433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Static Analysis of GUID Encoded Shellcode, (Mon, Mar 17th)

I wanted to figure out how to statically decode the GUID encoded shellcode Xavier wrote about in his diary entry “Shellcode Encoded in UUIDs”.
http://news.poseidon-us.com/TJZCZp

Pay, fight, or stall? The dilemma of ransomware negotiations

Ransomware negotiations are a high-stakes game where every decision matters. In this Help Net Security video, Kurtis Minder, CEO at GroupSense, takes us inside the world of ransomware negotiations. We learn how attackers communicate, the tough decisions victims face, and the mistakes that can make or break a response. He breaks down the key factors in deciding whether to engage with hackers, the legal and ethical considerations, and why preparation is everything. Learn why logging … More → The post Pay, fight, or stall? The dilemma of ransomware negotiations appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6S8

Review: Cybersecurity Tabletop Exercises

Packed with real-world case studies and practical examples, Cybersecurity Tabletop Exercises offers insights into how organizations have successfully leveraged tabletop exercises to identify security gaps and enhance their incident response strategies. The authors explore a range of realistic scenarios, including phishing campaigns, ransomware attacks, and insider threats, demonstrating how these exercises can uncover vulnerabilities before an actual crisis occurs. It also highlights key lessons learned from exercises that didn’t go as planned, providing a well-rounded … More → The post Review: Cybersecurity Tabletop Exercises appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6S3

IntelMQ: Open-source tool for collecting and processing security feeds

IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs, IntelMQ has evolved into a versatile tool for all security teams. With a modular and extensible design, it supports various input, processing, and output plugins, enabling seamless integration with existing workflows. Built for full automation, … More → The post IntelMQ: Open-source tool for collecting and processing security feeds appeared first on Help Net Security.
http://news.poseidon-us.com/TJZ6Rl

ISC Stormcast For Monday, March 17th, 2025 https://isc.sans.edu/podcastdetail/9366, (Mon, Mar 17th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TJZ1Fc

Mirai Bot now incroporating (malformed?) DrayTek Vigor Router Exploits, (Sun, Mar 16th)

Last October, Forescout published a report disclosing several vulnerabilities in DrayTek routers. According to Forescount, about 700,000 devices were exposed to these vulnerabilities [1]. At the time, DrayTek released firmware updates for affected routers [2]. Forescout also noted that multiple APTs targeting devices.
http://news.poseidon-us.com/TJYtlS