News - Security Ticks

New system aims to keep people connected when networks fail

Bluetooth, communication, cybersecurity, Don't miss, emergency alert systems, networking, News, research, smartphones, software, wireless / SecurityTicks

New system aims to keep people connected when networks fail 2025-10-08 at 07:32 By Sinisa Markovic When disaster strikes, communication often fails. Cell towers can go offline, internet connections can disappear, and people are left without a way to share information or ask for help. A new research project looks at how to keep people […]

React to this headline:

New system aims to keep people connected when networks fail Read More »

Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844)

BSI, Don't miss, Hot stuff, News, Redis, vulnerability, Wiz / SecurityTicks

Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844) 2025-10-07 at 16:36 By Zeljka Zorz Redis, the company behind the widely used in-memory data structure store of the same name, has released patches for a critical vulnerability (CVE-2025-49844) that may allow attackers full access to the underlying host system. “This flaw allows a post auth

React to this headline:

Redis patches critical “RediShell” RCE vulnerability, update ASAP! (CVE-2025-49844) Read More »

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882)

data theft, Don't miss, exploit, extortion, Hot stuff, Mandiant, News, Oracle, Resecurity, WatchTowr / SecurityTicks

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) 2025-10-07 at 15:36 By Zeljka Zorz Resecurity and watchTowr researchers have analyzed the leaked scripts used by attackers to exploit CVE-2025-61882 on internet-facing Oracle ESB instances. Whether the attackers were Cl0p or LAPSUS$, both, or even additional threat actors is still unknown,

React to this headline:

Leaked Oracle EBS exploit scripts expected to drive new wave of attacks (CVE-2025-61882) Read More »

How to get better results from bug bounty programs without wasting money

Alta Associates, bug bounty, CISO, cybersecurity, Don't miss, Features, Google, Hot stuff, Intigriti, News, strategy, tips, UpCloud, vulnerability disclosure / SecurityTicks

How to get better results from bug bounty programs without wasting money 2025-10-07 at 14:03 By Mirko Zorz The wrong bug bounty strategy can flood your team with low-value reports. The right one can surface critical vulnerabilities that would otherwise slip through. A new academic study based on Google’s Vulnerability Rewards Program (VRP) offers rare

React to this headline:

How to get better results from bug bounty programs without wasting money Read More »

The architecture of lies: Bot farms are running the disinformation war

Arkose Labs, bot, cybersecurity, disinformation, News, Thales, threat / SecurityTicks

The architecture of lies: Bot farms are running the disinformation war 2025-10-07 at 14:03 By Sinisa Markovic Bot farms have moved into the center of information warfare, using automated accounts to manipulate public opinion, influence elections, and weaken trust in institutions. Algorithms reward noise over truth Thales reports that in 2024, automated bot traffic made

React to this headline:

The architecture of lies: Bot farms are running the disinformation war Read More »

Cybersecurity jobs available right now: October 7, 2025

cybersecurity jobs, News / SecurityTicks

Cybersecurity jobs available right now: October 7, 2025 2025-10-07 at 14:03 By Anamarija Pogorelec Application Security / DevSecOps Engineer AvetixCyber | USA | Remote – View job details As an Application Security / DevSecOps Engineer, you will integrate security tools and processes into CI/CD pipelines, perform secure code reviews, architecture risk assessments, and threat modeling.

React to this headline:

Cybersecurity jobs available right now: October 7, 2025 Read More »

Cybersecurity’s next test: AI, quantum, and geopolitics

Artificial Intelligence, critical infrastructure, cyber resilience, cybersecurity, News, PwC, quantum computing, report, threats / SecurityTicks

Cybersecurity’s next test: AI, quantum, and geopolitics 2025-10-07 at 14:03 By Anamarija Pogorelec Geopolitics, emerging technology, and skills shortages are reshaping cybersecurity priorities across industries, according to a new PwC report. The findings show a mix of rising awareness, persistent weaknesses, and uneven preparation for the next wave of threats. Geopolitical risk at the core

React to this headline:

Cybersecurity’s next test: AI, quantum, and geopolitics Read More »

Hackers launch data leak site to extort 39 victims, or Salesforce

Data leak, data theft, Don't miss, extortion, Hot stuff, News, Salesforce, social engineering / SecurityTicks

Hackers launch data leak site to extort 39 victims, or Salesforce 2025-10-06 at 17:44 By Zeljka Zorz Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent the stolen data from being released. Screenshot of Scattered Lapsus$ Hunters data leak

React to this headline:

Hackers launch data leak site to extort 39 victims, or Salesforce Read More »

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882)

data theft, Don't miss, extortion, Hot stuff, Mandiant, News, Oracle / SecurityTicks

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) 2025-10-06 at 15:28 By Zeljka Zorz The Cl0p extortion gang exploited multiple Oracle E-Business Suite (EBS) vulnerabilities, including one zero-day flaw (CVE-2025-61882), “to steal large amounts of data from several victim[s] in August 2025,” Charles Carmakal, CTO at Mandiant – Google Cloud, stated

