433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

GitHub project maintainers targeted with fake security alert

A phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and repositories. The fake security alert from GitHub GitHub users have taken to social media to warn others about emails ostensibly coming from the GitHub Security Team, alerting recipients about an “unusual access attempt” from an IP address/device located in Reykjavik, Iceland. The attackers mounted this campaign … More → The post GitHub project maintainers targeted with fake security alert appeared first on Help Net Security.
http://news.poseidon-us.com/TJZRmM

Employers are on an unsustainable ‘hiring spree’ for AI talent, report says

Too many companies are rushing to close the AI jobs gap without investment in employee training, the CEO of talent firm General Assembly warned.
http://news.poseidon-us.com/TJZLqp

Static Analysis of GUID Encoded Shellcode, (Mon, Mar 17th)

I wanted to figure out how to statically decode the GUID encoded shellcode Xavier wrote about in his diary entry “Shellcode Encoded in UUIDs”.
http://news.poseidon-us.com/TJZCZp

Pay, fight, or stall? The dilemma of ransomware negotiations

Ransomware negotiations are a high-stakes game where every decision matters. In this Help Net Security video, Kurtis Minder, CEO at GroupSense, takes us inside the world of ransomware negotiations. We learn how attackers communicate, the tough decisions victims face, and the mistakes that can make or break a response. He breaks down the key factors in deciding whether to engage with hackers, the legal and ethical considerations, and why preparation is everything. Learn why logging … More → The post Pay, fight, or stall? The dilemma of ransomware negotiations appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6S8

Review: Cybersecurity Tabletop Exercises

Packed with real-world case studies and practical examples, Cybersecurity Tabletop Exercises offers insights into how organizations have successfully leveraged tabletop exercises to identify security gaps and enhance their incident response strategies. The authors explore a range of realistic scenarios, including phishing campaigns, ransomware attacks, and insider threats, demonstrating how these exercises can uncover vulnerabilities before an actual crisis occurs. It also highlights key lessons learned from exercises that didn’t go as planned, providing a well-rounded … More → The post Review: Cybersecurity Tabletop Exercises appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6S3

IntelMQ: Open-source tool for collecting and processing security feeds

IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs, IntelMQ has evolved into a versatile tool for all security teams. With a modular and extensible design, it supports various input, processing, and output plugins, enabling seamless integration with existing workflows. Built for full automation, … More → The post IntelMQ: Open-source tool for collecting and processing security feeds appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6Rl

ISC Stormcast For Monday, March 17th, 2025 https://isc.sans.edu/podcastdetail/9366, (Mon, Mar 17th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TJZ1Fc