433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

PhishLumos: Exposing phishing campaigns that evade detection by hiding content

Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and authority in ways that no amount of awareness training can completely overcome. The security community has largely accepted this reality and shifted focus toward automated detection systems that can intercept and block phishing threats before users see them. But attackers have adapted here, too. Modern phishing campaigns increasingly employ cloaking techniques, serving benign content … More → The post PhishLumos: Exposing phishing campaigns that evade detection by hiding content appeared first on Help Net Security.
http://news.poseidon-us.com/TT2xcL

Modat enhances Magnify with Passive DNS for faster threat hunting and infrastructure analysis

Modat has launched native Passive DNS intelligence in Magnify, its internet intelligence platform, unifying IP, device fingerprint, certificate, and passive DNS into a single pivot-driven investigation flow. Threat intelligence, threat hunting, exposure management, fraud and Security teams have long been forced to stitch together evidence across multiple tools and datapoints. Magnify eliminates that gap, building on its clustering-based device fingerprinting and geo-native scanning to surface infrastructure that conventional internet scanners miss. Most internet intelligence platforms … More → The post Modat enhances Magnify with Passive DNS for faster threat hunting and infrastructure analysis appeared first on Help Net Security.
http://news.poseidon-us.com/TT2xcF

Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy

Microsoft is rolling out workplace check-in via Wi-Fi for Teams and Microsoft Places. Connect to your office network and your in-office presence updates automatically, no manual status change needed. Microsoft says the signal isn’t stored as location history, and that you can configure your own settings. Here’s the catch. Your employer enables the feature at the tenant level, and you only control how it’s used on your end. Privacy advocates and labor groups have already … More → The post Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy appeared first on Help Net Security.
http://news.poseidon-us.com/TT2xcD

LTM’s BlueVerse for iRun applies agentic AI to managed IT operations

LTM has announced the launch of BlueVerse for iRun, an AI-native managed services offering designed to transform IT operations into a resilient, intelligent, and outcome-driven function. As enterprise environments grow more complex, spanning hybrid cloud, SaaS, and AI-driven ecosystems, managed services models are increasingly constrained by siloed teams, static processes, and effort-led scaling. BlueVerse for iRun addresses this shift by moving beyond headcount-based delivery to a platform-led approach powered by agentic AI, knowledge convergence, and … More → The post LTM’s BlueVerse for iRun applies agentic AI to managed IT operations appeared first on Help Net Security.
http://news.poseidon-us.com/TT2xbc

Evil MSI Background: BASE64 Statistical Analysis, (Mon, Jun 15th)

I like it when a fellow handler posts a diary entry about images with malicious content. Last one is Xavier: “The Evil MSI Background is Back!”.
http://news.poseidon-us.com/TT2n4T

Onspring CISO on where automated GRC systems fall short

In this interview with Help Net Security, Nichole Windholz, CISO at Onspring, talks about the limits of automated GRC systems and continuous control monitoring. She explains why color-coded dashboards can hide nuance, how teams can check the data feeding their tools, and which risks resist measurement, such as insider behavior and vendor concentration. Continuous control monitoring tools tend to produce a green-yellow-red mosaic that flattens nuance. When a CISO walks into a board meeting with … More → The post Onspring CISO on where automated GRC systems fall short appeared first on Help Net Security.
http://news.poseidon-us.com/TT2kDy

Open-source CI/CD abuse detector guards against stolen credential attacks

CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure DevOps. The project targets a common attack chain in software supply chain compromises. Stolen developer credentials are used to push modifications to workflow files, which then harvest secrets stored in the CI environment. The detector … More → The post Open-source CI/CD abuse detector guards against stolen credential attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TT2kDt