Hot stuff - Security Ticks

How military leadership prepares veterans for cybersecurity success

cybersecurity, Don't miss, Features, Hot stuff, Incident Response, News, NTT, skill development, threats, training / SecurityTicks

How military leadership prepares veterans for cybersecurity success 2025-08-15 at 09:47 By Mirko Zorz In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such […]

React to this headline:

How military leadership prepares veterans for cybersecurity success Read More »

Fighting fraud with AI: The new identity security playbook

cybercrime, Don't miss, financial industry, fraud, generative AI, Hot stuff, News, strategy, tips, Trulioo, Video / SecurityTicks

Fighting fraud with AI: The new identity security playbook 2025-08-15 at 08:34 By Help Net Security In this Help Net Security video, Hal Lonas, CTO at Trulioo, talks about the rise of synthetic identity fraud and how it’s quickly becoming one of the biggest threats in financial crime. He breaks down how fraudsters are using

React to this headline:

Fighting fraud with AI: The new identity security playbook Read More »

Brute-force attacks hammer Fortinet devices worldwide

brute-force, Don't miss, exploit, firewall, Fortinet, GreyNoise, Hot stuff, News / SecurityTicks

Brute-force attacks hammer Fortinet devices worldwide 2025-08-14 at 17:05 By Zeljka Zorz A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network

React to this headline:

Brute-force attacks hammer Fortinet devices worldwide Read More »

For $40, you can buy stolen police and government email accounts

Abnormal AI, account protection, cybercrime, dark web, Don't miss, email security, Government, Hot stuff, law enforcement, News, Privacy / SecurityTicks

For $40, you can buy stolen police and government email accounts 2025-08-14 at 15:01 By Sinisa Markovic Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal

React to this headline:

For $40, you can buy stolen police and government email accounts Read More »

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

0-day, CISA, Don't miss, Hot stuff, MSP, N-able, News, remote management, vulnerability / SecurityTicks

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) 2025-08-14 at 13:33 By Zeljka Zorz Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from

React to this headline:

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) Read More »

AI security governance converts disorder into deliberate innovation

Artificial Intelligence, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Information Security Forum, News, opinion, strategy / SecurityTicks

AI security governance converts disorder into deliberate innovation 2025-08-14 at 09:16 By Help Net Security AI security governance provides a stable compass, channeling efforts and transforming AI from an experimental tool to a reliable, enterprise-class solution. With adequate governance built at the center of AI efforts, business leaders can shape AI plans with intention, while

React to this headline:

AI security governance converts disorder into deliberate innovation Read More »

Open-source flow monitoring with SENSOR: Benefits and trade-offs

Don't miss, Features, Hot stuff, InferSight, mikrotik, networking, News, open source, Paessler, resarch, RESILIX, Semper Victus, software, traffic monitoring / SecurityTicks

Open-source flow monitoring with SENSOR: Benefits and trade-offs 2025-08-14 at 09:16 By Mirko Zorz Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and hardware demands, especially if you want to process every packet. A research team at the University of

React to this headline:

Open-source flow monitoring with SENSOR: Benefits and trade-offs Read More »

The top CTEM platforms you should know in 2025

cybersecurity, Don't miss, framework, Hot stuff, Ionix, News, opinion, threat, threat detection, vulnerability management / SecurityTicks

The top CTEM platforms you should know in 2025 2025-08-14 at 08:02 By Help Net Security Continuous Threat Exposure Management (CTEM) is a modern cybersecurity strategy originally coined by Gartner analysts, which focuses on identifying, prioritizing, validating, and mobilizing teams to reduce threat exposure across an organization’s full attack surface. It’s in a category of

React to this headline:

The top CTEM platforms you should know in 2025 Read More »

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities

Croatia, Don't miss, Europe, Hot stuff, News, Ransomware, SharePoint, vulnerability / SecurityTicks

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities 2025-08-13 at 18:01 By Zeljka Zorz The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities. The attack happened on Thursday,

