433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

ProSpy and ToSpy: New spyware families impersonating secure messaging apps

ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through fake websites and social engineering. Researchers identified two previously unknown spyware families. Android/Spy.ProSpy poses as upgrades or add-ons for the Signal app and the discontinued ToTok app, while Android/Spy.ToSpy pretends to be the ToTok app itself. The ToSpy campaign is still active, supported by command-and-control servers that remain … More → The post ProSpy and ToSpy: New spyware families impersonating secure messaging apps appeared first on Help Net Security.
http://news.poseidon-us.com/TNQYbF

Building a mature automotive cybersecurity program beyond checklists

In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to how AI and other emerging technologies will shape the future of cybersecurity. What does a mature automotive cybersecurity program look like, and how can organizations measure their progress? A mature cybersecurity program must have a … More → The post Building a mature automotive cybersecurity program beyond checklists appeared first on Help Net Security.
http://news.poseidon-us.com/TNQNxh

Chekov: Open-source static code analysis tool

Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition analysis (SCA) for container images and open source packages. With Checkov, you can scan just about any cloud infrastructure setup, whether you’re using Terraform, CloudFormation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfiles, Serverless, Bicep, OpenAPI, … More → The post Chekov: Open-source static code analysis tool appeared first on Help Net Security.
http://news.poseidon-us.com/TNQNxg

GPT needs to be rewired for security

LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and even planning travel. But in the SOC (where mistakes have real cost), today’s models stumble on work that demands high precision and consistent execution across massive, real-time data streams. Until we close this reliability gap at scale, LLMs alone won’t automate the majority of SOC tasks. Humans excel at framing ambiguous problems, making risk-aware … More → The post GPT needs to be rewired for security appeared first on Help Net Security.
http://news.poseidon-us.com/TNQNxH

The energy sector is ground zero for global cyber activity

A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups, CSIS, ThaiCERT, Malpedia, EuRepoC, and the AI Incident Database. Each source reports information differently. Some use structured formats like JSON or tables that are easy to analyze. Others rely on long descriptive text that is harder … More → The post The energy sector is ground zero for global cyber activity appeared first on Help Net Security.
http://news.poseidon-us.com/TNQKLY

Biotech platforms keep missing the mark on security fundamentals

A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems, according to Sekurno. Real-world timeline showing how attackers could pivot from passive reconnaissance to accessing sensitive genomic data in under 2 hours. APIs exposing sensitive data APIs were the most common weakness, accounting for 34% … More → The post Biotech platforms keep missing the mark on security fundamentals appeared first on Help Net Security.
http://news.poseidon-us.com/TNQHmN

Underwriting is shifting to AI-driven, real-time decisions by 2030

Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new global Experian report. By 2030, credit decisions are expected to become embedded in everyday transactions, with artificial intelligence and automation taking on a bigger role. The report, based on surveys and interviews with 708 senior credit and fraud risk leaders across 10 countries, found that 83 percent of respondents expect real-time loan … More → The post Underwriting is shifting to AI-driven, real-time decisions by 2030 appeared first on Help Net Security.
http://news.poseidon-us.com/TNQHkg