February, 2025 - Security Ticks

Watchdog ponders why Apple doesn’t apply its strict app tracking rules to itself

Watchdog ponders why Apple doesn’t apply its strict app tracking rules to itself 2025-02-14 at 11:30 By Jude Karabus Germany’s Federal Cartel Office voices concerns iPhone maker may be breaking competition law Apple is feeling the heat over its acclaimed iPhone privacy policy after a German regulator’s review of iOS tracking consent alleged that the […]

React to this headline:

Watchdog ponders why Apple doesn’t apply its strict app tracking rules to itself Read More »

Grip Security unveils SSPM solution to strengthen SaaS security posture

Grip Security, Industry news / SecurityTicks

Grip Security unveils SSPM solution to strengthen SaaS security posture 2025-02-14 at 10:46 By Industry News Grip Security has unveiled its SaaS Security Posture Management (SSPM) solution, which proactively identifies misconfigurations, enforces best practices and strengthens SaaS security posture against emerging risks. Unlike traditional SSPM products, Grip SSPM is built on a foundation of visibility

React to this headline:

Grip Security unveils SSPM solution to strengthen SaaS security posture Read More »

HPE says blocking Juniper buy is a sure Huawei to ensure China and Cisco thrive

Uncategorized / SecurityTicks

HPE says blocking Juniper buy is a sure Huawei to ensure China and Cisco thrive 2025-02-14 at 09:02 By Simon Sharwood Analyst argues stopping the deal benefits Switchzilla by preventing rise of strong challenger for AI networks HPE has fired back at the US Department of Justice’s objection to its takeover of Juniper Networks, with

React to this headline:

HPE says blocking Juniper buy is a sure Huawei to ensure China and Cisco thrive Read More »

Chinese AI marches on as Baidu makes its chatbot free, Alibaba scores Apple deal

Uncategorized / SecurityTicks

Chinese AI marches on as Baidu makes its chatbot free, Alibaba scores Apple deal 2025-02-14 at 07:30 By Simon Sharwood New ‘Deep Search’ thinking and planning bot to go up against peoples’ champion DeepSeek Chinese AI continued to march onto the world stage this week, with Alibaba and Baidu both taking major strides.… This article

React to this headline:

Chinese AI marches on as Baidu makes its chatbot free, Alibaba scores Apple deal Read More »

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Uncategorized / SecurityTicks

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks 2025-02-14 at 07:22 By Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The

React to this headline:

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks Read More »

Pig butchering scams are exploding

Chainalysis, Crypto, cybercrime, fraud, News, report, scams, survey / SecurityTicks

Pig butchering scams are exploding 2025-02-14 at 07:03 By Help Net Security 2024 is set to be a record year for scammers who received at least US$9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is projected to rise to an all-time high of $12.4 billion as ongoing analysis uncovers

React to this headline:

Pig butchering scams are exploding Read More »

Shadow AI: The silent threat to enterprise data security

Uncategorized / SecurityTicks

Shadow AI: The silent threat to enterprise data security 2025-02-14 at 07:03 By Just as IT departments have started to get a handle on shadow IT by setting policies for oversight and permissions on the use of applications, a new challenge has emerged — shadow AI. This article is an excerpt from Subscribe to Security

React to this headline:

Shadow AI: The silent threat to enterprise data security Read More »

Inconsistent security strategies fuel third-party threats

cybersecurity, data breach, Imprivata, News, Ponemon Institute, report, survey, third party compromise, threat / SecurityTicks

Inconsistent security strategies fuel third-party threats 2025-02-14 at 06:36 By Help Net Security 47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the Ponemon Institute. Third-party security incidents persist Notably, 64% of respondents say these types of third-party

React to this headline:

Inconsistent security strategies fuel third-party threats Read More »

Lawyers face judge’s wrath after AI cites made-up cases in fiery hoverboard lawsuit

Uncategorized / SecurityTicks

Lawyers face judge’s wrath after AI cites made-up cases in fiery hoverboard lawsuit 2025-02-14 at 06:16 By Thomas Claburn Talk about court red-handed Demonstrating yet again that uncritically trusting the output of generative AI is dangerous, attorneys involved in a product liability lawsuit have apologized to the presiding judge for submitting documents that cite non-existent

React to this headline:

Lawyers face judge’s wrath after AI cites made-up cases in fiery hoverboard lawsuit Read More »

New infosec products of the week: February 14, 2025

Armor, EchoMark, Netwrix, News, Palo Alto Networks, Socure / SecurityTicks

New infosec products of the week: February 14, 2025 2025-02-14 at 06:03 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats Palo Alto

React to this headline:

New infosec products of the week: February 14, 2025 Read More »

Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks

Uncategorized / SecurityTicks

Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks 2025-02-14 at 04:34 By Jessica Lyons Some employees steal sticky notes, others ‘borrow’ malicious code A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated

React to this headline:

Chinese spies suspected of ‘moonlighting’ as tawdry ransomware crooks Read More »

TikTok returns on Apple, Google app stores as Trump delays ban

Uncategorized / SecurityTicks

TikTok returns on Apple, Google app stores as Trump delays ban 2025-02-14 at 04:16 By Reuters President Donald Trump delayed the TikTok ban until April 5 as the app is back on the U.S. app stores of Apple and Google. This article is an excerpt from Latest Technology News and Product Reviews | New York

React to this headline:

TikTok returns on Apple, Google app stores as Trump delays ban Read More »

After clash over Rust in the Linux kernel, Asahi lead quits, slams ‘failure of leadership’

Uncategorized / SecurityTicks

After clash over Rust in the Linux kernel, Asahi lead quits, slams ‘failure of leadership’ 2025-02-14 at 00:20 By Thomas Claburn I fought the Torv and … the Torv won Hector Martin, project lead of Asahi Linux, resigned early Friday, Japan Standard Time, citing developer burnout, demanding users, and Linus Torvalds’s handling of the integration

React to this headline:

After clash over Rust in the Linux kernel, Asahi lead quits, slams ‘failure of leadership’ Read More »

Trump admin prepares to change conditions of CHIPS Act and its $39B subsidies: sources

Uncategorized / SecurityTicks

Trump admin prepares to change conditions of CHIPS Act and its $39B subsidies: sources 2025-02-14 at 00:06 By Reuters One of the sources said the White House is also frustrated by companies that accepted CHIPS Act subsidies and then announced significant overseas expansion plans, including in China. The law allowed some investments in China. This

React to this headline:

Trump admin prepares to change conditions of CHIPS Act and its $39B subsidies: sources Read More »

Hackers Exploit Palo Alto Networks Firewall to Deploy RA World Ransomware

Uncategorized / SecurityTicks

Hackers Exploit Palo Alto Networks Firewall to Deploy RA World Ransomware 2025-02-13 at 23:12 View original post at Safety Detectives A South Asian software company fell victim to a major cyberattack in late 2024 when hackers exploited a critical flaw in Palo Alto Networks’ PAN-OS firewall (CVE-2024-0012). This vulnerability, rated 9.3 on the CVSS scale,

React to this headline:

Hackers Exploit Palo Alto Networks Firewall to Deploy RA World Ransomware Read More »

Japan Takes Bold Step with Active Cyber Defense Bill

Uncategorized / SecurityTicks

Japan Takes Bold Step with Active Cyber Defense Bill 2025-02-13 at 23:01 View original post at Safety Detectives Japan has officially taken a major step toward strengthening its cybersecurity defenses with the approval of the Active Cyber Defense Bill, a set of laws aimed at preventing cyberattacks before they cause serious damage. The legislation, which

React to this headline:

Japan Takes Bold Step with Active Cyber Defense Bill Read More »

Reddit’s first public year shows growth, but Wall Street’s still not happy

Uncategorized / SecurityTicks

Reddit’s first public year shows growth, but Wall Street’s still not happy 2025-02-13 at 22:36 By Brandon Vigliarolo User numbers fall short, triggering investor sell-off Reddit’s first year as a public company delivered solid results by most earnings metrics, but try telling that to Wall Street: Falling short on one key growth target sent shares

React to this headline:

Reddit’s first public year shows growth, but Wall Street’s still not happy Read More »

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

BeyondTrust, CVE-2024-12356, CVE-2025-1094, Nation-State, Rapid7, Treasury, Vulnerabilities / SecurityTicks

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation 2025-02-13 at 22:20 By Ryan Naraine Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product. The post Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation appeared first on SecurityWeek. This article is an

React to this headline:

Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation Read More »

Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors

Google, poland, Uncategorized / SecurityTicks

Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors 2025-02-13 at 22:20 By Associated Press Poland is being targeted by various forms of cyberattacks and sabotage actions believed to be sponsored by Russia. The post Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors appeared first on

React to this headline:

Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors Read More »

More victims of China’s Salt Typhoon crew emerge: Telcos, unis hit via Cisco bugs

Uncategorized / SecurityTicks

More victims of China’s Salt Typhoon crew emerge: Telcos, unis hit via Cisco bugs 2025-02-13 at 20:56 By Jessica Lyons Networks in US and beyond compromised by Beijing’s super-snoops pulling off priv-esc attacks China’s Salt Typhoon spy crew exploited vulnerabilities in Cisco devices to compromise at least seven devices linked to global telecom providers and

React to this headline:

More victims of China’s Salt Typhoon crew emerge: Telcos, unis hit via Cisco bugs Read More »

February 2025