Hot stuff - Security Ticks

Mastering the cybersecurity tightrope of protection, detection, and response

cyber resilience, cybersecurity, data security, Don't miss, Encryption, Features, Hot stuff, Incident Response, monitoring, News, opinion, Sophos, strategy / SecurityTicks

Mastering the cybersecurity tightrope of protection, detection, and response 2025-02-21 at 08:05 By Mirko Zorz In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is […]

React to this headline:

Mastering the cybersecurity tightrope of protection, detection, and response Read More »

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro, code analysis, Don't miss, GitHub, Hot stuff, Java, JavaScript, Kotlin, News, open source, PHP, programming, Python, Ruby, software development, threat detection / SecurityTicks

PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static

React to this headline:

PRevent: Open-source tool to detect malicious code in pull requests Read More »

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

cybercrime, digital wallet, Don't miss, Hot stuff, Netcraft, News, payment cards, phishing, SecAlliance / SecurityTicks

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand 2025-02-20 at 13:35 By Zeljka Zorz A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety

React to this headline:

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand Read More »

Unknown and unsecured: The risks of poor asset visibility

Artificial Intelligence, automation, CybaVerse, cybersecurity, Don't miss, Endpoint Security, Features, Hot stuff, IT assets, News, opinion, strategy / SecurityTicks

Unknown and unsecured: The risks of poor asset visibility 2025-02-20 at 07:34 By Mirko Zorz In this Help Net Security interview, Juliette Hudson, CTO of CybaVerse, discusses why asset visibility remains a critical cybersecurity challenge. She explains how to maintain security without slowing down operations, shares ways to improve visibility in OT environments, and explains

React to this headline:

Unknown and unsecured: The risks of poor asset visibility Read More »

Attackers are chaining flaws to breach Palo Alto Networks firewalls

Assetnote, Don't miss, enterprise, GreyNoise, Hot stuff, News, Palo Alto Networks, vulnerability / SecurityTicks

Attackers are chaining flaws to breach Palo Alto Networks firewalls 2025-02-19 at 11:03 By Zeljka Zorz Exploitation attempts targeting CVE-2025-0108, a recently disclosed authentication bypass vulnerability affecting the management web interface of Palo Alto Networks’ firewalls, are ramping up. “GreyNoise now sees 25 malicious IPs actively exploiting CVE-2025-0108, up from 2 on February 13,” the

React to this headline:

Attackers are chaining flaws to breach Palo Alto Networks firewalls Read More »

VC-backed cybersecurity startups and the exit crunch

Acrew Capital, cybersecurity, Don't miss, Hot stuff, investment, security startup, strategy, tips, Video / SecurityTicks

VC-backed cybersecurity startups and the exit crunch 2025-02-19 at 07:31 By Help Net Security The cybersecurity startup landscape is at a crossroads. As venture-backed companies strive for successful exits, the bar has risen dramatically, requiring more funding, higher revenue, and faster growth than ever before. In this Help Net Security video, Mark Kraynak, Founding Partner

React to this headline:

VC-backed cybersecurity startups and the exit crunch Read More »

6 considerations for 2025 cybersecurity investment decisions

Artificial Intelligence, Compliance, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Industry news, investment, opinion, social engineering, Sphere / SecurityTicks

6 considerations for 2025 cybersecurity investment decisions 2025-02-18 at 18:33 By Help Net Security Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the expanding attack surface, cybersecurity risks evolve, and defenders need to mitigate them. Despite a period of cybersecurity

React to this headline:

6 considerations for 2025 cybersecurity investment decisions Read More »

BlackLock ransomware onslaught: What to expect and how to fight it

Don't miss, enterprise, ESXi, extortion, Hot stuff, News, Ransomware, ReliaQuest, SMBs, tips, VMWare, Windows / SecurityTicks

