April, 2025 - Security Ticks

ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK?

ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? 2025-04-15 at 15:35 By Richard Speed Stopping users shooting themselves in the foot with last century’s tech Microsoft has twisted the knife into ActiveX once again, setting Microsoft 365 to disable all controls without so much as a prompt.… This article […]

React to this headline:

ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? Read More »

Zyxel Networks upgrades USG FLEX H series firewalls

Industry news, Zyxel / SecurityTicks

Zyxel Networks upgrades USG FLEX H series firewalls 2025-04-15 at 15:35 By Industry News Zyxel Networks announced its USG FLEX H series firewalls have been upgraded to combine both cloud and on-premises network security into a single seamless solution for small- and medium-sized businesses and managed service providers. Unlike most hybrid firewalls that treat cloud

React to this headline:

Zyxel Networks upgrades USG FLEX H series firewalls Read More »

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Uncategorized / SecurityTicks

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds 2025-04-15 at 15:35 By Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX

React to this headline:

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds Read More »

Only 11% of El Salvador’s registered Bitcoin firms operational

Uncategorized / SecurityTicks

Only 11% of El Salvador’s registered Bitcoin firms operational 2025-04-15 at 15:04 By Cointelegraph by Ezra Reguerra Only 20 of the 181 Bitcoin service providers registered with El Salvador’s central bank are operational, with the rest failing to meet the country’s requirements under its Bitcoin Law. Local media outlet El Mundo cited data from the

React to this headline:

Only 11% of El Salvador’s registered Bitcoin firms operational Read More »

Where it Hertz: Customer data driven off in Cleo attacks

Uncategorized / SecurityTicks

Where it Hertz: Customer data driven off in Cleo attacks 2025-04-15 at 14:47 By Connor Jones Car hire biz takes your privacy seriously, though Car hire giant Hertz has confirmed that customer information was stolen during the zero-day data raids on Cleo file transfer products last year.… This article is an excerpt from The Register

React to this headline:

Where it Hertz: Customer data driven off in Cleo attacks Read More »

Bitcoin shows growing strength during market downturn — Wintermute

Uncategorized / SecurityTicks

Bitcoin shows growing strength during market downturn — Wintermute 2025-04-15 at 14:01 By Cointelegraph by Adrian Zmudzinski Bitcoin is showing growing resilience to macroeconomic headwinds compared with traditional financial markets, according to an April 14 report from crypto market maker Wintermute. The report noted that Bitcoin (BTC) has held up relatively well during the ongoing

React to this headline:

Bitcoin shows growing strength during market downturn — Wintermute Read More »

Can 3-month Bitcoin RSI highs counter bearish BTC price ‘seasonality?’

Uncategorized / SecurityTicks

Can 3-month Bitcoin RSI highs counter bearish BTC price ‘seasonality?’ 2025-04-15 at 14:01 By Cointelegraph by William Suberg Bitcoin (BTC) demands a breakout as a key leading indicator reaches its highest levels since January. Data from Cointelegraph Markets Pro and TradingView shows the relative strength index (RSI) hinting at more BTC price gains next. Bitcoin

React to this headline:

Can 3-month Bitcoin RSI highs counter bearish BTC price ‘seasonality?’ Read More »

China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games

China, Featured, Nation-State, NSA / SecurityTicks

China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games 2025-04-15 at 14:01 By Associated Press China accuses three alleged U.S. NSA operatives of cyberattacks targeting critical infrastructure and the Asian Games in Harbin. The post China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games appeared first on SecurityWeek. This article is

React to this headline:

China Pursuing 3 Alleged US Operatives Over Cyberattacks During Asian Games Read More »

Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats

Data Protection, Quantum / SecurityTicks

Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats 2025-04-15 at 14:01 By Kevin Townsend Partisia, Squareroot8, and NuSpace join forces in a global partnership to advance quantum-safe communications. The post Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats appeared first on SecurityWeek. This article is

React to this headline:

Blockchain, Quantum, and IoT Firms Unite to Secure Satellite Communications Against Quantum Threats Read More »

Still browsing like it’s 1999: Fresh tools that keep vintage Macs online and weirdly alive

Uncategorized / SecurityTicks

Still browsing like it’s 1999: Fresh tools that keep vintage Macs online and weirdly alive 2025-04-15 at 13:47 By Liam Proven You can’t keep a good OS down The first Intel-based Mac was 19 years ago, but new versions of apps for both Classic Mac OS and PowerPC Mac OS X still occasionally appear, and

React to this headline:

Still browsing like it’s 1999: Fresh tools that keep vintage Macs online and weirdly alive Read More »

