March, 2025 - Security Ticks

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats

Database Protection, Emerging Threats, Security Research, Vulnerabilities / SecurityTicks

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats 2025-03-21 at 15:07 By With subject matter expertise and presence across the globe, RMI Global Solutions are recognized by the oil & gas, and broader energy industry on and offshore, as experts in the threats and risks that face the spectrum of this key industry […]

The Energy Industry’s Hidden Risks: Espionage, Sabotage, and Insider Threats Read More »

NASA’s inbox goes orbital after email mishap spams entire space industry

Uncategorized / SecurityTicks

NASA’s inbox goes orbital after email mishap spams entire space industry 2025-03-21 at 14:36 By Richard Speed MAPTIS mailing list blunder triggers reply-all chaos Everybody loves a good email storm. However, an insecure email distribution list that results in an accidental spamming of space agencies worldwide is undoubtedly one for the record books.… This article

NASA’s inbox goes orbital after email mishap spams entire space industry Read More »

Malicious ads target Semrush users to steal Google account credentials

Don't miss, Google, Hot stuff, malvertising, Malwarebytes, News, SEO / SecurityTicks

Malicious ads target Semrush users to steal Google account credentials 2025-03-21 at 14:35 By Zeljka Zorz Cyber crooks are exploiting users’ interest in Semrush, a popular SEO, advertising, and market research SaaS platform, to steal their Google account credentials. The fraudulent campaign Malwarebytes researchers have spotted a campaign consisting of a slew of malicious ads

Malicious ads target Semrush users to steal Google account credentials Read More »

New Jailbreak Technique Uses Fictional World to Manipulate AI

AI, AI jailbreak, Artificial Intelligence, Immersive World, jailbreak / SecurityTicks

New Jailbreak Technique Uses Fictional World to Manipulate AI 2025-03-21 at 14:16 By Ionut Arghire Cato Networks discovers a new LLM jailbreak technique that relies on creating a fictional world to bypass a model’s security controls. The post New Jailbreak Technique Uses Fictional World to Manipulate AI appeared first on SecurityWeek. This article is an

New Jailbreak Technique Uses Fictional World to Manipulate AI Read More »

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley

APT, China, espionage, FishMedley, i-Soon, Nation-State / SecurityTicks

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley 2025-03-21 at 14:16 By Ionut Arghire The FishMonger APT group, a subdivision of Chinese cybersecurity firm I-Soon, compromised seven organizations in a 2022 campaign. The post Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley Read More »

Feds charge three over Molotov attacks on Tesla sites in multiple states

Uncategorized / SecurityTicks

Feds charge three over Molotov attacks on Tesla sites in multiple states 2025-03-21 at 13:47 By Connor Jones Attorney General warns people tempted to join ‘wave of domestic terrorism’ Three individuals face federal arson charges labeled as domestic terrorism after a spate of Molotov cocktail attacks on Tesla properties in the US.… This article is

Feds charge three over Molotov attacks on Tesla sites in multiple states Read More »

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)

backup, disaster recovery, Don't miss, enterprise, Hot stuff, MSP, Nakivo, News, PoC, SMBs, vulnerability, WatchTowr / SecurityTicks

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) 2025-03-21 at 13:33 By Zeljka Zorz A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) has

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) Read More »

Industry Reactions to Google Buying Wiz: Feedback Friday

cloud security, Feedback Friday, Google, Management & Strategy, Wiz / SecurityTicks

Industry Reactions to Google Buying Wiz: Feedback Friday 2025-03-21 at 13:33 By Eduard Kovacs Industry professionals comment on Google acquiring cloud security giant Wiz for $32 billion in cash. The post Industry Reactions to Google Buying Wiz: Feedback Friday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Industry Reactions to Google Buying Wiz: Feedback Friday Read More »

Nearly 22,000 impacted by Western Alliance Bank breach

Uncategorized / SecurityTicks

Nearly 22,000 impacted by Western Alliance Bank breach 2025-03-21 at 13:25 By Security leaders discuss the Western Alliance Bank breach, which impacted nearly 22,000 customers. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Nearly 22,000 impacted by Western Alliance Bank breach Read More »

10 Critical Network Pentest Findings IT Teams Overlook

Uncategorized / SecurityTicks

10 Critical Network Pentest Findings IT Teams Overlook 2025-03-21 at 13:25 By After conducting over 10,000 automated internal network penetration tests last year, vPenTest has uncovered a troubling reality that many businesses still have critical security gaps that attackers can easily exploit. Organizations often assume that firewalls, endpoint protection, and SIEMs are enough to keep