BlackLock ransomware onslaught: What to expect and how to fight it 2025-02-18 at 18:33 By Zeljka Zorz BlackLock is on track to become the most active ransomware-as-a-service (RaaS) outfit in 2025, according to ReliaQuest. Its success is primarily due to their unusually active presence and good reputation on the ransomware-focused Russian-language forum RAMP, and their

React to this headline:

BlackLock ransomware onslaught: What to expect and how to fight it Read More »

The risks of autonomous AI in machine-to-machine interactions

Akeyless, Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity management, IoT, News, Non Human Identities, opinion, strategy / SecurityTicks

The risks of autonomous AI in machine-to-machine interactions 2025-02-18 at 08:03 By Mirko Zorz In this Help Net Security, Oded Hareven, CEO of Akeyless Security, discusses how enterprises should adapt their cybersecurity strategies to address the growing need for machine-to-machine (M2M) security. According to Hareven, machine identities must be secured and governed similarly to human

React to this headline:

The risks of autonomous AI in machine-to-machine interactions Read More »

Balancing cloud security with performance and availability

Center for Internet Security, Don't miss, Hot stuff, News / SecurityTicks

Balancing cloud security with performance and availability 2025-02-18 at 07:33 By Help Net Security Your business can’t realize the many benefits of cloud computing without ensuring performance and availability in its cloud environments. Let’s look at some examples. Scalability: To scale your business’s cloud computing services, you need those services to be available and to

React to this headline:

Balancing cloud security with performance and availability Read More »

The XCSSET info-stealing malware is back, targeting macOS users and devs

Don't miss, Hot stuff, macOS, Malware, Microsoft, News, software development, Trend Micro, Xcode / SecurityTicks

The XCSSET info-stealing malware is back, targeting macOS users and devs 2025-02-17 at 19:50 By Zeljka Zorz A new, improved variant of the XCSSET macOS malware has been spotted “in limited attacks” by Microsoft’s threat researchers. XCSSET macOS malware XCSSET in information-stealing and backdoor-injecting malware targeting Mac users. It’s usually distributed via infected Xcode projects

React to this headline:

The XCSSET info-stealing malware is back, targeting macOS users and devs Read More »

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

0-day, APT, BeyondTrust, Don't miss, Hot stuff, News, PostgreSQL, Rapid7 / SecurityTicks

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) 2025-02-17 at 15:49 By Zeljka Zorz The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the

React to this headline:

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) Read More »

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Cryptocurrency, cybercriminals, Don't miss, fraud, Hot stuff, News, scams, US DoJ / SecurityTicks

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme 2025-02-17 at 13:48 By Zeljka Zorz Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to court documents, Sergei

React to this headline:

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme Read More »

How CISOs can balance security and business agility in the cloud

access management, CISO, Cloud, cloud security, Cloudera, cybersecurity, Don't miss, Features, Hot stuff, News, opinion / SecurityTicks

How CISOs can balance security and business agility in the cloud 2025-02-17 at 08:03 By Mirko Zorz In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers practical strategies for integrating

React to this headline:

How CISOs can balance security and business agility in the cloud Read More »

The hidden risks of a broken data provisioning system

Artificial Intelligence, cybersecurity, data security, Don't miss, Hot stuff, Immuta, Video / SecurityTicks

The hidden risks of a broken data provisioning system 2025-02-17 at 07:04 By Help Net Security In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change

React to this headline:

The hidden risks of a broken data provisioning system Read More »

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

account hijacking, cyber espionage, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft 365, News, social engineering, spear-phishing, Volexity / SecurityTicks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have

React to this headline:

Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

Don't miss, Hot stuff, Malware, News, North Korea, PowerShell, social engineering, Windows / SecurityTicks

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

React to this headline:

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications / SecurityTicks

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Assetnote, Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC, security update / SecurityTicks

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

apple, backdoor, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Foresight Cyber, Government, Hot stuff, News, opinion, Privacy, surveillance, UK / SecurityTicks

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance 2025-02-13 at 07:30 By Help Net Security The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant

React to this headline:

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance Read More »