2025 - Security Ticks

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections 2025-02-04 at 15:33 By A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the […]

React to this headline:

Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections Read More »

North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS

Uncategorized / SecurityTicks

North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS 2025-02-04 at 15:33 By The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process. “Targets are typically asked to communicate with an

React to this headline:

North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS Read More »

Ireland’s AI minister has never used ChatGPT but swears she’ll learn fast

Uncategorized / SecurityTicks

Ireland’s AI minister has never used ChatGPT but swears she’ll learn fast 2025-02-04 at 15:21 By Richard Currie Hey, it’s not like any governments know what they are doing The Republic of Ireland’s new AI minister should probably consult ChatGPT immediately to ask for pointers on how to do her job.… This article is an

React to this headline:

Ireland’s AI minister has never used ChatGPT but swears she’ll learn fast Read More »

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)

0-day, Don't miss, Hot stuff, News, security controls, spear-phishing, Trend Micro, Ukraine, vulnerability, Windows / SecurityTicks

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) 2025-02-04 at 15:08 By Zeljka Zorz CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian entities, Trend Micro researchers have revealed. The 7-Zip vulnerability (CVE-2025-0411) Mark-of-the-Web (MotW) is a

React to this headline:

Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411) Read More »

Why users still couldn’t care less about Windows 11

Uncategorized / SecurityTicks

Why users still couldn’t care less about Windows 11 2025-02-04 at 14:38 By Richard Speed No reason to upgrade other than the looming end of Windows 10 Comment Users are still steering clear of Windows 11, with some customers describing the sales pitch as “like trying to sell sand at a beach.”… This article is

React to this headline:

Why users still couldn’t care less about Windows 11 Read More »

Nymi Band 4 delivers passwordless MFA to deskless workers in OT environments

Industry news, Nymi / SecurityTicks

Nymi Band 4 delivers passwordless MFA to deskless workers in OT environments 2025-02-04 at 14:35 By Industry News Nymi launched next-generation wearable authenticator, the Nymi Band 4, which introduces design upgrades and expanded passwordless use cases for regulated industries, while retaining its core authentication functionality. This latest development from Nymi offers industries with complex operations

React to this headline:

Nymi Band 4 delivers passwordless MFA to deskless workers in OT environments Read More »

Personal Information Compromised in GrubHub Data Breach

data breach, Data Breaches, GrubHub / SecurityTicks

Personal Information Compromised in GrubHub Data Breach 2025-02-04 at 14:35 By Eduard Kovacs Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers. The post Personal Information Compromised in GrubHub Data Breach appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Personal Information Compromised in GrubHub Data Breach Read More »

Cyber Insights 2025: The CISO Outlook

CISO, CISO Strategy, CyberInsights2025, Management & Strategy / SecurityTicks

Cyber Insights 2025: The CISO Outlook 2025-02-04 at 14:03 By Kevin Townsend There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek. This

React to this headline:

Cyber Insights 2025: The CISO Outlook Read More »

Developers Targeted With Malware Disguised as DeepSeek Package

DeepSeek, Malware, Malware & Threats, PyPI, Python / SecurityTicks

Developers Targeted With Malware Disguised as DeepSeek Package 2025-02-04 at 14:03 By Eduard Kovacs Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI. The post Developers Targeted With Malware Disguised as DeepSeek Package appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Developers Targeted With Malware Disguised as DeepSeek Package Read More »

Cyberattack on NHS causes hospitals to miss cancer care targets

Uncategorized / SecurityTicks

Cyberattack on NHS causes hospitals to miss cancer care targets 2025-02-04 at 13:48 By Connor Jones Healthcare chiefs say impact will persist for months NHS execs admit that last year’s cyberattack on hospitals in Wirral, northwest England, continues to “significantly” impact waiting times for cancer treatments, and suspect this will last for “months.”… This article

React to this headline:

Cyberattack on NHS causes hospitals to miss cancer care targets Read More »

Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare

backdoor, Contec, healthcare, IoT, IoT Security / SecurityTicks

Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare 2025-02-04 at 13:48 By Ionut Arghire The Contec CMS8000 patient monitors do not contain a malicious backdoor but are plagued by an insecure and vulnerable design. The post Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare appeared first on

React to this headline:

Contec Patient Monitors Not Malicious, but Still Pose Big Risk to Healthcare Read More »

Watch Out For These 8 Cloud Security Shifts in 2025

Uncategorized / SecurityTicks

Watch Out For These 8 Cloud Security Shifts in 2025 2025-02-04 at 13:48 By As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are

React to this headline:

Watch Out For These 8 Cloud Security Shifts in 2025 Read More »

Casio UK site compromised, equipped with web skimmer

data theft, Don't miss, Hot stuff, Jscrambler, magento, News, web hacks / SecurityTicks

Casio UK site compromised, equipped with web skimmer 2025-02-04 at 13:20 By Zeljka Zorz Japanese electronics maker Casio has had its UK website injected with a web skimmer that collected buyers’ personal and payment card information, Jscrambler has discovered. The company says that the same skimmer has been added to at least seventeen (and possibly

React to this headline:

Casio UK site compromised, equipped with web skimmer Read More »

Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’

Uncategorized / SecurityTicks

Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’ 2025-02-04 at 13:06 By Jessica Lyons When cloud customers don’t clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia’s “SolarWinds adventures

React to this headline:

Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look ‘insignificant’ Read More »

Vulnerability Patched in Android Possibly Exploited by Forensic Tools

Android, exploited, Featured, forensic, Mobile & Wireless / SecurityTicks

Vulnerability Patched in Android Possibly Exploited by Forensic Tools 2025-02-04 at 13:03 By Ionut Arghire The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Vulnerability Patched in Android Possibly Exploited by Forensic Tools Read More »

Amazon’s Kuiper secures license to take on Starlink in the UK

Uncategorized / SecurityTicks

Amazon’s Kuiper secures license to take on Starlink in the UK 2025-02-04 at 12:35 By Richard Speed Everybody is going to play nice, OK? Telecom watchdog Ofcom has granted a license application from Amazon Kuiper Services Europe for satellite connectivity in the UK.… This article is an excerpt from The Register View Original Source React

React to this headline:

Amazon’s Kuiper secures license to take on Starlink in the UK Read More »

Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities

Cryptocurrency, Don't miss, extortion, finance, fraud, Hot stuff, News, USA, vulnerability / SecurityTicks

Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities 2025-02-04 at 12:16 By Help Net Security A Canadian man has been indicted in federal court in New York for exploiting vulnerabilities in two decentralized finance (DeFi) protocols to fraudulently obtain about $65 million from the protocols’ investors. The fraudulent scheme According to court

React to this headline:

Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities Read More »

Ransomware attack targets the New York Blood Center

Uncategorized / SecurityTicks

Ransomware attack targets the New York Blood Center 2025-02-04 at 12:16 By The New York Blood Center experienced a ransomware attack. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Ransomware attack targets the New York Blood Center Read More »

DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test

AI, AI jailbreak, Artificial Intelligence, ChatGPT, DeepSeek, Gemini, jailbreak / SecurityTicks

DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test 2025-02-04 at 12:03 By Eduard Kovacs DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google. The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek. This article is an excerpt

React to this headline:

DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test Read More »

UK govt must learn fast and let failing projects die young

Uncategorized / SecurityTicks

UK govt must learn fast and let failing projects die young 2025-02-04 at 11:48 By Lindsay Clark Tackle longstanding issues around productivity, cyber resilience and public sector culture, advises spending watchdog The UK’s government spending watchdog has called on the current administration to make better use of technology to kickstart the misfiring economy and ensure

React to this headline:

UK govt must learn fast and let failing projects die young Read More »