February, 2025 - Security Ticks

Google patches odd Android kernel security bug amid signs of targeted exploitation

Google patches odd Android kernel security bug amid signs of targeted exploitation 2025-02-04 at 10:30 By Iain Thomson Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.… This article is […]

React to this headline:

Google patches odd Android kernel security bug amid signs of targeted exploitation Read More »

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score

Uncategorized / SecurityTicks

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score 2025-02-04 at 08:33 By Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below – CVE-2025-21396 (CVSS

React to this headline:

Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score Read More »

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104

Uncategorized / SecurityTicks

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 2025-02-04 at 08:33 By Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a

React to this headline:

Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 Read More »

Aim for crypto-agility, prepare for the long haul

cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Fortanix, Hot stuff, News, opinion, quantum computing, standards / SecurityTicks

Aim for crypto-agility, prepare for the long haul 2025-02-04 at 07:33 By Help Net Security While organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological transitions of our time. Success in the emerging quantum era will require technical expertise, strategic foresight, careful planning,

React to this headline:

Aim for crypto-agility, prepare for the long haul Read More »

What you can do to prevent workforce fraud

authentication, cybersecurity, Don't miss, Features, fraud, Government, Hot stuff, identity verification, News, Nisos, opinion, professional, remote working, threats / SecurityTicks

What you can do to prevent workforce fraud 2025-02-04 at 07:19 By Mirko Zorz In this Help Net Security interview, Benjamin Racenberg, Senior Intelligence Services Manager at Nisos, discusses the threat of workforce fraud, particularly DPRK-affiliated IT workers infiltrating remote roles. With HR teams and recruiters often unprepared to detect these sophisticated schemes, businesses face

React to this headline:

What you can do to prevent workforce fraud Read More »

8 steps to secure GenAI integration in financial services

cybersecurity, FS-ISAC, generative AI, News, Privacy, report, strategy, survey / SecurityTicks

8 steps to secure GenAI integration in financial services 2025-02-04 at 07:00 By Help Net Security GenAI offers financial services institutions enormous opportunities, particularly in unstructured dataset analysis and management, but may also increase security risks, according to FS-ISAC. GenAI can organize oceans of information and retrieve insights from it that you can use to

React to this headline:

8 steps to secure GenAI integration in financial services Read More »

Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform

Uncategorized / SecurityTicks

Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform 2025-02-04 at 06:59 By Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user’s credentials and stage follow-on attacks. This could manifest in the form

React to this headline:

Microsoft SharePoint Connector Flaw Could’ve Enabled Credential Theft Across Power Platform Read More »

Cybersecurity jobs available right now: February 3, 2025

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: February 3, 2025 2025-02-04 at 06:03 By Anamarija Pogorelec Application Security Architect ReversingLabs | Ireland | Remote – View job details As an Application Security Architect, you will conduct security assessments and vulnerability scans of applications, APIs, and other software components. Identify, analyze, and report security vulnerabilities and risks. Develop

React to this headline:

Cybersecurity jobs available right now: February 3, 2025 Read More »

Not even Nvidia’s Jensen Huang can talk President Tariffs out of chip import taxes

Uncategorized / SecurityTicks

Not even Nvidia’s Jensen Huang can talk President Tariffs out of chip import taxes 2025-02-04 at 03:21 By Tobias Mann GPU giant could just wait eight minutes for Donald to change his mind US President Donald Trump loves his tariffs and it seems that not even a meeting with Nvidia CEO Jensen Huang could persuade

React to this headline:

Not even Nvidia’s Jensen Huang can talk President Tariffs out of chip import taxes Read More »

Musk’s DOGE ship gets ‘full’ access to Treasury payment system, moves to axe USAID

Uncategorized / SecurityTicks

Musk’s DOGE ship gets ‘full’ access to Treasury payment system, moves to axe USAID 2025-02-04 at 01:48 By Jessica Lyons Who better to trust trillions of dollars, SSNs and other sensitive info with than Elon The chaos in Washington DC continued over the weekend and into Monday with government workers locked out of their offices

React to this headline:

Musk’s DOGE ship gets ‘full’ access to Treasury payment system, moves to axe USAID Read More »

US senator wants to slap prison term, $1M fine on anyone aiding Chinese AI with … downloads?

