privileged accounts - Security Ticks

Dropbox says attackers accessed customer and MFA info, API keys

data breach, digital signature, Don't miss, Dropbox, Hot stuff, News, privileged accounts / SecurityTicks

Dropbox says attackers accessed customer and MFA info, API keys 2024-05-02 at 12:01 By Zeljka Zorz File hosting service Dropbox has confirmed that attackers have breached the Dropbox Sign production environment and accessed customer personal and authentication information. “From a technical perspective, Dropbox Sign’s infrastructure is largely separate from other Dropbox services. That said, we […]

React to this headline:

Dropbox says attackers accessed customer and MFA info, API keys Read More »

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

access management, Delinea, Don't miss, enterprise, Hot stuff, News, PoC, privileged accounts, vulnerability, vulnerability disclosure / SecurityTicks

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access 2024-04-15 at 14:46 By Zeljka Zorz Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server

React to this headline:

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access Read More »

Preventing insider access from leaking to malicious actors

access control, access management, cybersecurity, Don't miss, Gutsy, Hot stuff, privileged accounts, risk, Video / SecurityTicks

Preventing insider access from leaking to malicious actors 2024-01-15 at 07:32 By Help Net Security In this Help Net Security video, John Morello, CTO of Gutsy, discusses the often-overlooked aspect of cybersecurity – the offboarding process. He outlines the real-world implications and potential impact on an organization’s security posture if off-boarding isn’t handled thoroughly. The

React to this headline:

Preventing insider access from leaking to malicious actors Read More »

Finding the right approach to security awareness

Artificial Intelligence, cybersecurity, Don't miss, Email, Hot stuff, Malware, Mark43, MFA, phishing, privileged accounts, security awareness, training, Video / SecurityTicks

Finding the right approach to security awareness 30/10/2023 at 09:02 By Help Net Security As artificial intelligence amplifies the sophistication and reach of phishing, vishing, and smishing attacks, understanding and managing human cyber risks has become increasingly vital. Security awareness training is essential and must be a live, evolving process. In this Help Net Security

React to this headline:

Finding the right approach to security awareness Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR / SecurityTicks

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

React to this headline:

Microsoft Defender can automatically contain compromised user accounts Read More »

Amazon: AWS root accounts must have MFA enabled

account protection, AWS, cloud security, Don't miss, Hot stuff, MFA, News, privileged accounts, security key / SecurityTicks

Amazon: AWS root accounts must have MFA enabled 04/10/2023 at 12:01 By Zeljka Zorz Amazon wants to make it more difficult for attackers to compromise Amazon Web Services (AWS) root accounts, by requiring those account holders to enable multi-factor authentication (MFA). MFA options for AWS accounts AWS provides on-demand cloud computing platforms and APIs to

React to this headline:

Amazon: AWS root accounts must have MFA enabled Read More »

Goodbyes are difficult, IT offboarding processes make them harder

cybersecurity, data, Don't miss, employee, Expert analysis, Expert corner, Hot stuff, opinion, privileged accounts, Spera / SecurityTicks

Goodbyes are difficult, IT offboarding processes make them harder 19/06/2023 at 07:32 By Help Net Security When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achievements. They should leave behind any proprietary or confidential data belonging to the organization, but Osterman Research found that 69% of organizations

React to this headline:

Goodbyes are difficult, IT offboarding processes make them harder Read More »