433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Veracode unveils innovations for secure software development

Veracode announced innovations to help developers build secure-by-design software, and security teams reduce risk across their code-to-cloud ecosystem. The latest enhancements in Veracode Fix and Veracode Risk Manager, formerly known as Longbow Security, give developers the ability to build software, assess risk, and remediate at the click of a button in their preferred environment. “Six months ago, we proudly signed the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure By Design pledge, which set out to … More → The post Veracode unveils innovations for secure software development appeared first on Help Net Security.
http://news.poseidon-us.com/TGXK63

AWS offers incident response service

Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other security events: AWS Security Incident Response (SIR). Creating a case (Source: AWS) AWS Security Incident Response explained “Security events are becoming more pervasive and complex for customers,” says Betty Zheng, Senior Developer Advocate at AWS. Incident response is becoming harder due to the increased complexity and the lack of in-house … More → The post AWS offers incident response service appeared first on Help Net Security.
http://news.poseidon-us.com/TGXK13

Is OpenAI still the enterprise tech influencer it once was?

Two years after its landmark tool ChatGPT went live, enterprise generative AI vendors are having to work harder to maintain customer enthusiasm.
http://news.poseidon-us.com/TGXD55

$400M seized, 5,500 arrested in global operation targeting cyber fraud

A coordinated international operation involving law enforcement agencies from 40 countries led to the arrest of over 5,500 individuals linked to financial crimes and the confiscation of more than $400 million in virtual assets and government-backed currencies. Officers in Nigeria making an arrest (Source: INTERPOL) Operation HAECHI V details The five-month Operation HAECHI V (July – November 2024) targeted seven types of cyber-enabled frauds: voice phishing, romance scams, online sextortion, investment fraud, illegal online gambling, … More → The post $400M seized, 5,500 arrested in global operation targeting cyber fraud appeared first on Help Net Security.
http://news.poseidon-us.com/TGX9tx

Stuck in endless cycles of deliberation on how to deal with Oracle’s new Java licensing dilemma?

Stuck in endless cycles of deliberation on how to deal with Oracle’s New Java Licensing Dilemma? Use a proven blueprint to help you navigate through the choices.
http://news.poseidon-us.com/TGX59p

Credential Guard and Kerberos delegation, (Mon, Dec 2nd)

The vast majority of red team exercises that I (and my team, of course) have been doing lately are assumed breach scenarios. In an assumed breach scenario (and we cover this in the amazing SEC565: Red Team Operations and Adversary Emulation SANS course that I also teach!) red team is usually given access as a non-privileged domain user, simulating an attacker that has someone already established the first foothold in the organization.
http://news.poseidon-us.com/TGX2rM

5 reasons to double down on network security

Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies. Today, with the rise of work-from-anywhere and bring-your-own-device (BYOD) policies as well as the ongoing shift to cloud environments, we’re seeing a shift of equal magnitude as it is becoming increasingly clear that endpoint security tools alone cannot handle the new threat landscape. Endpoint security is still an … More → The post 5 reasons to double down on network security appeared first on Help Net Security.
http://news.poseidon-us.com/TGWswh

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that involves the CNA community and highlights the persistent vulnerabilities that continue to make the list year after year. Summers also touches on the role of AI tools in identifying vulnerabilities and the importance of root cause mapping … More → The post Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges appeared first on Help Net Security.
http://news.poseidon-us.com/TGWsvd

Data scientists create tool to spot fake images

Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye. It can identify subtle differences in images with greater accuracy than traditional methods and has been shown to detect alternations as small as 1 pixel. Highlighting differences between distorted Lenna and reference Lenna images using SSIM and Pixelator v2 The tool is developed by York St. … More → The post Data scientists create tool to spot fake images appeared first on Help Net Security.
http://news.poseidon-us.com/TGWrQv