433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Audits for AI systems that keep changing

Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through recurring measurement and automated evidence collection tied to live system behavior. The specification addresses a common challenge in AI oversight. Models evolve through retraining, data pipelines change, and system configurations shift during operation. Oversight methods … More → The post Audits for AI systems that keep changing appeared first on Help Net Security.
http://news.poseidon-us.com/TQc0fV

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out on [January 22, 2026],” the company shared. About CVE-2026-24858 On January 20, several Fortinet customers revealed that attackers gained access to their FortiGate firewalls and created new local admin accounts despite the devices running … More → The post Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) appeared first on Help Net Security.
http://news.poseidon-us.com/TQbtWB

Attackers use Windows App-V scripts to slip infostealer past enterprise defenses

A malware delivery campaign detailed by Blackpoint researchers employs an impressive array of tricks to deliver an infostealer to employees without triggering enterprise defenses or close examination by security researchers. The attackers aim to get the Amatera Stealer installed on target Windows computers by using fake human verification pages – i.e., CAPTCHA pages – to trick users into manually pasting and executing a command via the Run dialog. And here is where things get interesting. … More → The post Attackers use Windows App-V scripts to slip infostealer past enterprise defenses appeared first on Help Net Security.
http://news.poseidon-us.com/TQbRph

Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS

Tenable announced general availability of Tenable One AI Exposure. With this release, the Tenable One Exposure Management Platform unifies AI protection, discovery and usage governance across the enterprise, including SaaS platforms, cloud services, APIs and agents. AI is deeply embedded and interconnected throughout organizations, creating the “AI Exposure Gap,” a largely invisible form of exposure that emerges across applications, infrastructure, identities, agents and data, and that most security teams are not equipped to manage. Many … More → The post Tenable One AI Exposure delivers unified visibility and governance across AI, cloud and SaaS appeared first on Help Net Security.
http://news.poseidon-us.com/TQbRpg

NICE Actimize Insights Network combats fraudulent transfers

NICE Actimize launched Actimize Insights Network, an intelligence network designed to give financial institutions real-time visibility into counterparty risk. Leveraging insights from its Fraud and Financial Crime network, the Actimize Insights Network delivers the scale and precision needed to prevent fraud before money moves while supporting governance. Financial institutions continue to face growth in authorized push payment (APP) scams, business email compromise (BEC), and other schemes in which legitimate customers are manipulated into sending money … More → The post NICE Actimize Insights Network combats fraudulent transfers appeared first on Help Net Security.
http://news.poseidon-us.com/TQbRpJ

HackerOne brings Agentic PTaaS to continuous, expert-validated pentesting

HackerOne announced Agentic Pentest as a Service (Agentic PTaaS), delivering continuous security validation by combining autonomous agent execution with human expertise to ensure every finding reflects exploitable risk that security teams can trust and act on at scale. Enterprise security teams face a growing gap between development velocity and security validation. Traditional pentests deliver depth and trust, but they struggle to keep pace with continuous change. At the other extreme, fully autonomous testing promises speed … More → The post HackerOne brings Agentic PTaaS to continuous, expert-validated pentesting appeared first on Help Net Security.
http://news.poseidon-us.com/TQbHJ8

Microsoft brings AI-powered investigations to security teams

Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak investigations, credential exposure, internal fraud and bribery, sensitive data exposure in Teams, and inappropriate content investigations. Microsoft Purview Data Security Investigations (Source: Microsoft) “Investigations that once took weeks, or weren’t possible at all, can now be completed in hours. By eliminating manual effort and surfacing hidden risks across sprawling … More → The post Microsoft brings AI-powered investigations to security teams appeared first on Help Net Security.
http://news.poseidon-us.com/TQbHHv

AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints

Amazon Web Services has added IPv6 support to IAM Identity Center through new dual-stack endpoints. The update allows identity services to operate over IPv6 networks while continuing to support IPv4. The change applies to access portals, managed applications, and service APIs that use dual-stack domain names capable of accepting both IPv4 and IPv6 connections. Transition from IPv4-only to dual-stack endpoints (Source: AWS) Dual-stack endpoints for workforce access Existing IPv4 endpoints remain available. Clients connect using … More → The post AWS adds IPv6 support to IAM Identity Center through dual-stack endpoints appeared first on Help Net Security.
http://news.poseidon-us.com/TQbHHs