433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Bitwarden centralizes cryptographic key management

Bitwarden announced it has strengthened its Password Manager with secure shell management (SSH). This update centralizes cryptographic key management, enabling secure storage, import, and generation of SSH keys directly within the Bitwarden vault to enhance workflows for developers and IT professionals. Addressing SSH key management challenges SSH keys are essential for securing connections between devices and servers, enabling passwordless authentication for remote systems. Traditional SSH key workflows often require managing multiple keys across devices and … More → The post Bitwarden centralizes cryptographic key management appeared first on Help Net Security.
http://news.poseidon-us.com/THf6F0

Absolute Resilience Platform updates improve resilience across endpoints

Absolute Security announced that the Absolute Resilience Platform has expanded to provide customers with integrated, resilient, and automated patch management, vulnerability scanning and remediation, workflow automation and remote “one-click” endpoint rehydration. Unified with existing Absolute capabilities, this single-platform approach delivers needed security and risk capabilities, reduces the cost of endpoint management, and improves resilience across endpoints and critical security and IT controls to ensure your enterprise remains always on, fully operational, and protected against threats … More → The post Absolute Resilience Platform updates improve resilience across endpoints appeared first on Help Net Security.
http://news.poseidon-us.com/THf6Dw

How Lazarus Group built a cyber espionage empire

Since September 2024, SecurityScorecard’s STRIKE team has been investigating Lazarus Group’s activity, uncovering key details about their infrastructure. Despite variations in payload delivery and obfuscation techniques, the campaign relied on a consistent C2 framework. Hidden control panel Through deep analysis, researchers identified a hidden administrative layer within the C2 servers, offering the attackers centralized control over compromised systems. This web-based administrative platform, built with React and Node.js, enabled Lazarus to: Precisely organize and manage exfiltrated … More → The post How Lazarus Group built a cyber espionage empire appeared first on Help Net Security.
http://news.poseidon-us.com/THf6C5

Cyberhaven for AI provides visibility into AI tool usage

Cyberhaven launched Cyberhaven for AI, a solution that enables enterprises to securely adopt generative AI while protecting sensitive corporate data. The announcement comes as research reveals a 485% increase in corporate data being shared with AI tools, with over 73% of workplace AI usage happening through unsanctioned personal accounts. “The rapid adoption of generative AI tools has created a new frontier of data security challenges for enterprises,” said Howard Ting, CEO of Cyberhaven. “While AI … More → The post Cyberhaven for AI provides visibility into AI tool usage appeared first on Help Net Security.
http://news.poseidon-us.com/THf6BD

From PowerShell to a Python Obfuscation Race!, (Wed, Jan 29th)

Attackers like to mix multiple technologies to improve the deployment of their malicious code. I spotted a small script that drops a Python malware. The file was sent on VirusTotal and got a score of 2/60![1] (SHA256:96bb0777a8e9616bc9ca22ca207cf434a947a3e4286c051ed98ddd39147b3c4f). The script starts by downloading and opening a fake Garmin document through Powershell:
http://news.poseidon-us.com/THf3g8

Preparing financial institutions for the next generation of cyber threats

In this Help Net Security interview, James Mirfin, SVP and Head of Risk and Identity Solutions at Visa, discusses key priorities for leaders combating fraud, the next-generation threats institutions must prepare for, and the role of collaboration between financial sectors and government agencies in countering cybercrime. If you were to advise a newly appointed leader against fraud in a financial institution, what three priorities would you recommend they focus on immediately? As a newly appointed … More → The post Preparing financial institutions for the next generation of cyber threats appeared first on Help Net Security.
http://news.poseidon-us.com/THdzxR

AI in cybersecurity: weapon or shield?

AI is transforming cybersecurity by enhancing defences and empowering attackers with new, sophisticated tools.
http://news.poseidon-us.com/THdw8j

Cybersecurity crisis in numbers

The number of US data compromises in 2024 (3,158) decreased 1% compared to 2023 (3,202), 44 events away from tying a record for the number of compromises tracked in a year, according to the Identity Theft Resource Center. Data breach notices surge The number of data breach notices issued in the past year (1,728,519,397) increased 312% from 2023 (419,337,446). The increase was primarily due to six “mega-breaches” that resulted in at least 100 million breach … More → The post Cybersecurity crisis in numbers appeared first on Help Net Security.
http://news.poseidon-us.com/THdvVl

SEC and FCA fines: Issues jump

The financial sector faces communication compliance challenges as organizations struggle to maintain oversight across communication channels. Adding to the complexity is the unexpected rise of unconventional platforms, such as Snapchat, used for business operations. In this Help Net Security video, David Clee, CEO of MirrorWeb, discusses the pressure that highly regulated sectors like finance experience to ensure compliance standards are met in a climate where reputational and financial consequences are rife. The post SEC and FCA fines: Issues jump appeared first on Help Net Security.
http://news.poseidon-us.com/THdvVg

Only 13% of organizations fully recover data after a ransomware attack

Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio. Findings from the study reveal that 58% of organizations had to shut down operations following a ransomware attack, up from 45% in 2021. 40% reported a significant loss of revenue (up from 22% in 2021); 41% lost customers; and 40% had to eliminate jobs. Attackers are reaching critical systems to cause maximum disruption Ransomware attacks impacted 25% of critical systems, … More → The post Only 13% of organizations fully recover data after a ransomware attack appeared first on Help Net Security.
http://news.poseidon-us.com/THdvVC