Don't miss - Security Ticks

91% noise: A look at what’s wrong with traditional SAST tools

Application Security, automation, cybersecurity, Don't miss, Ghost Security, News, report, scanning / SecurityTicks

91% noise: A look at what’s wrong with traditional SAST tools 2025-06-19 at 07:32 By Mirko Zorz Traditional static application security testing (SAST) tools are falling short. That’s the key takeaway from a recent report that tested these tools against nearly 3,000 open-source code repositories. The results: more than 91% of flagged vulnerabilities were false […]

React to this headline:

91% noise: A look at what’s wrong with traditional SAST tools Read More »

AWS launches new cloud security features

account protection, AWS, cloud security, DDoS, Don't miss, Hot stuff, Kubernetes, MFA, News / SecurityTicks

AWS launches new cloud security features 2025-06-18 at 17:59 By Zeljka Zorz Amazon Web Services has announced new and improved security features at its annual AWS re:Inforce cloud security conference. The company has also introduced features aimed at speeding up backup recovery, and has announced the completion of its push to protect all AWS root

React to this headline:

AWS launches new cloud security features Read More »

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)

Debian, Don't miss, Fedora, Hot stuff, Linux, News, openSUSE, Qualys, Ubuntu, vulnerability / SecurityTicks

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) 2025-06-18 at 14:49 By Zeljka Zorz Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable

React to this headline:

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) Read More »

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security

containers, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Kubernetes, News, opinion, Rootly / SecurityTicks

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security 2025-06-18 at 09:02 By Help Net Security As applications become more distributed, traditional monitoring and security tools are failing to keep pace. This article explores how eBPF, when utilized by the graduated CNCF Cilium and its sub-project Tetragon, combined with Software Bills of

React to this headline:

Kernel-level container insights: Utilizing eBPF with Cilium, Tetragon, and SBOMs for security Read More »

AI is changing cybersecurity roles, and entry-level jobs are at risk

Artificial Intelligence, automation, Cato Networks, cybersecurity, Don't miss, Exabeam, News, Perspective Intelligence, Wipro / SecurityTicks

AI is changing cybersecurity roles, and entry-level jobs are at risk 2025-06-18 at 08:00 By Sinisa Markovic Will humans remain essential in cybersecurity, or is AI set to take over? According to Wipro, many CISOs are leveraging AI to improve threat detection and response times and to build enhanced incident response capabilities. What’s changing AI

React to this headline:

AI is changing cybersecurity roles, and entry-level jobs are at risk Read More »

From cleaners to creepers: The risk of mobile privilege escalation

Android, Don't miss, mobile devices, mobile security, News, smartphones, Video, Zimperium / SecurityTicks

From cleaners to creepers: The risk of mobile privilege escalation 2025-06-18 at 07:38 By Help Net Security In this Help Net Security video, Nico Chiaraviglio, Chief Scientist at Zimperium, explores how Android apps can be abused to escalate privileges, giving attackers access to sensitive data and system functions. Drawing on Zimperium’s recent research, he breaks

React to this headline:

From cleaners to creepers: The risk of mobile privilege escalation Read More »

Researchers unearth keyloggers on Outlook login pages

credentials, data theft, Don't miss, Government, Hot stuff, Microsoft Exchange, News, Outlook, Positive Technologies / SecurityTicks

Researchers unearth keyloggers on Outlook login pages 2025-06-17 at 18:37 By Zeljka Zorz Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of government organizations and companies around the world, and have injected the organizations’ Outlook on the Web (OWA) login page with browser-based keyloggers, Positive Technologies researchers have warned. The keylogging JavaScript code (Source:

React to this headline:

Researchers unearth keyloggers on Outlook login pages Read More »

Hackers love events. Why aren’t more CISOs paying attention?

BforeAI, CISO, conferences, CXO, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Span, strategy, tips / SecurityTicks

Hackers love events. Why aren’t more CISOs paying attention? 2025-06-17 at 09:04 By Mirko Zorz When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and shareholder meetings bring a different kind of cybersecurity exposure. These events gather people, devices, and

React to this headline:

Hackers love events. Why aren’t more CISOs paying attention? Read More »

Before scaling GenAI, map your LLM usage and risk zones

Application Security, ArmorCode, Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, Lakera, LLMs, News, OWASP, policy, Straiker, The Motley Fool / SecurityTicks

Before scaling GenAI, map your LLM usage and risk zones 2025-06-17 at 08:46 By Mirko Zorz In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by implementing guardrails to mitigate GenAI-specific risks like prompt injection, insecure outputs,

React to this headline:

Before scaling GenAI, map your LLM usage and risk zones Read More »

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles

automotive security, CISA, Don't miss, GPS, Hot stuff, location tracking, News, remote management, SinoTrack / SecurityTicks

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles 2025-06-16 at 16:18 By Zeljka Zorz Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power to vehicles’ fuel pump (if the tracker can interact with a car’s system). The warning

