News - Security Ticks

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)

Chrome, Don't miss, Firefox, Hot stuff, Kaspersky, News, Opera, security update, Tor, vulnerability / SecurityTicks

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) 2025-03-28 at 12:57 By Zeljka Zorz Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no indication that the Firefox bug (CVE-2025-2857) […]

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) Read More »

Android financial threats: What businesses need to know to protect themselves and their customers

Android, authentication, Cryptocurrency, cybersecurity, Don't miss, ESET, Expert analysis, Expert corner, financial industry, Hot stuff, News, online banking, opinion, threats / SecurityTicks

Android financial threats: What businesses need to know to protect themselves and their customers 2025-03-28 at 08:30 By Help Net Security The rise of mobile banking has changed how businesses and customers interact. It brought about increased convenience and efficiency, but has also opened new doors for cybercriminals, particularly on the Android platform, which dominates

Android financial threats: What businesses need to know to protect themselves and their customers Read More »

Cybersecurity spending set to jump 12.2% in 2025

CISO, IDC, News, Qodea, report, security spending / SecurityTicks

Cybersecurity spending set to jump 12.2% in 2025 2025-03-28 at 08:07 By Help Net Security Global cybersecurity spending is expected to grow by 12.2% in 2025, according to the latest forecast from the IDC Worldwide Security Spending Guide. The rise in cyber threats is pushing organizations to invest more in their defenses. AI tools are

Cybersecurity spending set to jump 12.2% in 2025 Read More »

Healthcare’s alarming cybersecurity reality

Claroty, cybercrime, cybersecurity, healthcare, News, Ransomware, report, survey, threat / SecurityTicks

Healthcare’s alarming cybersecurity reality 2025-03-28 at 07:35 By Help Net Security 89% of healthcare organizations have the top 1% of riskiest Internet of Medical Things (IoMT) devices – which contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns as well as an insecure connection to the internet – on their networks, according to Claroty.

Healthcare’s alarming cybersecurity reality Read More »

Post-quantum cryptography and the future of online safety

cybersecurity, Don't miss, Encryption, News, quantum computing, QuSecure, Video / SecurityTicks

Post-quantum cryptography and the future of online safety 2025-03-28 at 07:04 By Help Net Security In this Help Net Security video, Rebecca Krauthamer, CEO of QuSecure, explores the rising urgency of post-quantum cryptography (PQC) and what organizations must do to prepare. She breaks down the so-called “quantum threat” and explains why it’s not just theoretical.

Post-quantum cryptography and the future of online safety Read More »

Infosec products of the month: March 2025

1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight Technologies, News, Outpost24, Palo Alto Networks, Pondurance, Red Canary, SailPoint, SimSpace, Sonatype, Sumsub, TXOne Networks / SecurityTicks

Infosec products of the month: March 2025 2025-03-28 at 06:36 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight Technologies, Outpost24, Palo Alto Networks, Pondurance, Red Canary, SailPoint, SimSpace, Sonatype, Sumsub, and TXOne Networks. Outpost24 introduces

Infosec products of the month: March 2025 Read More »

How to manage and protect your biometric data

biometrics, cybersecurity, data, Don't miss, how-to, News / SecurityTicks

How to manage and protect your biometric data 2025-03-27 at 18:08 By Help Net Security Biometric data refers to unique physical or behavioral characteristics that are used to verify a person’s identity. Revoking or changing biometric data is more complicated than changing passwords. Unlike passwords, biometric identifiers like fingerprints or retina scans are unique and

How to manage and protect your biometric data Read More »

A closer look at The Ultimate Cybersecurity Careers Guide

books, certification, cybersecurity, Don't miss, Hot stuff, how-to, News, opinion, skill development, strategy, tips / SecurityTicks

A closer look at The Ultimate Cybersecurity Careers Guide 2025-03-27 at 16:48 By Mirko Zorz In this Help Net Security interview, Kim Crawley, cybersecurity expert and Professor at the Open Institute of Technology, discusses her latest book, The Ultimate Cybersecurity Careers Guide. She shares insights on how aspiring professionals can break into the field and

A closer look at The Ultimate Cybersecurity Careers Guide Read More »

UK NCSC offers security guidance for domain and DNS registrars

DNS, domain registration, Don't miss, guidelines, Hot stuff, NCSC, News / SecurityTicks

UK NCSC offers security guidance for domain and DNS registrars 2025-03-27 at 16:48 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. “DNS registrars have an important role to help counter domain abuses throughout their lifecycle,” the NCSC says.

