Hot stuff - Security Ticks

A closer look at The Ultimate Cybersecurity Careers Guide

books, certification, cybersecurity, Don't miss, Hot stuff, how-to, News, opinion, skill development, strategy, tips / SecurityTicks

A closer look at The Ultimate Cybersecurity Careers Guide 2025-03-27 at 16:48 By Mirko Zorz In this Help Net Security interview, Kim Crawley, cybersecurity expert and Professor at the Open Institute of Technology, discusses her latest book, The Ultimate Cybersecurity Careers Guide. She shares insights on how aspiring professionals can break into the field and […]

React to this headline:

A closer look at The Ultimate Cybersecurity Careers Guide Read More »

UK NCSC offers security guidance for domain and DNS registrars

DNS, domain registration, Don't miss, guidelines, Hot stuff, NCSC, News / SecurityTicks

UK NCSC offers security guidance for domain and DNS registrars 2025-03-27 at 16:48 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. “DNS registrars have an important role to help counter domain abuses throughout their lifecycle,” the NCSC says.

React to this headline:

UK NCSC offers security guidance for domain and DNS registrars Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability / SecurityTicks

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

React to this headline:

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

The hidden costs of security tool bloat and how to fix it

CISO, cybersecurity, Don't miss, Features, Gigamon, Hot stuff, News, opinion, strategy / SecurityTicks

The hidden costs of security tool bloat and how to fix it 2025-03-27 at 08:07 By Mirko Zorz In this Help Net Security interview, Shane Buckley, President and CEO at Gigamon, discusses why combating tool bloat is a top priority for CISOs as they face tighter budgets and expanding security stacks. Buckley shares insights on

React to this headline:

The hidden costs of security tool bloat and how to fix it Read More »

Cyber insurance isn’t always what it seems

CISO, cyber insurance, cyber resilience, cyber risk, cybersecurity, Don't miss, Halock Security Labs, Hot stuff, Mercury Risk And Compliance, News, opinion, strategy, tips / SecurityTicks

Cyber insurance isn’t always what it seems 2025-03-27 at 07:39 By Mirko Zorz Many companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than expected. CISOs must understand the risks before an attack happens. Misconceptions about cyber insurance Myth:

React to this headline:

Cyber insurance isn’t always what it seems Read More »

If you think you’re immune to phishing attempts, you’re wrong!

2FA, account hijacking, account protection, data breach, Don't miss, HIBP, Hot stuff, Mailchimp, News, phishing, social engineering / SecurityTicks

If you think you’re immune to phishing attempts, you’re wrong! 2025-03-26 at 16:17 By Zeljka Zorz Security consultant Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, has revealed that he got tricked by a clever phishing email, and that the attacker gained access to his Mailchimp account and stole a list

React to this headline:

If you think you’re immune to phishing attempts, you’re wrong! Read More »

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

0-day, APT, Chrome, Don't miss, exploit, Hot stuff, Kaspersky, News, Windows / SecurityTicks

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) 2025-03-26 at 13:08 By Zeljka Zorz Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by

React to this headline:

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) Read More »

A CISO’s guide to securing AI models

access control, Artificial Intelligence, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, opinion, Protect AI / SecurityTicks

A CISO’s guide to securing AI models 2025-03-26 at 08:05 By Help Net Security In AI applications, machine learning (ML) models are the core decision-making engines that drive predictions, recommendations, and autonomous actions. Unlike traditional IT applications, which rely on predefined rules and static algorithms, ML models are dynamic—they develop their own internal patterns and

React to this headline:

A CISO’s guide to securing AI models Read More »

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

AWS, containers, Don't miss, Google, Hot stuff, Kubernetes, News, vulnerability, Wiz / SecurityTicks

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover 2025-03-25 at 18:54 By Zeljka Zorz Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering

React to this headline:

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover Read More »

Review: The Developer’s Playbook for Large Language Model Security

Artificial Intelligence, books, cybersecurity, Don't miss, Exabeam, Hot stuff, News, Reviews, strategy, tips / SecurityTicks

Review: The Developer’s Playbook for Large Language Model Security 2025-03-25 at 18:06 By Mirko Zorz With the adoption of large language models (LLMs) across industries, security teams often play catch-up. Many organizations are integrating GenAI into customer interactions, software development, and enterprise decision-making, often without grasping the security implications. As LLMs are becoming integral to

React to this headline:

Review: The Developer’s Playbook for Large Language Model Security Read More »

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses

CISO, cybersecurity, Cynomi, Don't miss, Hot stuff, News / SecurityTicks

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses 2025-03-25 at 16:13 By Help Net Security By now, it’s no secret—cyber threats are on the rise, and the need for strong cybersecurity is greater than ever. Globally small and medium-sized businesses (SMBs) are prime targets for cyberattacks, yet many can’t afford a full-time Chief

