433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

AI-driven insights transform security preparedness and recovery

In this Help Net Security interview, Arunava Bag, CTO at Digitate, discusses how organizations can recover digital operations after an incident, prioritize cybersecurity strategies, and secure digital operations with effective frameworks. What measures should organizations take to recover digital operations after an incident? IT security teams everywhere are struggling to meet the scale of actions required to ensure IT operational risk remediation from continually evolving threats. Recovering digital operations after an incident requires a proactive … More → The post AI-driven insights transform security preparedness and recovery appeared first on Help Net Security.
http://news.poseidon-us.com/THSQdn

NDR’s role in a modern cybersecurity stack

Attacks happen frequently on the security stack or within an enterprise. Often, they’re carried out by some unknown entity on the other side of the globe. You don’t know who you’re dealing with. You don’t know who they are. In this Help Net Security video, Jerry Mancini, NETSCOUT’s Senior Director, Office of the Enterprise CTO, discusses NDR’s role in a modern cybersecurity stack. The post NDR’s role in a modern cybersecurity stack appeared first on Help Net Security.
http://news.poseidon-us.com/THSQdZ

One in ten GenAI prompts puts sensitive data at risk

Despite their potential, many organizations hesitate to fully adopt GenAI tools due to concerns about sensitive data being inadvertently shared and possibly used to train these systems, according to Harmonic. Sensitive data exposure in GenAI prompts A new study, based on tens of thousands of prompts from business users, reveals that nearly one in ten potentially disclose sensitive data. The prompts have been analyzed by Harmonic Security during Q4 of 2024 and monitor the use … More → The post One in ten GenAI prompts puts sensitive data at risk appeared first on Help Net Security.
http://news.poseidon-us.com/THSQcJ

ISC Stormcast For Monday, January 20th, 2025 https://isc.sans.edu/podcastdetail/9286, (Mon, Jan 20th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/THSLcK

Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used. Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them? A threat actor has leaked … More → The post Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked appeared first on Help Net Security.
http://news.poseidon-us.com/THRkxK

Zero Trust and Entra ID Conditional Access, (Sun, Jan 19th)

Microsoft Entra ID (Formerly Azure AD) Conditional Access (CA) policies are the key components to a Zero Trust strategy, as it provides the ability to function as the front door for users and devices. CA policies use attributes, or signals, of various components as variables to be used to enforce specific access controls. Attributes include user and device attributes, such as location and device risk. By defining and controlling the conditions in which access is granted, we can reduce risk and enhance security.
http://news.poseidon-us.com/THRZPb

New tool: immutable.py, (Sat, Jan 18th)

When performing triage on a Linux system you suspect might be compromised, there are many aspects of the system that you may want to look at. In SANS FOR577, we talk about some existing tools and even writing your own bash script to collect triage data. In a case I worked a year or so ago, the attacker installed an LD&#x5f&#x3b;PRELOAD rootkit, which was itself pretty interesting, but one aspect that was a little unusual in this case was that they also set the immutable bit on /etc/ld.so.preload. I&#39&#x3b;ve used the find command to find suid and guid binaries and scripts, but it is a bit more of a pain to find files with the immutable bit. So, I wrote by a Python script that takes one or more file or directory names and returns the names of any that have the immutable bit. You can also add a switch to search recursively and another to return full path rather than relative (the default). I figured I can&#39&#x3b;t be the only person who ever needed a tool like this, so I&#39&#x3b;ve added it to my GitHub script repo.
http://news.poseidon-us.com/THQvwT