Hot stuff - Security Ticks

The hidden risks of a broken data provisioning system

Artificial Intelligence, cybersecurity, data security, Don't miss, Hot stuff, Immuta, Video / SecurityTicks

The hidden risks of a broken data provisioning system 2025-02-17 at 07:04 By Help Net Security In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change […]

React to this headline:

The hidden risks of a broken data provisioning system Read More »

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

account hijacking, cyber espionage, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft 365, News, social engineering, spear-phishing, Volexity / SecurityTicks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have

React to this headline:

Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »

North Korean hackers spotted using ClickFix tactic to deliver malware

Don't miss, Hot stuff, Malware, News, North Korea, PowerShell, social engineering, Windows / SecurityTicks

North Korean hackers spotted using ClickFix tactic to deliver malware 2025-02-13 at 18:34 By Zeljka Zorz North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic. A relatively new tactic The ClickFix social engineering tactic has been dubbed thus

React to this headline:

North Korean hackers spotted using ClickFix tactic to deliver malware Read More »

Sandworm APT’s initial access subgroup hits organizations accross the globe

APT, Don't miss, energy sector, Hot stuff, Microsoft, News, Russian Federation, telecommunications / SecurityTicks

Sandworm APT’s initial access subgroup hits organizations accross the globe 2025-02-13 at 15:34 By Zeljka Zorz A subgroup of Russia’s Sandworm APT has been working to achieve initial and persistent access to the IT networks of organizations working in economic sectors Russia is interested in. “In 2022, its primary focus was Ukraine, specifically targeting the

React to this headline:

Sandworm APT’s initial access subgroup hits organizations accross the globe Read More »

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Assetnote, Don't miss, exploit, firewall, Hot stuff, News, Palo Alto Networks, PoC, security update / SecurityTicks

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) 2025-02-13 at 13:17 By Zeljka Zorz Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept exploit (PoC) for which has been made public. “Palo Alto Networks is not aware of any malicious exploitation

React to this headline:

PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) Read More »

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance

apple, backdoor, cybersecurity, Don't miss, Encryption, Expert analysis, Expert corner, Foresight Cyber, Government, Hot stuff, News, opinion, Privacy, surveillance, UK / SecurityTicks

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance 2025-02-13 at 07:30 By Help Net Security The United Kingdom government has secretly requested that Apple build a backdoor into its iCloud service, granting the government unrestricted access to users’ private data. This revelation deeply concerns me – it is a blatant

React to this headline:

The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance Read More »

CISOs and boards see things differently

Artificial Intelligence, boardroom, CISO, Compliance, cybersecurity, Don't miss, Hot stuff, Splunk, threat, Video / SecurityTicks

CISOs and boards see things differently 2025-02-13 at 06:35 By Help Net Security Splunk’s latest CISO Report reveals critical insights into cybersecurity priorities, threat trends, and strategies for resilience. In this Help Net Security video, Kirsty Paine, Field CTO & Strategic Advisor at Splunk, discusses the key findings and what they mean for security teams.

React to this headline:

CISOs and boards see things differently Read More »

It’s time to secure the extended digital supply chain

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Illumio, News, opinion, regulation, supply chain / SecurityTicks

It’s time to secure the extended digital supply chain 2025-02-12 at 07:35 By Help Net Security Organizations’ increasing reliance on third-party software and services has created an environment with more vulnerabilities and harder-to-detect risks. Attackers know they can increase efficiency and profitability by compromising the supply chain and are focusing their efforts accordingly. The commoditization

React to this headline:

It’s time to secure the extended digital supply chain Read More »

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)

Action1, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, Tenable, Trend Micro, Windows, Windows Server / SecurityTicks

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) 2025-02-11 at 22:21 By Zeljka Zorz February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 and CVE-2025-21391 CVE-2025-21418 is a vulnerability in the Windows Ancillary Function Driver (AFD.sys), which interfaces

React to this headline:

Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391) Read More »

8Base ransomware group leaders arrested, leak site seized

arrest, cybercriminals, Don't miss, Europol, Hot stuff, law enforcement, News, Ransomware / SecurityTicks

8Base ransomware group leaders arrested, leak site seized 2025-02-11 at 15:31 By Zeljka Zorz The Thai police has arrested four individuals suspected of being the leaders of the 8Base ransomware group and of stealing approximately $16 million from 1,000+ victims they targeted with the Phobos ransomware. “Officers from Cyber Crime Investigation Bureau, led by Police

React to this headline:

8Base ransomware group leaders arrested, leak site seized Read More »

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)

0-day, apple, Don't miss, Hot stuff, iOS, iPad, News, security update / SecurityTicks

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) 2025-02-11 at 12:48 By Zeljka Zorz Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) exploited in the wild in “an extremely sophisticated” attack. The vulnerability (CVE-2025-24200)

React to this headline:

Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) Read More »

Arvest Bank CISO on building a strong cybersecurity culture in banking

Arvest Bank, Banks, cybersecurity, Don't miss, Features, financial industry, Fintech, Hot stuff, News, opinion / SecurityTicks

Arvest Bank CISO on building a strong cybersecurity culture in banking 2025-02-11 at 07:31 By Mirko Zorz In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, effective reporting, and proactive engagement with associates are key in strengthening security.