UK NCSC offers security guidance for domain and DNS registrars Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability / SecurityTicks

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

The hidden costs of security tool bloat and how to fix it

CISO, cybersecurity, Don't miss, Features, Gigamon, Hot stuff, News, opinion, strategy / SecurityTicks

The hidden costs of security tool bloat and how to fix it 2025-03-27 at 08:07 By Mirko Zorz In this Help Net Security interview, Shane Buckley, President and CEO at Gigamon, discusses why combating tool bloat is a top priority for CISOs as they face tighter budgets and expanding security stacks. Buckley shares insights on

The hidden costs of security tool bloat and how to fix it Read More »

Cyber insurance isn’t always what it seems

CISO, cyber insurance, cyber resilience, cyber risk, cybersecurity, Don't miss, Halock Security Labs, Hot stuff, Mercury Risk And Compliance, News, opinion, strategy, tips / SecurityTicks

Cyber insurance isn’t always what it seems 2025-03-27 at 07:39 By Mirko Zorz Many companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than expected. CISOs must understand the risks before an attack happens. Misconceptions about cyber insurance Myth:

Cyber insurance isn’t always what it seems Read More »

Hottest cybersecurity open-source tools of the month: March 2025

cybersecurity, Don't miss, GitHub, News, open source, software / SecurityTicks

Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative

Hottest cybersecurity open-source tools of the month: March 2025 Read More »

ETSI releases security standard for the quantum future

cybersecurity, data security, Encryption, ETSI, News, quantum computing, security standard / SecurityTicks

ETSI releases security standard for the quantum future 2025-03-27 at 06:35 By Help Net Security ETSI launched post-quantum security standard to guarantee the protection of critical data and communications in the future. The specification “Efficient Quantum-Safe Hybrid Key Exchanges with Hidden Access Policies” (ETSI TS 104 015) has been developed to enhance security mechanisms, ensuring

ETSI releases security standard for the quantum future Read More »

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool

cybercime, ESET, News, Ransomware, research / SecurityTicks

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool 2025-03-26 at 17:02 By Help Net Security ESET researchers have published an in-depth analysis highlighting significant shifts within the ransomware landscape, spotlighting the rise of RansomHub. This relatively new ransomware-as-a-service operation has quickly come to dominate the scene. “The fight against ransomware reached two milestones

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool Read More »

China-linked FamousSparrow APT group resurfaces with enhanced capabilities

APT, China, cybercrime, cybersecurity, Don't miss, ESET, News, research, USA / SecurityTicks

China-linked FamousSparrow APT group resurfaces with enhanced capabilities 2025-03-26 at 17:02 By Help Net Security ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate the compromise, they made an unexpected discovery in the victim’s system: malicious tools

China-linked FamousSparrow APT group resurfaces with enhanced capabilities Read More »

If you think you’re immune to phishing attempts, you’re wrong!

2FA, account hijacking, account protection, data breach, Don't miss, HIBP, Hot stuff, Mailchimp, News, phishing, social engineering / SecurityTicks

If you think you’re immune to phishing attempts, you’re wrong! 2025-03-26 at 16:17 By Zeljka Zorz Security consultant Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, has revealed that he got tricked by a clever phishing email, and that the attacker gained access to his Mailchimp account and stole a list

If you think you’re immune to phishing attempts, you’re wrong! Read More »

Whitepaper: Voice of Security 2025

AWS, Don't miss, IDC, News, Tines, Whitepapers and webinars / SecurityTicks

Whitepaper: Voice of Security 2025 2025-03-26 at 16:02 By Help Net Security Discover insights from 900 security leaders across the globe in IDC’s Voice of Security 2025 survey, sponsored by Tines in partnership with AWS. Understand the biggest challenges facing security teams today, and how they can stay ahead of the curve in the age

Whitepaper: Voice of Security 2025 Read More »

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report

Database Protection, News, Reports, Security Research, Threat Intelligence / SecurityTicks

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need for

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report Read More »

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

Database Protection, News, Reports, Security Research, Threat Intelligence / SecurityTicks

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures Read More »