSMA)? 2024-05-03 at 07:01 By Help Net Security Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and well-defined interfaces

What is cybersecurity mesh architecture (CSMA)? Read More »

97% of security leaders have increased SaaS security budgets

cybersecurity, News, report, SaaS, survey, Valence Security / SecurityTicks

97% of security leaders have increased SaaS security budgets 2024-05-03 at 06:31 By Help Net Security 58% of the organizations were affected by a SaaS security incident in the last 18 months, according to Valence Security’s 2024 State of SaaS Security Report. Likely, as a result, 96% security leaders have made SaaS security a top

97% of security leaders have increased SaaS security budgets Read More »

New infosec products of the week: May 3, 2024

Appdome, Cybersixgill, News, Proofpoint, Secure Code Warrior, Snyk, Synopsys / SecurityTicks

New infosec products of the week: May 3, 2024 2024-05-03 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Appdome, Cybersixgill, Proofpoint, Secure Code Warrior, Snyk, and Synopsys. Cybersixgill Third-Party Intelligence module identifies potential supply chain risks The Third-Party Intelligence module combines vendor-specific

New infosec products of the week: May 3, 2024 Read More »