10 Critical Network Pentest Findings IT Teams Overlook Read More »

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families

Uncategorized / SecurityTicks

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families 2025-03-21 at 13:25 By The China-linked advanced persistent threat (APT) group. known as Aquatic Panda has been linked to a “global espionage campaign” that took place in 2022 targeting seven organizations. These entities include governments, catholic charities, non-governmental organizations (NGOs), and think tanks

China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families Read More »

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Uncategorized / SecurityTicks

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers 2025-03-21 at 13:25 By Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers Read More »

Bitcoin NFTs, layer-2 and restaking hype ‘completely gone’

Uncategorized / SecurityTicks

Bitcoin NFTs, layer-2 and restaking hype ‘completely gone’ 2025-03-21 at 13:00 By Cointelegraph by Ezra Reguerra A Bitcoin layer-2 executive explained how Bitcoin narratives that were “overhyped” have now wholly vanished while the ecosystem develops. In a Cointelegraph interview, Bitlayer co-founder Charlie Hu laid out three Bitcoin narratives that he believed were overhyped. This included

Bitcoin NFTs, layer-2 and restaking hype ‘completely gone’ Read More »

No big changes to UK broadband regs, despite no real competition for BT

Uncategorized / SecurityTicks

No big changes to UK broadband regs, despite no real competition for BT 2025-03-21 at 12:48 By Dan Robinson Regulator reviews wholesale telecoms markets and decides healthy fiber is its biggest concern Britain’s telecoms watchdog is giving itself a pat on the back for overseeing the UK’s fiber broadband rollout thus far, so doesn’t want

No big changes to UK broadband regs, despite no real competition for BT Read More »

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover

Ascom, data breach, Data Breaches, Hellcat, Jaguar Land Rover, JLR, Ransomware / SecurityTicks

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover 2025-03-21 at 12:48 By Ionut Arghire The Hellcat ransomware group claims to have stolen tens of gigabytes of data from Ascom and Jaguar Land Rover. The post Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover appeared first on SecurityWeek. This article is an excerpt from

Ransomware Group Claims Attacks on Ascom, Jaguar Land Rover Read More »

Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos

charged, cybercrime, hacker, Matt Weiss / SecurityTicks

Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos 2025-03-21 at 12:31 By Associated Press Former NFL and University of Michigan assistant football coach Matt Weiss hacked into the computer accounts of thousands of college athletes seeking intimate photos and videos. The post Former NFL, Michigan Assistant Coach Matt Weiss

Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes’ Intimate Photos Read More »

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Featured, GitHub, GitHub actions, supply chain, Supply Chain Security / SecurityTicks

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed 2025-03-21 at 12:17 By Eduard Kovacs More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. This article is an

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed Read More »

Ukraine and EU Strengthen Cybersecurity Cooperation Amid Rising Russian Threats

Uncategorized / SecurityTicks

Ukraine and EU Strengthen Cybersecurity Cooperation Amid Rising Russian Threats 2025-03-21 at 12:05 View original post at Safety Detectives Ukraine and the European Union have taken a significant step toward deeper cybersecurity collaboration as Russian cyber and hybrid attacks continue to escalate. A memorandum of understanding was signed at the Kyiv International Cyber Resilience Forum,

Ukraine and EU Strengthen Cybersecurity Cooperation Amid Rising Russian Threats Read More »

Bezeq International Partners with Enigmatos to Strengthen Fleet Cybersecurity

Uncategorized / SecurityTicks

Bezeq International Partners with Enigmatos to Strengthen Fleet Cybersecurity 2025-03-21 at 12:05 View original post at Safety Detectives Bezeq International has announced a strategic partnership with Israeli cybersecurity firm Enigmatos to enhance protections for commercial vehicle fleets. The agreement will integrate Enigmatos’ advanced monitoring technology into Bezeq International’s Security Operations Center (SOC), offering real-time defense

Bezeq International Partners with Enigmatos to Strengthen Fleet Cybersecurity Read More »

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Endpoints, Trend Micro Research : Ransomware, Trend Micro Research : Research / SecurityTicks

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations 2025-03-21 at 11:36 By Trend Research encounters new versions of the Albabat ransomware, which appears to target Windows, Linux, and macOS devices. We also reveal the group’s use of GitHub to streamline their ransomware operation. This article is an excerpt from

Albabat Ransomware Group Potentially Expands Targets to Multiple OS, Uses GitHub to Streamline Operations Read More »

March 2025