Telstra emergency call ops did not spot Optus triple zero outage
Knew nothing until the next day.http://news.poseidon-us.com/TPTVy0
http://news.poseidon-us.com/TPTVy0
http://news.poseidon-us.com/TPTVy0
New “HashJack” attack can hijack AI browsers and assistants
Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or disinformation (e.g., incorrect medicine dosage guidance or investment advice), send sensitive data to the attacker, or push users to perform risky actions. They call the technique HashJack, because it relies on malicious instructions being hidden in the #fragment of a URL that points to a legitimate (and otherwise innocuous) … More → The post New “HashJack” attack can hijack AI browsers and assistants appeared first on Help Net Security.http://news.poseidon-us.com/TPTLrs
Fear of AI-driven job displacement nearly doubles in a year: KPMG
The finding comes as two U.S. senators are pushing legislation that would require some AI-related layoffs to be reported to the Labor Department.http://news.poseidon-us.com/TPTJ1f
Final NCCoE IoT Secure Onboarding Publications Now Available!
http://news.poseidon-us.com/TPTCKq
Vectra AI unifies threat visibility across Microsoft environments
Vectra AI announced Vectra AI Shield for Microsoft, a purpose-built solution that enables channel partners and MSSPs to deliver unified visibility and control across Microsoft Entra ID, Microsoft 365, Copilot for M365, and Azure Cloud in a single AI-powered platform. Closing the Microsoft visibility gap While Microsoft’s native tools provide broad coverage, many organizations — and the partners that protect them — still face blind spots across hybrid and identity-based attacks. Fragmented products, inconsistent alerts, … More → The post Vectra AI unifies threat visibility across Microsoft environments appeared first on Help Net Security.http://news.poseidon-us.com/TPT74K
Ostorlab brings automated, proof-backed mobile app security testing
Ostorlab introduced the AI Pentesting Engine for Mobile Applications, bringing automated, AI‑driven penetration testing to mobile security. The new engine helps security teams and developers uncover, validate, and safely exploit vulnerabilities that tools miss or bury in noise, so they can prioritize fixes with confidence. Behind the scenes, the AI engine learns complex app behaviors, navigates authentication and session constraints, and confirms exploitability with proof‑of‑concept evidence. The result is a concise, verified list of issues … More → The post Ostorlab brings automated, proof-backed mobile app security testing appeared first on Help Net Security.http://news.poseidon-us.com/TPT746
Heineken CISO champions a new risk mindset to unlock innovation
In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical overseers. She shares how connecting security to business impact can shift perceptions and strengthen partnerships across the company. Marceta focuses on the value of a security culture that supports innovation while keeping risk in check. What mindset shifts are essential for CISOs who want to be seen as strategic … More → The post Heineken CISO champions a new risk mindset to unlock innovation appeared first on Help Net Security.http://news.poseidon-us.com/TPT441
Small language models step into the fight against phishing sites
Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan raw HTML to catch these threats. The work reviews a range of model sizes and tests how they handle detection tasks while keeping compute demands in check. Although LLM-based website phishing detection is still a relatively new area, it is gaining momentum. Several studies have already reported … More → The post Small language models step into the fight against phishing sites appeared first on Help Net Security.http://news.poseidon-us.com/TPT2q2
Black Friday 2025 for InfoSec: How to spot real value and avoid the noise
Your inbox is probably drowning in Black Friday emails right now. Another “limited time offer” that’ll reappear next month, countdown timer creating artificial urgency. You’re right to be skeptical — most of it is noise. But buried beneath the marketing chaos, Black Friday can represent genuine opportunities to save significantly. The cybersecurity industry projects 4.8 million open positions globally in 2025, according to ISC2, with the market expected to reach $377 billion by 2028. Yet … More → The post Black Friday 2025 for InfoSec: How to spot real value and avoid the noise appeared first on Help Net Security.http://news.poseidon-us.com/TPT2p3
DeepTeam: Open-source LLM red teaming framework
Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an open-source framework built to probe these systems before they reach users, and it takes a direct approach to exposing weaknesses. The tool runs on a local machine and uses language models to simulate attacks as well as evaluate the results. It applies techniques drawn from recent … More → The post DeepTeam: Open-source LLM red teaming framework appeared first on Help Net Security.http://news.poseidon-us.com/TPT1CK