Don't miss - Security Ticks

Coaching AI agents: Why your next security hire might be an algorithm

Artificial Intelligence, cybersecurity, Don't miss, Dropzone AI, Expert analysis, Expert corner, Hot stuff, News, opinion, SOC / SecurityTicks

Coaching AI agents: Why your next security hire might be an algorithm 2025-04-24 at 08:31 By Help Net Security Security teams are drowning in alerts. The sheer volume of threats, suspicious activity, and false positives makes it nearly impossible for analysts to investigate everything effectively. Enter agentic AI, capable of completing hundreds of tasks simultaneously […]

React to this headline:

Coaching AI agents: Why your next security hire might be an algorithm Read More »

Review: Artificial Intelligence for Cybersecurity

Artificial Intelligence, book, cybersecurity, Don't miss, News, Review, Reviews / SecurityTicks

Review: Artificial Intelligence for Cybersecurity 2025-04-24 at 07:39 By Mirko Zorz Artificial Intelligence for Cybersecurity is a practical guide to how AI and machine learning are changing the way we defend digital systems. The book aims to explain how AI can help solve real cybersecurity problems. It does that well, but it’s not for everyone.

React to this headline:

Review: Artificial Intelligence for Cybersecurity Read More »

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs

attack lifecycle, attack tools, Don't miss, ESXi, Hot stuff, Incident Response, MITRE, MITRE ATT&CK, News, threat modeling / SecurityTicks

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs 2025-04-23 at 16:13 By Zeljka Zorz MITRE has released the latest version of its ATT&CK framework, which now also includes a new section (“matrix”) to cover the tactics, techniques and procedures (TTPs) used to target VMware ESXi hypervisors. About MITRE ATT&CK MITRE ATT&CK is a regularly

React to this headline:

Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs Read More »

Attackers phish OAuth codes, take over Microsoft 365 accounts

account hijacking, APT, Don't miss, government-backed attacks, Hot stuff, Microsoft 365, News, OAuth, phishing, Volexity / SecurityTicks

Attackers phish OAuth codes, take over Microsoft 365 accounts 2025-04-23 at 13:36 By Zeljka Zorz Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the attacker requesting victim’s supply Microsoft Authorization codes, which grant the attacker with

React to this headline:

Attackers phish OAuth codes, take over Microsoft 365 accounts Read More »

When confusion becomes a weapon: How cybercriminals exploit economic turmoil

cyber resilience, cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, Fortra, Hot stuff, News, opinion, social engineering / SecurityTicks

When confusion becomes a weapon: How cybercriminals exploit economic turmoil 2025-04-23 at 09:02 By Help Net Security It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across boardrooms and break rooms, anxiety ripples at every level. People begin refreshing inboxes and apps

React to this headline:

When confusion becomes a weapon: How cybercriminals exploit economic turmoil Read More »

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories

Artificial Intelligence, Don't miss, GitHub, LLMs, News, open source, software / SecurityTicks

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories 2025-04-23 at 08:36 By Mirko Zorz By connecting powerful language models like GPT-4o and Claude Sonnet 3.5 to real-world tools, the open-source tool SWE-agent allows them to autonomously perform complex tasks: from fixing bugs in live GitHub repositories and solving cybersecurity challenges, to browsing

React to this headline:

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories Read More »

PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)

Arctic Wolf Networks, Don't miss, exploit, Horizon3.ai, Hot stuff, News, Platform Security, PoC, ProDefense, Ruhr University Bochum, SSH, vulnerability / SecurityTicks

PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) 2025-04-22 at 15:48 By Zeljka Zorz There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an SSH server based on the Erlang/OTP SSH library are likely to be affected by

React to this headline:

PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) Read More »

The legal blind spot of shadow IT

Auvik Networks, CISO, cybersecurity, Data Protection, data security, Don't miss, Features, Hot stuff, how-to, JumpCloud, News, shadow IT, strategy, tips / SecurityTicks

The legal blind spot of shadow IT 2025-04-22 at 09:36 By Mirko Zorz Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or break contracts. Let’s look at where the legal landmines are and what CISOs can do to stay

React to this headline:

The legal blind spot of shadow IT Read More »

Email security, simplified: How PowerDMARC makes DMARC easy

DMARC, Don't miss, Hot stuff, News, PowerDMARC, RSAC 2025 / SecurityTicks

Email security, simplified: How PowerDMARC makes DMARC easy 2025-04-22 at 08:40 By Mirko Zorz Email is still the top way attackers get into organizations. Now, big players like Google, Yahoo, and Microsoft are cracking down. They’re starting to require email authentication, specifically DMARC. For many companies, this means it’s no longer optional. PowerDMARC helps organizations

React to this headline:

Email security, simplified: How PowerDMARC makes DMARC easy Read More »

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms

cybersecurity, Don't miss, GitHub, News, open source, scanner, software / SecurityTicks

