433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed denial-of-service (DDoS) attacks. Win-DDoS – as the researchers dubbed this new attack technique – hinges on the attackers’ ability to trick public DCs into connecting to a Lightweight Directory Access Protocol (LDAP) server they set up, … More → The post Win-DDoS: Attackers can turn public domain controllers into DDoS agents appeared first on Help Net Security.
http://news.poseidon-us.com/TMQgjB

NIST Releases Test Tools to Accelerate Adoption of Emerging Route Leak Mitigation Standards

NIST has released NIST BGP RPKI IO (BRIO) – an open-source testing framework designed to facilitate test and experimentation with emerging Border Gateway Protocol (BGP) security and resilience mechanisms that leverage the Resource Public Key
http://news.poseidon-us.com/TMQfDh

6 CIO goals on AI for the rest of 2025

Tech leaders need to focus on unifying data structures, modernizing architectures and shaping governance ahead of agentic AI adoption.
http://news.poseidon-us.com/TMQVxS

WinRAR zero day exploited by RomCom hackers in targeted attacks

ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable UnRAR source code, update right away to the latest release. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting financial, manufacturing, defense, and logistics companies in … More → The post WinRAR zero day exploited by RomCom hackers in targeted attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TMQV3w

From coder to orchestrator: How developer roles are changing in the age of agentic AI

Nearly half of organizations are deploying agentic orchestration to power code reviews, automate testing and accelerate deal cycles, making once-impossible productivity gains a daily reality.
http://news.poseidon-us.com/TMQPNF

How Brandolini’s law informs our everyday infosec reality

Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude bigger than to produce it.” While it’s often thrown around in political debates and social media flame wars, I’ve been thinking a lot about how brutally relevant it is to our world of cybersecurity. Brandolini’s law casts a long shadow over everything we do, from fighting social engineering to … More → The post How Brandolini’s law informs our everyday infosec reality appeared first on Help Net Security.
http://news.poseidon-us.com/TMQKPR

From legacy to SaaS: Why complexity is the enemy of enterprise security

In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance between old and new technology is essential for maintaining protection. As more companies move from traditional on-prem setups to SaaS, how is that changing the way they approach security? Are most organizations handling that shift well, or are … More → The post From legacy to SaaS: Why complexity is the enemy of enterprise security appeared first on Help Net Security.
http://news.poseidon-us.com/TMQGbb

Review: From Day Zero to Zero Day

From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical look at how real vulnerability research is done. About the author Eugene Lim is a security researcher and white hat hacker. In 2019, he won the Most Valuable Hacker award at the H1-213 live hacking event in Los Angeles organized by Hackerone, the US Air Force, … More → The post Review: From Day Zero to Zero Day appeared first on Help Net Security.
http://news.poseidon-us.com/TMQGZQ

Pentesting is now central to CISO strategy

Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted by Emerald Research found that 68% are concerned about the risks posed by third-party software and components. While most say they are meeting regulatory requirements, 60% admit attackers are evolving too fast to maintain resilience. Survey of 225 C-suite or VP-level individuals (Source: Emerald Research) The … More → The post Pentesting is now central to CISO strategy appeared first on Help Net Security.
http://news.poseidon-us.com/TMQGZK

Breaches are up, budgets are too, so why isn’t healthcare safer?

A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise, and human error continue to cause widespread disruption. In 2023, breaches exposed 168 million records, and the first half of 2025 has already seen extortion demands as high as $4 million. The sector remains vulnerable, despite large investments in security tools and insurance. Severity of cyber claims in healthcare (Source: Resilience) The report highlights a … More → The post Breaches are up, budgets are too, so why isn’t healthcare safer? appeared first on Help Net Security.
http://news.poseidon-us.com/TMQGYs