Category Archives: Uncategorized

37% of third-party applications have high-risk permissions

Email attacks have increased in both sophistication and volume since the start of the year, according to Abnormal Security. Examining data since 2013, Abnormal identified a massive increase in third-party applications (apps) integrated with email, underscoring the proliferation of an emerging threat vector that cybercriminals are exploiting as they continue to shift their tactics. Third-party applications risk The number of integrated third-party apps continued to rise in the first half of 2023 (between January and … More → The post 37% of third-party applications have high-risk permissions appeared first on Help Net Security.
http://news.poseidon-us.com/StRXWx

GSA’s commercial platforms gaining steam, but data, other concerns persist

New data from GAO found 27 agencies spent more than $40 million through the Commercial Platforms, with 96% going to one of the three providers.
http://news.poseidon-us.com/StR8yL

Maverick* Research: You Will Be Hacked, So Embrace the Breach

Cybersecurity breaches are inevitable. Instead of striving to prevent breaches, focus on resilience and embrace hacks as incidents to learn from.
http://news.poseidon-us.com/StR7G8

Strategic Framework for Ransomware Resilience

In 2022 only 16% of organizations who suffered a ransomware attack were able to recover without paying a ransom. Since it’s not possible to prevent every cyberattack, organizations need to make recovery a priority. This paper outlines the critical capabilities needed to prepare for and recover from a ransomware attack, reducing downtime and minimizing the possibility of data loss.
http://news.poseidon-us.com/StR7Bc

Downfall attacks can gather passwords, encryption keys from Intel processors

A variety of Intel Core processors and the devices using them are vulnerable to “Downfall”, a new class of attacks made possible by CVE-2022-40982, which enables attackers to access and steal sensitive data such as passwords, encryption keys, and private data from other users on the same personal or cloud computer. CVE-2022-40982 and the Downfall attacks “[CVE-2022-40982] is caused by memory optimization features in Intel processors that unintentionally reveal internal hardware registers to software. This … More → The post Downfall attacks can gather passwords, encryption keys from Intel processors appeared first on Help Net Security.
http://news.poseidon-us.com/StPjcj

SandboxAQ launches open-source meta-library of cryptographic algorithms

SandboxAQ launched Sandwich, an open-source framework that simplifies modern cryptography management and enables developers to steer their organizations towards cryptographic agility. With a unified API, Sandwich empowers developers to embed the cryptographic algorithms of their choice directly into their applications and change them as technologies and threats evolve – without rewriting code. It also gives developers greater observability and control over their cryptography for improved cybersecurity. Sandwich is open source for embedding cryptography into internal … More → The post SandboxAQ launches open-source meta-library of cryptographic algorithms appeared first on Help Net Security.
http://news.poseidon-us.com/StNxMv

House bill aims to reduce effects of pay compression for senior-level feds

Although the new bill from Del. Eleanor Holmes Norton (D-DC) would not entirely solve pay compression, the Senior Executives Association said “any action is better than no action.”
http://news.poseidon-us.com/StNWDr

Zoom emphasizes customer consent as critics question AI service terms

Concerns stem from what Zoom says it will do with customer and service-generated data and what its policy language allows. 
http://news.poseidon-us.com/StNVR7

Adecco Group taps PepsiCo exec to lead IT operations

The second-largest global HR services provider welcomed Caroline Basyn to its executive committee as it pushes AI-enabled digital products across its portfolio.
http://news.poseidon-us.com/StNVPW

JLL rolls out proprietary generative AI model to internal employees

In the first 48 hours following deployment at the commercial real estate and investment management company, more than 11,000 employees used the large language model.
http://news.poseidon-us.com/StLztV