React to this headline:

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses Read More »

Spring clean your security data: The case for cybersecurity data hygiene

Auguria, cyber hygiene, cybersecurity, data management, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SIEM, SOC, strategy / SecurityTicks

Spring clean your security data: The case for cybersecurity data hygiene 2025-03-25 at 08:41 By Help Net Security Spring cleaning isn’t just for your closets; security teams should take the same approach to their security operations data, where years of unchecked log growth have created a bloated, inefficient and costly mess. The modern Security Operations

React to this headline:

Spring clean your security data: The case for cybersecurity data hygiene Read More »

How AI agents could undermine computing infrastructure security

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, News, opinion, Teleport, threats, Video / SecurityTicks

How AI agents could undermine computing infrastructure security 2025-03-25 at 07:34 By Help Net Security In this Help Net Security video, Ev Kontsevoy, CEO at Teleport, explores the risks AI agents pose to computing infrastructure, particularly when exposed to social engineering attacks. Unlike traditional software, AI agents aren’t fully deterministic, making them more vulnerable to

React to this headline:

How AI agents could undermine computing infrastructure security Read More »

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Cloudflare, Don't miss, framework, Hot stuff, News, Next.js, open source, PoC, ProjectDiscovery, vulnerability, web application security, web development / SecurityTicks

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 2025-03-24 at 15:17 By Zeljka Zorz A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel).

React to this headline:

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) Read More »

Malicious ads target Semrush users to steal Google account credentials

Don't miss, Google, Hot stuff, malvertising, Malwarebytes, News, SEO / SecurityTicks

Malicious ads target Semrush users to steal Google account credentials 2025-03-21 at 14:35 By Zeljka Zorz Cyber crooks are exploiting users’ interest in Semrush, a popular SEO, advertising, and market research SaaS platform, to steal their Google account credentials. The fraudulent campaign Malwarebytes researchers have spotted a campaign consisting of a slew of malicious ads

React to this headline:

Malicious ads target Semrush users to steal Google account credentials Read More »

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248)

backup, disaster recovery, Don't miss, enterprise, Hot stuff, MSP, Nakivo, News, PoC, SMBs, vulnerability, WatchTowr / SecurityTicks

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) 2025-03-21 at 13:33 By Zeljka Zorz A vulnerability (CVE-2024-48248) in NAKIVO Backup and Replication, a backup, ransomware protection and disaster recovery solution designed for organizations of all sizes and managed service providers (MSPs), is being actively exploited. The US Cybersecurity and Infrastructure Security Agency (CISA) has

React to this headline:

NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) Read More »

The hidden risk in SaaS: Why companies need a digital identity exit strategy

authentication, Curity, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity management, News, opinion, regulation, SaaS, strategy / SecurityTicks

The hidden risk in SaaS: Why companies need a digital identity exit strategy 2025-03-21 at 08:31 By Help Net Security In the face of sudden trade restrictions, sanctions, or policy shifts, relying on SaaS providers outside your region for identity services is a gamble that companies can no longer afford to take. With trade disputes

React to this headline:

The hidden risk in SaaS: Why companies need a digital identity exit strategy Read More »

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120)

backup, Don't miss, enterprise, Hot stuff, News, PoC, Rapid7, SMBs, Veeam Software, vulnerability, WatchTowr / SecurityTicks

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) 2025-03-20 at 14:29 By Zeljka Zorz Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly upgrade to a fixed version. There is currently no indication that the

React to this headline:

Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) Read More »

RansomHub affiliate leverages multi-function Betruger backdoor

backdoor, Don't miss, Hot stuff, Malware, News, Ransomware, Symantec / SecurityTicks

RansomHub affiliate leverages multi-function Betruger backdoor 2025-03-20 at 12:03 By Zeljka Zorz A RansomHub affiliate is leveraging a new multi-function backdoor dubbed Betruger to perform various actions during their attacks, Symantec researchers have discovered. The Betruger backdoor The malware can take screenshots, log keystroke, scan networks, dump credentials, upload files to a command and control

React to this headline:

RansomHub affiliate leverages multi-function Betruger backdoor Read More »

5 pitfalls that can delay cyber incident response and recovery

automation, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, News, opinion, ShadowHQ, threats / SecurityTicks

5 pitfalls that can delay cyber incident response and recovery 2025-03-20 at 08:35 By Help Net Security The responsibility of cyber incident response falls squarely on the shoulders of the CISO. And many CISOs invest heavily in technical response procedures, tabletop exercises and theoretical plans only to find out that when an actual breach strikes

React to this headline:

5 pitfalls that can delay cyber incident response and recovery Read More »