React to this headline:

Arvest Bank CISO on building a strong cybersecurity culture in banking Read More »

Review: Inside Cyber Warfare, 3rd Edition

books, cybersecurity, Don't miss, Hot stuff, News, Review, Reviews / SecurityTicks

Review: Inside Cyber Warfare, 3rd Edition 2025-02-11 at 07:00 By Mirko Zorz Inside Cyber Warfare, 3rd Edition by Jeffrey Caruso explores how nation-states, corporations, and hackers engage in digital warfare. It offers insights into the intersection of cybersecurity, geopolitics, and emerging technology. About the author Jeffrey Caruso is a globally recognized cybersecurity adviser, author, and

React to this headline:

Review: Inside Cyber Warfare, 3rd Edition Read More »

Malicious ML models found on Hugging Face Hub

Artificial Intelligence, Don't miss, Hot stuff, Hugging Face, JFrog, machine learning, News, ReversingLabs, software development, supply chain attacks / SecurityTicks

Malicious ML models found on Hugging Face Hub 2025-02-10 at 15:52 By Zeljka Zorz Researchers have spotted two machine learning (ML) models containing malicious code on Hugging Face Hub, the popular online repository for datasets and pre-trained models. Once one of them is downloaded and executed on the developer’s machine, the malicious payload checks if

React to this headline:

Malicious ML models found on Hugging Face Hub Read More »

February 2025 Patch Tuesday forecast: New directions for AI development

Don't miss, Expert analysis, Expert corner, Hot stuff, Ivanti, Microsoft, News, Patch Tuesday, predictions / SecurityTicks

February 2025 Patch Tuesday forecast: New directions for AI development 2025-02-10 at 08:02 By Help Net Security The new year has started with a whirlwind of activity, and one of the hottest topics in the news is the increasing emphasis on AI. DeepSeek ad Stargate DeepSeek took the world by storm as millions of copies

React to this headline:

February 2025 Patch Tuesday forecast: New directions for AI development Read More »

Security validation: The new standard for cyber resilience

cyber resilience, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Pentera, security controls / SecurityTicks

Security validation: The new standard for cyber resilience 2025-02-10 at 07:37 By Help Net Security Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by frameworks like Gartner’s Continuous Threat Exposure Management (CTEM), introduced in 2022, which emphasizes the

React to this headline:

Security validation: The new standard for cyber resilience Read More »

Political campaigns struggle to balance AI personalization and voter privacy

Artificial Intelligence, cybersecurity, Data Protection, Don't miss, EU, Features, Hot stuff, IFSH, News, opinion, Privacy, regulation / SecurityTicks

Political campaigns struggle to balance AI personalization and voter privacy 2025-02-10 at 07:05 By Mirko Zorz In this Help Net Security interview, Mateusz Łabuz, researcher at the IFSH, discusses the balance between using AI for personalized political campaigns and protecting voter privacy. Łabuz also discusses the potential of AI in fact-checking, the regulatory landscape, and

React to this headline:

Political campaigns struggle to balance AI personalization and voter privacy Read More »

Evolving uses of tokenization to protect data

Bluefin, Compliance, cybersecurity, Data Protection, Don't miss, Hot stuff, Privacy, standards, strategy, tokenization, Video / SecurityTicks

Evolving uses of tokenization to protect data 2025-02-10 at 06:04 By Help Net Security Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or transmitted, reducing the risk of

React to this headline:

Evolving uses of tokenization to protect data Read More »

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys

Don't miss, Hot stuff, IIS server, Malware, Microsoft, News, web application security, web shell / SecurityTicks

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys 2025-02-07 at 14:22 By Zeljka Zorz A ViewState code injection attack spotted by Microsoft threat researchers in December 2024 could be easily replicated by other attackers, the company warned. “In the course of investigating, remediating, and building protections against this activity, we observed an insecure

React to this headline:

Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys Read More »

Self-sovereign identity could transform fraud prevention, but…

AuthenticID, cybersecurity, Don't miss, Expert analysis, Expert corner, fraud, Hot stuff, identity, identity verification, opinion, Privacy / SecurityTicks

Self-sovereign identity could transform fraud prevention, but… 2025-02-07 at 10:03 By Help Net Security The way we manage digital identity is fundamentally broken. The root of the problem lies in traditional, centralized identity models, where a single organization holds and controls a user’s credentials, creating an attractive target for attackers. The bigger the database, the

React to this headline:

Self-sovereign identity could transform fraud prevention, but… Read More »