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms 2025-04-21 at 08:37 By Mirko Zorz Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, API keys, and personal information. “Unlike most open-source

React to this headline:

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms Read More »

The Zoom attack you didn’t see coming

Cryptocurrency, cybercrime, Don't miss, Hot stuff, Malware, News, scams, social engineering, Trail of Bits, Zoom / SecurityTicks

The Zoom attack you didn’t see coming 2025-04-18 at 17:02 By Zeljka Zorz Did you know that when participating in a Zoom call, you can grant permission to other participants to control your computer remotely? While this feature may come in handy when dealing with trusted family, friends and colleagues, threat actors have started abusing

React to this headline:

The Zoom attack you didn’t see coming Read More »

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)

CISA, Don't miss, Hot stuff, News, SMBs, SonicWall, vulnerability / SecurityTicks

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) 2025-04-18 at 14:47 By Zeljka Zorz CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of the vulnerability

React to this headline:

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) Read More »

The UK’s phone theft crisis is a wake-up call for digital security

authentication, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, mobile security, News, Nuke From Orbit, opinion, smartphones, theft, UK / SecurityTicks

The UK’s phone theft crisis is a wake-up call for digital security 2025-04-18 at 09:02 By Help Net Security Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving the £50 million trade. Nationally, cases have doubled

React to this headline:

The UK’s phone theft crisis is a wake-up call for digital security Read More »

Securing digital products under the Cyber Resilience Act

Codific, Compliance, cybersecurity, data, Data Protection, Don't miss, EU, Features, Hot stuff, News, opinion, regulation, vulnerability management / SecurityTicks

Securing digital products under the Cyber Resilience Act 2025-04-18 at 08:37 By Mirko Zorz In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in terms of regulatory complexity and impact on organizations. He discusses the technical

React to this headline:

Securing digital products under the Cyber Resilience Act Read More »

When ransomware strikes, what’s your move?

CISO, cybercrime, cybersecurity, Don't miss, News, Ransomware, strategy / SecurityTicks

When ransomware strikes, what’s your move? 2025-04-18 at 08:37 By Sinisa Markovic Should we negotiate? Should we pay? These are the questions every organization faces when cybercriminals lock their data. By the time attackers have encrypted your systems, the focus shifts from prevention to response. It’s no longer about how it happened, it’s about what

React to this headline:

When ransomware strikes, what’s your move? Read More »

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

0patch, APT, Check Point, Don't miss, enterprise, exploit, Government, HarfangLab, Hot stuff, News, phishing, vulnerability, Windows / SecurityTicks

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed

React to this headline:

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

SafeLine Bot Management: Self-hosted alternative to Cloudflare

bot, cybersecurity, Don't miss, Hot stuff, News, SafePoint, traffic monitoring / SecurityTicks

SafeLine Bot Management: Self-hosted alternative to Cloudflare 2025-04-17 at 16:52 By Help Net Security Modern websites are under constant pressure from automated traffic: scraping, credential stuffing, inventory hoarding, and other malicious bot behaviors. While Cloudflare Bot Management is a powerful cloud-native solution that leverages massive data and machine learning, not every organization wants to rely

React to this headline:

SafeLine Bot Management: Self-hosted alternative to Cloudflare Read More »

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201)

0-day, apple, APT, Don't miss, Google, Hot stuff, iOS, iPad, macOS, News, security update / SecurityTicks

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) 2025-04-17 at 12:02 By Zeljka Zorz Apple has released emergency security updates for iOS/iPadOS, macOS, tvOS and visionOS that fix two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) that have been exploited “in an extremely sophisticated attack against specific targeted individuals on iOS.” CVE-2025-31200 and CVE-2025-31201 CVE-2025-31200

React to this headline:

Apple plugs zero-days holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Read More »

When AI agents go rogue, the fallout hits the enterprise

Artificial Intelligence, AutoRABIT, CXO, cybersecurity, Don't miss, Features, Hot stuff, LLMs, News, SOC, strategy, tips / SecurityTicks

When AI agents go rogue, the fallout hits the enterprise 2025-04-17 at 08:45 By Mirko Zorz In this Help Net Security interview, Jason Lord, CTO at AutoRABIT, discusses the cybersecurity risks posed by AI agents integrated into real-world systems. Issues like hallucinations, prompt injections, and embedded biases can turn these systems into vulnerable targets. Lord

React to this headline:

When AI agents go rogue, the fallout hits the enterprise Read More »

Inside PlugValley: How this AI vishing-as-a-service group operates

cybercrime, cybercriminals, Don't miss, Fortra, News, Video, vishing / SecurityTicks

Inside PlugValley: How this AI vishing-as-a-service group operates 2025-04-17 at 07:41 By Help Net Security In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered vishing-as-a-service. Rather than requiring technical skills or large budgets, PlugValley’s service lets any cybercriminal launch vishing

React to this headline:

Inside PlugValley: How this AI vishing-as-a-service group operates Read More »

Don’t miss