433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Unlocking OSINT: Top books to learn from

Discover the top Open-Source Intelligence (OSINT) books in this curated list. From investigative techniques to digital footprint analysis, these titles offer insights for security professionals, journalists, and researchers looking to master the art of gathering and analyzing publicly available data. Hunting Cyber Criminals: A Hacker’s Guide to Online Intelligence Gathering Tools and Techniques Author: Vinny Troia This is a deep dive into the world of OSINT from multiple perspectives, including those of hackers, investigators, and … More → The post Unlocking OSINT: Top books to learn from appeared first on Help Net Security.
http://news.poseidon-us.com/TJ25hB

A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094)

The suspected Chinese state-sponsored hackers who breached workstations of several US Treasury employees in December 2024 did so by leveraging not one, but two zero-days, according to Rapid7 researchers. It was initially reported that the attackers compromised the Treasury’s BeyondTrust Remote Support SaaS instances via CVE-2024-12356, a previously unknown unauthenticated command injection vulnerability. But, as Rapid7 researchers discovered (and confirmed by testing), “a successful exploit for CVE-2024-12356 had to include exploitation of CVE-2025-1094 in order … More → The post A PostgreSQL zero-day was also exploited in US Treasury hack (CVE-2025-1094) appeared first on Help Net Security.
http://news.poseidon-us.com/TJ1vbL

My Very Personal Guidance and Strategies to Protect Network Edge Devices, (Thu, Feb 6th)

Last week, CISA and other national cyber security organizations published an extensive document outlining “Guidance and Strategies to Protect Network Edge Devices.” [1] The document is good but also very corporate and “bland.” It summarizes good, well-intended advice that will help you secure edge devices. But reading it also made me think, “That's it?” Not that I expected earth-shattering advice eliminating vulnerabilities brought on by accumulating deceased worth of abandoned ware still peddled at often relatively high costs. But I don't know; maybe something more actionable would be helpful. 
http://news.poseidon-us.com/TJ1syv

Researchers shed light on the mechanisms of bacterial flagellar motors

Biological motors, which aid microorganism movement in fluids, are composed of two components — the rotor and stators. Despite much research, the exact molecular mechanism underlying stator function is yet unclear. In a new study, researchers analyzed the flagellar motor in Vibrio alginolyticus using cryo-electron microscopy and described how sodium ion flow through stators underlies stator function. Understanding biological motors better could lead to the development of efficient microscopic machines.
http://news.poseidon-us.com/TJ1rB1

Research uses AI to make infrastructure more resilient, sustainable

From predicting potholes to designing more durable concrete, artificial intelligence is paving the way for smarter infrastructure, new studies show.
http://news.poseidon-us.com/TJ1r9d

Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme

Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. The fraudulent operation “According to court documents, Sergei Potapenko and Ivan Turõgin, both 40, sold contracts to customers entitling them to a share of cryptocurrency mined by the defendants’ purported cryptocurrency mining service, HashFlare,” said the Justice Department. “Between 2015 and 2019, Hashflare’s … More → The post Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme appeared first on Help Net Security.
http://news.poseidon-us.com/TJ1nmy

How CISOs can balance security and business agility in the cloud

In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers practical strategies for integrating cloud-native security solutions and mitigating misconfigurations at scale. What key security principles should enterprises follow when migrating to the cloud, particularly for hybrid and multi-cloud environments? One of the biggest misconceptions about cloud migrations is assuming that … More → The post How CISOs can balance security and business agility in the cloud appeared first on Help Net Security.
http://news.poseidon-us.com/TJ1WBX

Orbit: Open-source Nuclei security scanning and automation platform

Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built Orbit to address the challenges of scalable and efficient security scanning. Traditional tools can be rigid and difficult to integrate into dynamic environments. Orbit was designed as a flexible, self-hosted, open-source platform that gives … More → The post Orbit: Open-source Nuclei security scanning and automation platform appeared first on Help Net Security.
http://news.poseidon-us.com/TJ1SCH

The hidden risks of a broken data provisioning system

In this Help Net Security video, Bart Koek, Field CTO at Immuta, discusses their 2025 State of Data Security Report, highlighting emerging challenges for IT and data security leaders. Key takeaways from the report: GenAI is causing significant change management challenges: 64% of data leaders say that their organization faces challenges in providing authorized users with timely and secure access to data. AI adoption amplifies security risks and complexities in compliance: 55% of respondents say … More → The post The hidden risks of a broken data provisioning system appeared first on Help Net Security.
http://news.poseidon-us.com/TJ1S96

ISC Stormcast For Monday, February 17th, 2025 https://isc.sans.edu/podcastdetail/9326, (Mon, Feb 17th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TJ1MX1