433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Event Response: Vishing Attack Impacting Third-Party CRM System

On July 24, 2025 (GMT+9), Cisco was made aware of an incident involving a bad actor targeting a Cisco representative through a voice phishing attack, also known as vishing. As a result, the actor was able to access and export a subset of basic profile information from one instance of a third-party, cloud-based Customer Relationship Management (CRM) system that Cisco uses. Security Impact Rating: Critical CVE: CVE
http://news.poseidon-us.com/TMLnPl

Beyond PQC: Building adaptive security programs for the unknown

In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority. Avnaim also outlines practical steps CISOs can take to build crypto agility and maintain digital trust. From your perspective as a CISO, how do you frame the quantum computing threat to executives and the board? Complexity can … More → The post Beyond PQC: Building adaptive security programs for the unknown appeared first on Help Net Security.
http://news.poseidon-us.com/TMLjry

Cybercriminals are getting personal, and it’s working

Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or obfuscated deployments, according to VIPRE Security. These phishing kits can’t easily be reverse-engineered, tracked, or caught. AI makes them affordable, too. Among the most prevalent are Evilginx (20%), Tycoon 2FA (10%), 16shop (7%), with another 5% attributed to other generic kits. Manufacturing is the top target sector For the sixth quarter in a … More → The post Cybercriminals are getting personal, and it’s working appeared first on Help Net Security.
http://news.poseidon-us.com/TMLjqz

Elastic AI SOC Engine helps SOC teams expose hidden threats

Elastic AI SOC Engine (EASE) is a new serverless, easy-to-deploy security package that brings AI-driven context-aware detection and triage into existing SIEM and EDR tools, without the need for an immediate migration or replacement. EASE delivers agentless integrations, AI-driven alert correlation using Elastic’s Attack Discovery, and an AI Assistant that empowers SOC analysts to uncover hidden, coordinated threats faster and reduce manual investigation time. Delivered on the Elastic Cloud, EASE gives security teams a friction-reducing … More → The post Elastic AI SOC Engine helps SOC teams expose hidden threats appeared first on Help Net Security.
http://news.poseidon-us.com/TMLjqj

AI can write your code, but nearly half of it may be insecure

While GenAI excels at producing functional code, it introduces security vulnerabilities in 45 percent of cases, according to Veracode’s 2025 GenAI Code Security Report, which analyzed code produced by over 100 LLMs across 80 real-world coding tasks. Vibe coding “The rise of vibe coding, where developers rely on AI to generate code, typically without explicitly defining security requirements, represents a fundamental shift in how software is built,” said Jens Wessling, CTO at Veracode. “The main … More → The post AI can write your code, but nearly half of it may be insecure appeared first on Help Net Security.
http://news.poseidon-us.com/TMLjq8

Energy companies are blind to thousands of exposed services

Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from SixMap. Researchers assessed the external attack surface of 21 major energy companies, analyzing nearly 40,000 IP addresses and scanning all 65,535 ports per host. The findings paint a picture of persistent risk, blind spots, and outdated tools. In total, the companies had 58,862 services exposed to the … More → The post Energy companies are blind to thousands of exposed services appeared first on Help Net Security.
http://news.poseidon-us.com/TMLgX6

ISC Stormcast For Thursday, August 7th, 2025 https://isc.sans.edu/podcastdetail/9560, (Thu, Aug 7th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TMLczJ