React to this headline:

SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles Read More »

Why banks’ tech-first approach leaves governance gaps

Banks, CIO, CISO, Compliance, CXO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, Live Oak Bank, News, opinion, regulation, Risk Management, security metrics, strategy / SecurityTicks

Why banks’ tech-first approach leaves governance gaps 2025-06-16 at 09:06 By Mirko Zorz In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk priorities. Banking institutions often falter when cybersecurity is siloed as purely a technical or compliance

React to this headline:

Why banks’ tech-first approach leaves governance gaps Read More »

MDEAutomator: Open-source endpoint management, incident response in MDE

cybersecurity, Don't miss, GitHub, Hot stuff, Microsoft, News, open source, software / SecurityTicks

MDEAutomator: Open-source endpoint management, incident response in MDE 2025-06-16 at 08:36 By Help Net Security Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool designed to make that easier. MDEAutomator is a modular, serverless solution for IT and security teams looking

React to this headline:

MDEAutomator: Open-source endpoint management, incident response in MDE Read More »

Virtual kidnapping scams prey on our worst fears

Artificial Intelligence, BeyondID, cybercrime, cybersecurity, Don't miss, McAfee, News, scams, tips / SecurityTicks

Virtual kidnapping scams prey on our worst fears 2025-06-16 at 08:02 By Sinisa Markovic Getting a call saying a family member has been kidnapped is terrifying. Fear and panic take over, making it hard to think clearly. That’s exactly what criminals count on when they use a scam called virtual kidnapping. What is virtual kidnapping?

React to this headline:

Virtual kidnapping scams prey on our worst fears Read More »

Review: Learning Kali Linux, 2nd Edition

books, Don't miss, Kali Linux, Linux, News, OffSec, penetration testing, Review, Reviews, skill development / SecurityTicks

Review: Learning Kali Linux, 2nd Edition 2025-06-16 at 07:32 By Mirko Zorz Kali Linux has long been the go-to operating system for penetration testers and security professionals, and Learning Kali Linux, 2nd Edition by Ric Messier aims to guide readers through its core tools and use cases. This updated edition introduces new material on digital

React to this headline:

Review: Learning Kali Linux, 2nd Edition Read More »

Why CISOs need to understand the AI tech stack

Artificial Intelligence, CISO, Data Protection, Don't miss, News, regulation, report, strategy, tips / SecurityTicks

Why CISOs need to understand the AI tech stack 2025-06-16 at 07:01 By Mirko Zorz As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global Institute, The AI Tech Stack: A Primer for Tech

React to this headline:

Why CISOs need to understand the AI tech stack Read More »

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools

Don't miss, Hot stuff, Kali Linux, News, OffSec, open source, penetration testing, software / SecurityTicks

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools 2025-06-14 at 12:17 By Zeljka Zorz OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 (Source: OffSec) New in Kali Linux 2025.2 As per usual, the newest

React to this headline:

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools Read More »

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

Amnesty International, Citizen Lab, Don't miss, Europe, exploit, government-backed attacks, Hot stuff, iOS, News, Privacy, Recorded Future, spyware, vulnerability / SecurityTicks

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) 2025-06-13 at 15:22 By Zeljka Zorz A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks happened in January and early February 2025. “We

React to this headline:

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) Read More »

Unpacking the security complexity of no-code development platforms

Application Security, code, cybersecurity, Don't miss, Features, Hot stuff, News, Nokod Security, software development / SecurityTicks

Unpacking the security complexity of no-code development platforms 2025-06-13 at 09:02 By Mirko Zorz In this Help Net Security interview, Amichai Shulman, CTO at Nokod Security, discusses how the abstraction layer in no-code environments complicates security by obscuring data flow, identity propagation, and control logic. Shulman also addresses why vulnerabilities in no-code applications go far

React to this headline:

Unpacking the security complexity of no-code development platforms Read More »

Researchers warn of ongoing Entra ID account takeover campaign

account hijacking, account protection, brute-force, Don't miss, Hot stuff, Microsoft Entra ID, News, penetration testing, Proofpoint / SecurityTicks

Researchers warn of ongoing Entra ID account takeover campaign 2025-06-12 at 19:50 By Zeljka Zorz Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research indicates that while simulated intrusions using TeamFiltration date back nearly to the tool’s initial release

React to this headline:

Researchers warn of ongoing Entra ID account takeover campaign Read More »

LockBit panel data leak shows Chinese orgs among the most targeted

China, cybercriminals, Don't miss, Hot stuff, manufacturing sector, News, Positive Technologies, Ransomware, Russian Federation, Taiwan, Trellix, USA / SecurityTicks

LockBit panel data leak shows Chinese orgs among the most targeted 2025-06-12 at 17:17 By Zeljka Zorz The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20%

React to this headline:

LockBit panel data leak shows Chinese orgs among the most targeted Read More »

Don’t miss