privileged accounts - Security Ticks

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?

Arctic Wolf Networks, Don't miss, firewall, Fortinet, FortiOS, Hot stuff, Huntress, News, privileged accounts, SSO, vulnerability / SecurityTicks

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or […]

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »

Attackers turn trusted OAuth apps into cloud backdoors

attack tools, automation, cloud security, Don't miss, enterprise, Hot stuff, Microsoft Entra ID, News, OAuth, privileged accounts, Proofpoint / SecurityTicks

Attackers turn trusted OAuth apps into cloud backdoors 2025-10-22 at 15:43 By Zeljka Zorz Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or

Attackers turn trusted OAuth apps into cloud backdoors Read More »

Unpatched Windows Server vulnerability allows full domain compromise

Active Directory, Akamai, Don't miss, enterprise, Hot stuff, News, privileged accounts, vulnerability, Windows Server / SecurityTicks

Unpatched Windows Server vulnerability allows full domain compromise 2025-05-22 at 18:45 By Zeljka Zorz A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server

Unpatched Windows Server vulnerability allows full domain compromise Read More »

Microsoft announces new and improved Windows 11 security features

Application Security, Data Protection, Don't miss, Hot stuff, Microsoft, News, privileged accounts, Windows / SecurityTicks

Microsoft announces new and improved Windows 11 security features 2024-11-19 at 21:04 By Zeljka Zorz Microsoft has implemented some and is working on delivering several other security-related features and improvements for Windows 11. Administrator protection will allow users to make system changes on their PCs without having administrator rights (that can be abused by attackers

Microsoft announces new and improved Windows 11 security features Read More »

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

account hijacking, Cloud, credentials, Don't miss, Hot stuff, Microsoft, Microsoft Entra ID, News, privileged accounts, Ransomware / SecurityTicks

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts 2024-09-30 at 17:01 By Zeljka Zorz Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts Read More »

Hackers breaching construction firms via specialized accounting software

brute-force, credentials, Don't miss, enterprise, Hot stuff, Huntress, News, privileged accounts, SMBs / SecurityTicks

Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation

Hackers breaching construction firms via specialized accounting software Read More »

Gateways to havoc: Overprivileged dormant service accounts

Anetac, cybersecurity, data breach, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, News, opinion, privileged accounts / SecurityTicks

Gateways to havoc: Overprivileged dormant service accounts 2024-09-17 at 07:32 By Help Net Security Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and applications like websites, APIs, and databases – and facilitate integrations, operating as a proxy to humans and supporting business processes.

Gateways to havoc: Overprivileged dormant service accounts Read More »

Dropbox says attackers accessed customer and MFA info, API keys

data breach, digital signature, Don't miss, Dropbox, Hot stuff, News, privileged accounts / SecurityTicks

Dropbox says attackers accessed customer and MFA info, API keys 2024-05-02 at 12:01 By Zeljka Zorz File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. “From a technical perspective, Dropbox Sign’s infrastructure is largely separate from other Dropbox services. That said, we

Dropbox says attackers accessed customer and MFA info, API keys Read More »

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

access management, Delinea, Don't miss, enterprise, Hot stuff, News, PoC, privileged accounts, vulnerability, vulnerability disclosure / SecurityTicks

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access 2024-04-15 at 14:46 By Zeljka Zorz Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access Read More »

Preventing insider access from leaking to malicious actors

access control, access management, cybersecurity, Don't miss, Gutsy, Hot stuff, privileged accounts, risk, Video / SecurityTicks

Preventing insider access from leaking to malicious actors 2024-01-15 at 07:32 By Help Net Security In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security posture if off-boarding isn’t handled thoroughly. The

Preventing insider access from leaking to malicious actors Read More »

Finding the right approach to security awareness

Artificial Intelligence, cybersecurity, Don't miss, Email, Hot stuff, Malware, Mark43, MFA, phishing, privileged accounts, security awareness, training, Video / SecurityTicks

Finding the right approach to security awareness 30/10/2023 at 09:02 By Help Net Security As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become increasingly vital. Security awareness training is essential and must be a live, evolving process. In this Help Net Security

Finding the right approach to security awareness Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR / SecurityTicks

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

Microsoft Defender can automatically contain compromised user accounts Read More »

Amazon: AWS root accounts must have MFA enabled

account protection, AWS, cloud security, Don't miss, Hot stuff, MFA, News, privileged accounts, security key / SecurityTicks

Amazon: AWS root accounts must have MFA enabled 04/10/2023 at 12:01 By Zeljka Zorz Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor authentication (MFA). MFA options for AWS accounts AWS provides on-demand cloud computing platforms and APIs to

Amazon: AWS root accounts must have MFA enabled Read More »

Goodbyes are difficult, IT offboarding processes make them harder

cybersecurity, data, Don't miss, employee, Expert analysis, Expert corner, Hot stuff, opinion, privileged accounts, Spera / SecurityTicks

Goodbyes are difficult, IT offboarding processes make them harder 19/06/2023 at 07:32 By Help Net Security When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achievements. They should leave behind any proprietary or confidential data belonging to the organization, but Osterman Research found that 69% of organizations

Goodbyes are difficult, IT offboarding processes make them harder Read More »