React to this headline:

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities Read More »

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

Akamai, Don't miss, Hot stuff, Immersive, Microsoft, MS Office, News, Patch Tuesday, SharePoint, Tenable, Trend Micro / SecurityTicks

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) 2025-08-13 at 15:20 By Zeljka Zorz For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as part of a

React to this headline:

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) Read More »

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Don't miss, exploit, Fortinet, Hot stuff, News, security update, SIEM / SecurityTicks

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) 2025-08-13 at 12:43 By Zeljka Zorz Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by organizations to collect, correlate

React to this headline:

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) Read More »

AWS CISO explains how cloud-native security scales with your business

access management, Amazon Web Services, Artificial Intelligence, AWS, CISO, Cloud, cloud security, cybersecurity, Don't miss, Features, Hot stuff, News, strategy / SecurityTicks

AWS CISO explains how cloud-native security scales with your business 2025-08-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes

React to this headline:

AWS CISO explains how cloud-native security scales with your business Read More »

How to build and grow a scalable vCISO practice as an MSP

Cynomi, Don't miss, Hot stuff, News / SecurityTicks

How to build and grow a scalable vCISO practice as an MSP 2025-08-13 at 08:03 By Help Net Security The cybersecurity needs of small and midsize businesses have reached a critical point. Compliance mandates, increasing ransomware attacks, and cyber insurance requirements are driving demand for expert guidance. Yet, hiring a full-time Chief Information Security Officer

React to this headline:

How to build and grow a scalable vCISO practice as an MSP Read More »

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)

Citrix, Don't miss, Europe, Fortinet, Hot stuff, NCSC-NL, NetScaler, News, Shadowserver / SecurityTicks

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543) 2025-08-12 at 17:51 By Zeljka Zorz FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix Bleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices. Since July 28, 2025, they have detected over 6,000 exploitation

React to this headline:

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543) Read More »

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

0-day, APT, backdoor, BI.ZONE, Canada, cyber espionage, Don't miss, ESET, Europe, exploit, Hot stuff, News, Russian Federation, spear-phishing, WinRAR / SecurityTicks

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) 2025-08-12 at 16:11 By Zeljka Zorz The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations.

React to this headline:

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) Read More »

APT groups are getting personal, and CISOs should be concerned

APT, attacks, CISO, cybersecurity, Data Protection, Don't miss, Doppel, Features, Hot stuff, how-to, News, Privacy, strategy, threats, tips / SecurityTicks

APT groups are getting personal, and CISOs should be concerned 2025-08-12 at 14:42 By Mirko Zorz Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store

React to this headline:

APT groups are getting personal, and CISOs should be concerned Read More »

What makes a security program mature and how to get there faster

CISO, Don't miss, Hot stuff, News, PlexTrac, strategy, tips, Video / SecurityTicks

What makes a security program mature and how to get there faster 2025-08-12 at 08:31 By Help Net Security Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key gaps holding security programs back and what sets

React to this headline:

What makes a security program mature and how to get there faster Read More »

EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, Semperis, software / SecurityTicks

EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations 2025-08-12 at 08:01 By Help Net Security EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and exploiting common misconfigurations. The tool creates a range

React to this headline:

EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations Read More »

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

DDoS, Don't miss, DoS, enterprise, Hot stuff, News, SafeBreach, vulnerability, Windows, Windows Server / SecurityTicks

Win-DDoS: Attackers can turn public domain controllers into DDoS agents 2025-08-11 at 16:02 By Zeljka Zorz SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed

React to this headline:

Win-DDoS: Attackers can turn public domain controllers into DDoS agents Read More »

How Brandolini’s law informs our everyday infosec reality

attacks, automation, cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Portnox, social engineering, supply chain / SecurityTicks

How Brandolini’s law informs our everyday infosec reality 2025-08-11 at 09:00 By Help Net Security Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and

React to this headline:

How Brandolini’s law informs our everyday infosec reality Read More »