greentick

greentick

Share

IT, CyberSecurity, IS Audit, HR, ISO, Business & Finance Consulting The key areas of business sometimes remain unfocused and unchanged due to various factors.

Photos from greentick's post 11/09/2024

Interactive Learning: How Green Tick Nepal Makes Training Engaging

Today, during our ISO/IEC 27001:2022 Lead Implementer training, one of the participants asked about managing third-party risks. Instead of giving a direct answer, our trainer presented a scenario: “Imagine you’re in charge of security for a global company, and a third-party vendor has a data breach. How would you handle this risk without disrupting your operations?” This approach encourages all the participants to think critically and come up with their own solutions based on real-world experience.

When participants needed more guidance, the trainer explained: “Start by assessing the breach's impact. Check the vendor’s response and put in place temporary security measures. Update your risk management plan to include these new insights.” This helps participants apply what they have learned to real situations.

Engaging the Mind, Not Just the Process

What sets Green Tick Nepal’s training apart is our focus on empowering participants to think and solve problems on their own. We go beyond just teaching theory to help participants develop real skills and confidence in managing security by engaging in real-world scenarios and collaborative problem-solving.

Collaborative Problem-Solving: Harnessing Collective Expertise

By integrating practical experience with teamwork, our training ensures that participants are not just learning but are ready to lead and tackle security challenges with confidence.

CVE-2024-45509: Improper Access Control in MISP 04/09/2024

🔒 New CVE Discovery: CVE-2024-45509

Our security team at Green Tick Nepal Pvt. Ltd. has identified a critical vulnerability in MISP (version 2.4.196) that could expose sensitive credentials. This flaw in the BookmarksController.php allows unauthorized users to access critical bookmarks data, including hashed passwords and authentication keys.

Key Details:
- CVE ID: CVE-2024-45509
- Discovered By: Green Tick Nepal Pvt. Ltd.
- Impact: Credential Exposure due to Improper Access Control
- Affected Version: MISP through 2.4.196
- Date Published: September 1, 2024

For more details, visit https://gtn.com.np/2024/09/cve-2024-45509-improper-access-control-in-misp-leading-to-credential-exposure/

CVE-2024-45509: Improper Access Control in MISP On August 26, the security team at Green Tick Nepal Pvt. Ltd., based in Kathmandu, Nepal, identified a vulnerability in MISP (version 2.4.196).

01/09/2024

Proper management of operations delivers the power to act efficiently by linking process and value in an organization.
Improve efficiency, reduce costs, and boost productivity with our Operations Management service from Green Tick Nepal.

25/08/2024

A strong digital system begins with a solid base.
Let us help you build that foundation with our VAPT services.

Want your business to be the top-listed Business in Kathmandu?
Click here to claim your Sponsored Listing.

Address


Sahid Marg, Gyaneshwor
Kathmandu

Opening Hours

Monday 09:30 - 17:30
Tuesday 09:30 - 17:30
Wednesday 09:30 - 17:30
Thursday 09:30 - 17:30
Friday 09:30 - 17:30
Sunday 09:30 - 17:30