React to this headline:

Cl0p exploits Oracle E-Business Suite zero-day in data theft, extortion campaign (CVE-2025-61882) Read More »

eBook: Defending Identity Security the Moment It’s Threatened

Enzoic, News, Whitepapers and webinars / SecurityTicks

eBook: Defending Identity Security the Moment It’s Threatened 2025-10-06 at 15:28 By Help Net Security Credential-based attacks happen in seconds. Learn how to block weak or stolen passwords instantly, safeguard accounts in real time, and reduce helpdesk headaches with automated defense. Enzoic delivers lightweight APIs that: Block weak or compromised passwords at creation/reset Stop stolen

React to this headline:

eBook: Defending Identity Security the Moment It’s Threatened Read More »

How to succeed at cybersecurity job interviews

cybersecurity, cybersecurity jobs, Don't miss, Features, how-to, News, strategy, tips / SecurityTicks

How to succeed at cybersecurity job interviews 2025-10-06 at 09:06 By Sinisa Markovic Imagine this: you’ve made it through the résumé screen, your skills look solid on paper, and now it’s interview day. The next hour will decide whether you move forward or go back to the job boards. What separates the candidates who land

React to this headline:

How to succeed at cybersecurity job interviews Read More »

Meet ARGUS, the robot built to catch hackers and physical intruders

access control, cybersecurity, Don't miss, hardware, Incident Response, intrusion detection, News, research / SecurityTicks

Meet ARGUS, the robot built to catch hackers and physical intruders 2025-10-06 at 08:38 By Sinisa Markovic Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and together those actions create a bigger risk than either one alone. Most

React to this headline:

Meet ARGUS, the robot built to catch hackers and physical intruders Read More »

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0

antivirus, content filtering, Don't miss, Email, email security, News, open source, Proxmox, software / SecurityTicks

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0 2025-10-06 at 08:06 By Anamarija Pogorelec First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop threats before they reach users. The platform delivers anti-spam and antivirus filtering

React to this headline:

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0 Read More »

Old authentication habits die hard

Artificial Intelligence, authentication, cybersecurity, MFA, News, passkeys, report, Yubico / SecurityTicks

Old authentication habits die hard 2025-10-06 at 07:48 By Anamarija Pogorelec Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and policy gaps 40% of employees said they have never received cybersecurity training. Even among those who have, the guidance is often outdated because many

React to this headline:

Old authentication habits die hard Read More »

Phishing is old, but AI just gave it new life

Comcast, cyberattacks, cybersecurity, News, report, threats / SecurityTicks

Phishing is old, but AI just gave it new life 2025-10-06 at 07:03 By Anamarija Pogorelec The volume of cyberattacks has reached staggering levels, with new tactics that blur the line between legitimate and malicious activity. A new threat report from Comcast, based on 34.6 billion cybersecurity events analyzed over the past year, shows what

React to this headline:

Phishing is old, but AI just gave it new life Read More »

Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach

News, Week in review / SecurityTicks

Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach 2025-10-05 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Keeping the internet afloat: How to protect the global cable network The resilience of the world’s submarine cable

React to this headline:

Week in review: Many Cisco ASA firewalls still unsecure, hackers claim Red Hat’s GitLab breach Read More »

When loading a model means loading an attacker

Artificial Intelligence, CISO, cybersecurity, Don't miss, machine learning, News, research, strategy, tips / SecurityTicks

When loading a model means loading an attacker 2025-10-03 at 10:15 By Sinisa Markovic You probably think twice before downloading a random app or opening an unfamiliar email attachment. But how often do you stop to consider what happens when your team downloads and loads a machine learning model? A recent study shows why you

React to this headline:

When loading a model means loading an attacker Read More »

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines

Artificial Intelligence, generative AI, GitHub, News, Protegrity, Python, software / SecurityTicks

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines 2025-10-03 at 09:39 By Help Net Security Protegrity Developer Edition enables developers, data scientists, ML engineers, and security teams an easy way to add data protection into GenAI and unstructured data workflows, without the need for enterprise setup. Billed as the first enterprise-grade, governance-focused

React to this headline:

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines Read More »

4 ways to use time to level up your security monitoring

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, InfluxData, monitoring, News, opinion, SaaS, security telemetry, SIEM / SecurityTicks

4 ways to use time to level up your security monitoring 2025-10-03 at 09:09 By Help Net Security SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity

React to this headline:

4 ways to use time to level up your security monitoring Read More »

Passkeys rise, but scams still hit hard in 2025

cybersecurity, News, passkeys, report, trends / SecurityTicks

Passkeys rise, but scams still hit hard in 2025 2025-10-03 at 08:34 By Anamarija Pogorelec Americans are dealing with a growing wave of digital scams, and many are losing money in the process. According to the fourth annual Consumer Cyber Readiness Report, nearly half of U.S. adults have been targeted by cyberattacks or scams, and

React to this headline:

Passkeys rise, but scams still hit hard in 2025 Read More »