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains

Trend Micro Research : Articles, News, Reports, Trend Micro Research : Cyber Risk, Trend Micro Research : Research / SecurityTicks

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains 2025-04-15 at 13:47 By In ZDI-23-1527 and ZDI-23-1528 we uncover two possible scenarios where attackers could have compromised the Microsoft PC Manager supply chain. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

React to this headline:

ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains Read More »

Critical flaws fixed in Nagios Log Server

Don't miss, enterprise, exploit, Hot stuff, log management, Nagios Log Server, News, PoC, SMBs, vulnerability / SecurityTicks

Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability

React to this headline:

Critical flaws fixed in Nagios Log Server Read More »

NetRise Raises $10 Million to Grow Software Supply Chain Security Platform

Uncategorized / SecurityTicks

NetRise Raises $10 Million to Grow Software Supply Chain Security Platform 2025-04-15 at 13:32 By Mike Lennon Software supply chain security provider NetRise today announced raising $10 million in a Series A funding round that brings the total raised by the company close to $25 million. The new investment round was led by DNX Ventures,

React to this headline:

NetRise Raises $10 Million to Grow Software Supply Chain Security Platform Read More »

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges

Uncategorized / SecurityTicks

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges 2025-04-15 at 13:32 By The North Korea-linked threat actor assessed to be behind the massive Bybit hack in February 2025 has been linked to a malicious campaign that targets developers to deliver new stealer malware under the guise of a coding assignment. The activity has

React to this headline:

Crypto Developers Targeted by Python Malware Disguised as Coding Challenges Read More »

Hertz Discloses Data Breach Linked to Cleo Hack

data breach, Data Breaches, Featured, Hertz / SecurityTicks

Hertz Discloses Data Breach Linked to Cleo Hack 2025-04-15 at 13:16 By Ionut Arghire Customers of the Hertz, Thrifty, and Dollar brands had their personal information stolen as a result of the Cleo hack last year. The post Hertz Discloses Data Breach Linked to Cleo Hack appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Hertz Discloses Data Breach Linked to Cleo Hack Read More »

CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe

CISO, CISO Conversations, CISO Strategy, Featured, Uncategorized / SecurityTicks

CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe 2025-04-15 at 13:02 By Kevin Townsend Van Horenbeeck’s career spans some of the biggest companies in tech: Verizon, Microsoft, Google, Amazon, Zendesk, and now SVP and CSO at Adobe. The post CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe

React to this headline:

CISO Conversations: Maarten Van Horenbeeck, SVP & Chief Security officer at Adobe Read More »

Dead or alive, Britain hands Schrödinger’s industry £121M

Uncategorized / SecurityTicks

Dead or alive, Britain hands Schrödinger’s industry £121M 2025-04-15 at 12:47 By Dan Robinson UK’s play to win a quantum computing race that is still highly theoretical To mark World Quantum Day, the UK government says it will stump up a £121 million ($158 million) investment in the ever-distant technology that proponents claim has the

React to this headline:

Dead or alive, Britain hands Schrödinger’s industry £121M Read More »

Binance, KuCoin, MEXC report service issues due to AWS network interruption

Uncategorized / SecurityTicks

Binance, KuCoin, MEXC report service issues due to AWS network interruption 2025-04-15 at 12:09 By Cointelegraph by Zoltan Vardai Binance, KuCoin, MEXC and other exchanges and wallet providers have been experiencing service issues due to a significant network interruption by Amazon Web Services (AWS). Centralized cryptocurrency exchanges (CEXs) were hit by an AWS data center

React to this headline:

Binance, KuCoin, MEXC report service issues due to AWS network interruption Read More »

Windows Recovery Environment update fails successfully, says Microsoft

Uncategorized / SecurityTicks

Windows Recovery Environment update fails successfully, says Microsoft 2025-04-15 at 11:32 By Richard Speed See no error, hear no error, speak no error The three wise Microsoft monkeys have spoken. If Windows Update displayed an error after installing the April 2025 Windows Recovery Environment release, you didn’t see anything. Best to ignore it and move

React to this headline:

Windows Recovery Environment update fails successfully, says Microsoft Read More »

EU gives staff ‘burner phones, laptops’ for US visits

Uncategorized / SecurityTicks

EU gives staff ‘burner phones, laptops’ for US visits 2025-04-15 at 10:38 By Iain Thomson That would put America on the same level as China for espionage The European Commission is giving staffers visiting the US on official business burner laptops and phones to avoid espionage attempts, according to the Financial Times.… This article is

React to this headline:

EU gives staff ‘burner phones, laptops’ for US visits Read More »