Uncategorized / SecurityTicks

US senator wants to slap prison term, $1M fine on anyone aiding Chinese AI with … downloads? 2025-02-04 at 01:03 By Tobias Mann As UK proposes laws against neural-nets-for-pedophiles Americans may have to think twice about downloading a Chinese AI model or investing in a company behind such a neural network in future. A law

React to this headline:

US senator wants to slap prison term, $1M fine on anyone aiding Chinese AI with … downloads? Read More »

TSA’s airport facial-recog tech faces audit probe

Uncategorized / SecurityTicks

TSA’s airport facial-recog tech faces audit probe 2025-02-04 at 00:34 By Brandon Vigliarolo Senators ask, Homeland Security watchdog answers: Is it worth the money? The Department of Homeland Security’s Inspector General has launched an audit of the Transportation Security Administration’s use of facial recognition technology at US airports, following criticism from lawmakers and privacy advocates.…

React to this headline:

TSA’s airport facial-recog tech faces audit probe Read More »

Trump admin scrubs DEI, gender content from federal websites

Uncategorized / SecurityTicks

Trump admin scrubs DEI, gender content from federal websites 2025-02-03 at 23:34 By Thomas Claburn Meanwhile, the Internet Archive races to save what it can – again Vast numbers of webpages have disappeared from federal sites in an effort to meet the deadline to implement the Trump administration’s executive orders targeting diversity initiatives and gender.…

React to this headline:

Trump admin scrubs DEI, gender content from federal websites Read More »

Ontario responds to Trump tariff by pitching Starlink deal into the trash

Uncategorized / SecurityTicks

Ontario responds to Trump tariff by pitching Starlink deal into the trash 2025-02-03 at 22:18 By Brandon Vigliarolo Canadian province ‘won’t do business with people hellbent on destroying our economy’ The provincial government in Ontario, Canada is hitting back at President Trump’s 25 percent tariffs on the US’ northern neighbor by scrapping a deal with

React to this headline:

Ontario responds to Trump tariff by pitching Starlink deal into the trash Read More »

Microsoft killing off Defender VPN this month

Uncategorized / SecurityTicks

Microsoft killing off Defender VPN this month 2025-02-03 at 21:48 By Iain Thomson Throw Copilot down the same well, too, maybe? No? OK If you were relying on Microsoft’s Defender VPN, it’s time to find an alternative – Redmond is shutting it down at the end of the month.… This article is an excerpt from

React to this headline:

Microsoft killing off Defender VPN this month Read More »

Active Cyber Campaign Emerging From Central Asia

Uncategorized / SecurityTicks

Active Cyber Campaign Emerging From Central Asia 2025-02-03 at 21:21 View original post at Safety Detectives A new cyber espionage organization has targetrd organizations across Central Asia and Europe. Researchers with Bitdefender Labs discovered the threat in 2022 and spent several years secretly monitoring its activity. The threat actor, dubbed UAV-0063 (also known as TAG-110),

React to this headline:

Active Cyber Campaign Emerging From Central Asia Read More »

Microsoft saying breaking up with Defender VPN in February

Uncategorized / SecurityTicks

Microsoft saying breaking up with Defender VPN in February 2025-02-03 at 21:18 By Iain Thomson ‘We are removing the privacy protection feature and will invest in new areas that will better align to customer needs’ If you were relying on Microsoft’s Defender VPN, it’s time to find an alternative – Redmond is shutting it down

React to this headline:

Microsoft saying breaking up with Defender VPN in February Read More »

New York Blood Center Faces Cyber Attack During Blood Shortage

Uncategorized / SecurityTicks

New York Blood Center Faces Cyber Attack During Blood Shortage 2025-02-03 at 21:06 View original post at Safety Detectives The New York Blood Center Enterprises (NYBCe) reported a ransomware attack that dealt serious damage to their organization. The attack comes amid a blood shortage that was already putting stress on the company. Last week, a

React to this headline:

New York Blood Center Faces Cyber Attack During Blood Shortage Read More »

Intel rakes in €515M from EU after ancient antitrust fine nixed

Uncategorized / SecurityTicks

Intel rakes in €515M from EU after ancient antitrust fine nixed 2025-02-03 at 19:49 By Dan Robinson A glimmer of light in an otherwise gloomy year for troubled chipmaker Beleaguered chip giant Intel has at least one thing to smile about after receiving a payout of €515.55 million ($536 million) from the EU in relation

React to this headline:

Intel rakes in €515M from EU after ancient antitrust fine nixed Read More »

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits

Fraud & Identity Theft, Intezer, Malware & Threats, Solis Security, VeraCore, XE Group / SecurityTicks

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits 2025-02-03 at 19:49 By Ryan Naraine Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product. The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on SecurityWeek. This article

React to this headline:

XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits Read More »