Author Archives: Poseidon

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day and n-day vulnerabilities in MOVEit Transfer, Cleo, Citrix ShareFile, and other enterprise-grade file transfer and sharing solutions. Attackers have been known to exploit previous CrushFTP vulnerabilities, but there is currently no evidence … More → The post CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) appeared first on Help Net Security.
http://news.poseidon-us.com/TJnL4Q

Smart insoles that could change the game for sports and health

Scientists have created a smart insoles prototype that can accurately measure the body’s interaction with the ground, which has the potential to help athletes avoid injuries, or even assist doctors in monitoring recovery.
http://news.poseidon-us.com/TJnHQx

Kyndryl fires up Google Cloud analytics, AI to drive mainframe modernization

The partnership will help enterprises translate COBOL code to Java and migrate on-prem applications to cloud environments.
http://news.poseidon-us.com/TJnHCq

runZero’s expanded platform offers new approach to detecting and prioritizing risk

runZero releases new product capabilities, welcomes executive leadership with deep industry expertise, and gains channel momentum. runZero’s expanded platform offers a new approach to effectively manage the risk lifecycle, enabling security teams to find, prioritize, and remediate broad classes of exposures across internal and external attack surfaces, including those that evade traditional vulnerability and external attack surface management solutions. “Our industry needs a paradigm shift if we’re going to successfully secure today’s complex attack surfaces. … More → The post runZero’s expanded platform offers new approach to detecting and prioritizing risk appeared first on Help Net Security.
http://news.poseidon-us.com/TJn7cV

GetReal Security platform combats AI-fueled attacks

GetReal Security launched unified platform to help enterprises, government agencies and media organizations manage risk and mitigate threats from the growing presence of AI-fueled attacks. The platform brings together GetReal’s products and service offerings into a unified digital experience for users, providing the infrastructure to accommodate all modalities (image, audio and video) for both files and real-time digital communication streams. “The threat of deepfakes and manipulated media is more than one expert can handle alone. … More → The post GetReal Security platform combats AI-fueled attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TJn7bv

The hidden costs of security tool bloat and how to fix it

In this Help Net Security interview, Shane Buckley, President and CEO at Gigamon, discusses why combating tool bloat is a top priority for CISOs as they face tighter budgets and expanding security stacks. Buckley shares insights on how deep observability can streamline security operations, optimize costs, and strengthen a defense-in-depth strategy. Many CISOs are under pressure to reduce security budgets while maintaining strong defenses. Why should combating tool bloat be a top priority this year? … More → The post The hidden costs of security tool bloat and how to fix it appeared first on Help Net Security.
http://news.poseidon-us.com/TJmzNG

Cyber insurance isn’t always what it seems

Many companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than expected. CISOs must understand the risks before an attack happens. Misconceptions about cyber insurance Myth: Insurance will cover all costs after a breach. Reality: Policies often exclude key expenses. Some won’t cover ransomware payments. Others limit payouts for business downtime. Myth: If we meet security standards, our claim … More → The post Cyber insurance isn’t always what it seems appeared first on Help Net Security.
http://news.poseidon-us.com/TJmxj0

Hottest cybersecurity open-source tools of the month: March 2025

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Fix Inventory: Open-source cloud asset inventory tool Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. Commix: Open-source OS command injection exploitation … More → The post Hottest cybersecurity open-source tools of the month: March 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TJmxhP

ETSI releases security standard for the quantum future

ETSI launched post-quantum security standard to guarantee the protection of critical data and communications in the future. The specification “Efficient Quantum-Safe Hybrid Key Exchanges with Hidden Access Policies” (ETSI TS 104 015) has been developed to enhance security mechanisms, ensuring that only authorized users with the correct permissions can access sensitive data to decrypt them. The new ETSI specification defines a scheme for Key Encapsulation Mechanisms (KEMs) with Access Control (KEMAC), called Covercrypt, that ensure … More → The post ETSI releases security standard for the quantum future appeared first on Help Net Security.
http://news.poseidon-us.com/TJmxh4

ISC Stormcast For Thursday, March 27th, 2025 https://isc.sans.edu/podcastdetail/9382, (Thu, Mar 27th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TJmt5C