Don't miss - Security Ticks

BlackLock ransomware onslaught: What to expect and how to fight it

Don't miss, enterprise, ESXi, extortion, Hot stuff, News, Ransomware, ReliaQuest, SMBs, tips, VMWare, Windows / SecurityTicks

BlackLock ransomware onslaught: What to expect and how to fight it 2025-02-18 at 18:33 By Zeljka Zorz BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their […]

React to this headline:

BlackLock ransomware onslaught: What to expect and how to fight it Read More »

Cybercriminals shift focus to social media as attacks reach historic highs

attacks, cybercime, Don't miss, Gen Digital, Malware, News, report, social media, threats / SecurityTicks

Cybercriminals shift focus to social media as attacks reach historic highs 2025-02-18 at 18:01 By Help Net Security A new report from Gen highlights a sharp rise in online threats, capping off a record-breaking 2024. Between October and December alone, 2.55 billion cyber threats were blocked – an astonishing rate of 321 per second. The

React to this headline:

Cybercriminals shift focus to social media as attacks reach historic highs Read More »

The risks of autonomous AI in machine-to-machine interactions

Akeyless, Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity management, IoT, News, Non Human Identities, opinion, strategy / SecurityTicks

The risks of autonomous AI in machine-to-machine interactions 2025-02-18 at 08:03 By Mirko Zorz In this Help Net Security, Oded Hareven, CEO of Akeyless Security, discusses how enterprises should adapt their cybersecurity strategies to address the growing need for machine-to-machine (M2M) security. According to Hareven, machine identities must be secured and governed similarly to human

React to this headline:

The risks of autonomous AI in machine-to-machine interactions Read More »

Balancing cloud security with performance and availability

Center for Internet Security, Don't miss, Hot stuff, News / SecurityTicks

Balancing cloud security with performance and availability 2025-02-18 at 07:33 By Help Net Security Your business can’t realize the many benefits of cloud computing without ensuring performance and availability in its cloud environments. Let’s look at some examples. Scalability: To scale your business’s cloud computing services, you need those services to be available and to

React to this headline:

Balancing cloud security with performance and availability Read More »

The XCSSET info-stealing malware is back, targeting macOS users and devs

Don't miss, Hot stuff, macOS, Malware, Microsoft, News, software development, Trend Micro, Xcode / SecurityTicks

The XCSSET info-stealing malware is back, targeting macOS users and devs 2025-02-17 at 19:50 By Zeljka Zorz A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It’s usually distributed via infected Xcode projects

React to this headline:

The XCSSET info-stealing malware is back, targeting macOS users and devs Read More »

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

0-day, APT, BeyondTrust, Don't miss, Hot stuff, News, PostgreSQL, Rapid7 / SecurityTicks

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) 2025-02-17 at 15:49 By Zeljka Zorz The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the

React to this headline:

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) Read More »

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Cryptocurrency, cybercriminals, Don't miss, fraud, Hot stuff, News, scams, US DoJ / SecurityTicks

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme 2025-02-17 at 13:48 By Zeljka Zorz Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to court documents, Sergei

React to this headline:

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme Read More »

How CISOs can balance security and business agility in the cloud

access management, CISO, Cloud, cloud security, Cloudera, cybersecurity, Don't miss, Features, Hot stuff, News, opinion / SecurityTicks

How CISOs can balance security and business agility in the cloud 2025-02-17 at 08:03 By Mirko Zorz In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers practical strategies for integrating

React to this headline:

How CISOs can balance security and business agility in the cloud Read More »

Orbit: Open-source Nuclei security scanning and automation platform

Don't miss, GitHub, News, open source, penetration testing, scanning, software, Terraform / SecurityTicks

Orbit: Open-source Nuclei security scanning and automation platform 2025-02-17 at 07:50 By Mirko Zorz Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built

React to this headline:

Orbit: Open-source Nuclei security scanning and automation platform Read More »

The hidden risks of a broken data provisioning system

Artificial Intelligence, cybersecurity, data security, Don't miss, Hot stuff, Immuta, Video / SecurityTicks

The hidden risks of a broken data provisioning system 2025-02-17 at 07:04 By Help Net Security In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change

React to this headline:

The hidden risks of a broken data provisioning system Read More »

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

account hijacking, cyber espionage, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft 365, News, social engineering, spear-phishing, Volexity / SecurityTicks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have

React to this headline:

Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

Don't miss, Hot stuff, Malware, News, North Korea, PowerShell, social engineering, Windows / SecurityTicks

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

React to this headline:

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications / SecurityTicks

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Assetnote, Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC, security update / SecurityTicks

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

apple, backdoor, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Foresight Cyber, Government, Hot stuff, News, opinion, Privacy, surveillance, UK / SecurityTicks

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance 2025-02-13 at 07:30 By Help Net Security The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant

React to this headline:

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance Read More »

Over 3 million Fortune 500 employee accounts compromised since 2022

credentials, cybercrime, Don't miss, Enzoic, Malware, News, report, survey / SecurityTicks

Over 3 million Fortune 500 employee accounts compromised since 2022 2025-02-13 at 07:03 By Help Net Security More than three million employee-linked corporate accounts were compromised between 2022 and 2024 across Fortune 500 companies, according to Enzoic. This surge is fueled by the widespread use of corporate email addresses for personal accounts and the growing

React to this headline:

Over 3 million Fortune 500 employee accounts compromised since 2022 Read More »

CISOs and boards see things differently

Artificial Intelligence, boardroom, CISO, Compliance, cybersecurity, Don't miss, Hot stuff, Splunk, threat, Video / SecurityTicks

CISOs and boards see things differently 2025-02-13 at 06:35 By Help Net Security Splunk’s latest CISO Report reveals critical insights into cybersecurity priorities, threat trends, and strategies for resilience. In this Help Net Security video, Kirsty Paine, Field CTO & Strategic Advisor at Splunk, discusses the key findings and what they mean for security teams.

React to this headline:

CISOs and boards see things differently Read More »

It’s time to secure the extended digital supply chain

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Illumio, News, opinion, regulation, supply chain / SecurityTicks

It’s time to secure the extended digital supply chain 2025-02-12 at 07:35 By Help Net Security Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization

React to this headline:

It’s time to secure the extended digital supply chain Read More »

SysReptor: Open-source penetration testing reporting platform

Don't miss, GitHub, News, penetration testing, software / SecurityTicks

SysReptor: Open-source penetration testing reporting platform 2025-02-12 at 07:05 By Mirko Zorz SysReptor is a customizable open-source penetration testing reporting platform built for pentesters, red teamers, and cybersecurity professionals. You can optimize your workflow by simplifying, automating, and personalizing your reports. “SysReptor is an easy-to-use tool for pentesters and simplifies pentest reporting. Reports are designed

React to this headline:

SysReptor: Open-source penetration testing reporting platform Read More »

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

Action1, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, Tenable, Trend Micro, Windows, Windows Server / SecurityTicks

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) 2025-02-11 at 22:21 By Zeljka Zorz February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces

React to this headline:

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) Read More »

Don’t miss