433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

EEOC changes leadership and emphasis

“We’re in a situation where there’s a lot of unprecedented things going on. So it’s really just a wait and see approach,” said Carol Warner. The post EEOC changes leadership and emphasis first appeared on Federal News Network.
http://news.poseidon-us.com/THzS7w

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have been rarely leveraged by nation-state threat actors. Volexity’s visibility into targeted attacks indicates this particular method has been far more effective than the combined effort of years of other social engineering and spear-phishing attacks conducted by the … More → The post Threat actors are using legitimate Microsoft feature to compromise M365 accounts appeared first on Help Net Security.
http://news.poseidon-us.com/THzRxk

Fake BSOD Delivered by Malicious Python Script, (Fri, Feb 14th)

I found a Python script that implements a funny anti-analysis trick. The script has a low score on VT (4/59) (SHA256:d716c2edbcdb76c6a6d31b21f154fee7e0f8613617078b69da69c8f4867c9534)[1]. This sample attracted my attention because it uses the tkinter[2] library. This library is used to create graphical user interfaces (GUIs). It provides tools to create windows, dialogs, buttons, labels, text fields, and other interactive elements, allowing developers to build desktop applications with visual interfaces in Python. Most Python scripts are intended to be executed from a command line. That's why I consider this library as a good sign of suspicious behavior (It does not mean that all Python scripts using this library are malicious!)
http://news.poseidon-us.com/THzMjY

OPM clarifies RTO guidance for military spouses after pressure from lawmakers, families

All federally employed spouses of military and Foreign Service members who work remotely are “categorically exempt” from Trump’s return-to-office mandate. The post OPM clarifies RTO guidance for military spouses after pressure from lawmakers, families first appeared on Federal News Network.
http://news.poseidon-us.com/THzLKC

OPM clarifies RTO guidance for military spouses after pressure from lawmakers, families

All federally employed spouses of military and Foreign Service members who work remotely are “categorically exempt” from Trump’s return-to-office mandate. The post OPM clarifies RTO guidance for military spouses after pressure from lawmakers, families first appeared on Federal News Network.
http://news.poseidon-us.com/THzLHX

Grip Security unveils SSPM solution to strengthen SaaS security posture

Grip Security has unveiled its SaaS Security Posture Management (SSPM) solution, which proactively identifies misconfigurations, enforces best practices and strengthens SaaS security posture against emerging risks. Unlike traditional SSPM products, Grip SSPM is built on a foundation of visibility and automation, enabling organizations to combine misconfiguration remediation and policy enforcement as part of a comprehensive security program that addresses SaaS security end-to-end. By consolidating SaaS security into a single platform, Grip SSPM streamlines operations, automates … More → The post Grip Security unveils SSPM solution to strengthen SaaS security posture appeared first on Help Net Security.
http://news.poseidon-us.com/THz5qc

Pig butchering scams are exploding

2024 is set to be a record year for scammers who received at least US$9.9 billion in crypto revenues from their illicit activities, according to Chainalysis. This figure is projected to rise to an all-time high of $12.4 billion as ongoing analysis uncovers more fraudulent activity. These findings are part of Chainalysis’ research into scams, highlighting high-yield investment scams (50%) and pig butchering (33%) as the two most prevalent fraud and scams. Pig butchering scams … More → The post Pig butchering scams are exploding appeared first on Help Net Security.
http://news.poseidon-us.com/THyzyX

Inconsistent security strategies fuel third-party threats

47% of organizations have experienced a data breach or cyberattack over the past 12 months that involved a third-party accessing their network, according to Imprivata and the Ponemon Institute. Third-party security incidents persist Notably, 64% of respondents say these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months, indicating the problem is here to stay. The report surveyed nearly 2,000 IT security practitioners worldwide and … More → The post Inconsistent security strategies fuel third-party threats appeared first on Help Net Security.
http://news.poseidon-us.com/THywXn

New infosec products of the week: February 14, 2025

Here’s a look at the most interesting products from the past week, featuring releases from Armor, EchoMark, Netwrix, Palo Alto Networks, and Socure. Palo Alto Networks Cortex Cloud applies AI-driven insights to reduce risk and prevent threats Palo Alto Networks introduced Cortex Cloud, the next version of Prisma Cloud, that brings together new releases of its cloud detection and response (CDR) and cloud native application protection platform (CNAPP) capabilities on the unified Cortex platform. Cortex … More → The post New infosec products of the week: February 14, 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/THywWz

ISC Stormcast For Friday, February 14th, 2025 https://isc.sans.edu/podcastdetail/9324, (Fri, Feb 14th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/THyt0y