433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults

Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive AD attributes, and introduces configuration options to counter two related Kerberos impersonation techniques. A CVE drives the encryption default change The most directly security-relevant change in 4.24.0 is a shift in default encryption types for Kerberos. The kdc default domain supported enctypes parameter now defaults to AES-128 and AES-256 (specifically … More → The post Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbf4

Java 26 ships with new cryptography API and HTTP/3 support

Oracle released JDK 26, the 17th consecutive feature release delivered under the six-month cadence the project adopted in 2018. The release includes ten JDK Enhancement Proposals spanning language changes, garbage collection improvements, cryptographic tooling, and network protocol support. PEM encoding API targets cryptographic integration JEP 524 introduces a second preview of a PEM encoding API for cryptographic objects. The API converts keys, certificates, and certificate revocation lists into Privacy-Enhanced Mail format and decodes them back … More → The post Java 26 ships with new cryptography API and HTTP/3 support appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbdx

Omnix AI Advisor brings real-time credential threat insights to enterprise security teams

Dashlane has unveiled Omnix AI Advisor, a natural-language AI security assistant embedded into the Dashlane Omnix platform. Built upon Omnix’s advanced credential protection and visibility capabilities, Omnix AI Advisor accelerates enterprises’ transition to a proactive security posture by turning real-time credential risk data, such as dark web exposure and phishing logs, into contextual, actionable intelligence. Security teams are inundated with data, making it difficult to know what matters most. Omnix AI Advisor correlates multiple data … More → The post Omnix AI Advisor brings real-time credential threat insights to enterprise security teams appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbdp

Betterleaks: Open-source secrets scanner

Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that project has now released a new tool called Betterleaks, which is designed to scan git repositories, directories, and standard input for leaked credentials, API keys, tokens, and passwords. Zach Rice, who wrote the original Gitleaks code approximately eight years ago and now serves as Head of Secrets Scanning … More → The post Betterleaks: Open-source secrets scanner appeared first on Help Net Security.
http://news.poseidon-us.com/TRZbdR

AI got it wrong with high confidence. Now what?

In this Help Net Security interview, Christian Debes, Head of Data Analytics & AI at SPRYFOX, talks about the growing gap between what AI models do and what their operators can explain. He argues this gap is already a liability, particularly when decisions affect people or money and no one can say why a model produced a certain output. Debes walks through how responsible teams approach confident wrong answers, why procurement leaders bear accountability when … More → The post AI got it wrong with high confidence. Now what? appeared first on Help Net Security.
http://news.poseidon-us.com/TRZWLk

Elite members of North Korean society fake their way into Western paychecks

Increased federal activity, including indictments over the past year, has drawn attention to a pattern that has been unfolding inside corporate hiring pipelines. North Korean nationals are securing roles as remote IT contractors and full-time staff within organizations across North America and Western Europe, using standard hiring channels to get in. Research by IBM X-Force and Flare outlines how these workers operate within a broader state-backed system tied to revenue generation and access to corporate … More → The post Elite members of North Korean society fake their way into Western paychecks appeared first on Help Net Security.
http://news.poseidon-us.com/TRZWLj

Your APIs are under siege, and attackers are just getting warmed up

Internet-facing systems are handling sustained levels of malicious traffic across APIs, web applications, and DDoS channels. Akamai’s State of the Internet security report places these patterns within the same operating environment, with activity increasing across each area through 2025. The number of web attacks against apps and APIs continued an upward trajectory from January 2024 to December 2025, demonstrating their prevalence as a major threat to organizations (Source: Akamai) API activity centers on how applications … More → The post Your APIs are under siege, and attackers are just getting warmed up appeared first on Help Net Security.
http://news.poseidon-us.com/TRZWKn

Interesting Message Stored in Cowrie Logs, (Wed, Mar 18th)

This activity was found and reported by BACS student Adam Thorman as part of one of his assignments which I posted his final paper [1] last week. This activity appeared to only have occurred on the 19 Feb 2026 where at least 2 sensors detected on the same day by DShield sensor in the cowrie logs an echo command that included: “MAGIC_PAYLOAD_KILLER_HERE_OR_LEAVE_EMPTY_iranbot_was_here”. My DShield sensor captured activity from source IP 64.89.161.198 between 30 Jan – 22 Feb 2026 that included portscans, a successful login via Telnet (TCP/23) and web access that included all the activity listed below captured by the DShield sensor (cowrie, webhoneypot & iptables logs).
http://news.poseidon-us.com/TRZMkm

Exec pay restrictions swaying defense sector outlook—despite still-unclear impact

“The overall decline in market participants over time will have a deleterious effect on competition and pricing,” and on the supply chain too, Paul Murphy said.
http://news.poseidon-us.com/TRZML2