Category Archives: Uncategorized

LockBit panel data leak shows Chinese orgs among the most targeted

The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate panel has revealed. From that sum, the operators took their 20% cut (approximately USD 456,000), and they additionally “earned” some $10,000-$11,000 USD from affiliates that registered through the panel. “What this leak truly shows is the complex and ultimately less glamorous reality of their illicit ransomware activities. While … More → The post LockBit panel data leak shows Chinese orgs among the most targeted appeared first on Help Net Security.
http://news.poseidon-us.com/TLK2mx

Tamnoon helps organizations reduce cloud security exposures

Tamnoon launched Managed CDR (Cloud Detection and Response), a managed service designed to validate, contextualize, and respond to cloud security alerts. Built on AWS and launching with Wiz Defend, Amazon GuardDuty, CrowdStrike Falcon, and Orca Security, with more coming soon, the cloud security agnostic service is already integrating with existing CNAPP offerings’ runtime detection functionality. As part of the launch, the company also introduced Tami, a context-aware, scalable, and efficient AI-powered agent capability for Managed … More → The post Tamnoon helps organizations reduce cloud security exposures appeared first on Help Net Security.
http://news.poseidon-us.com/TLK2md

Identifying high-risk APIs across thousands of code repositories

In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy tools fall short, and how StackHawk identifies risky APIs and sensitive data directly from code before anything is deployed. API visibility is often cited as a major blind spot for security teams. Why do you think so many organizations still struggle to identify their full API attack surface, and how … More → The post Identifying high-risk APIs across thousands of code repositories appeared first on Help Net Security.
http://news.poseidon-us.com/TLK2gw

Predator Still Active, with New Client and Corporate Links Identified

Despite sanctions and global scrutiny, Predator spyware operations persist. Insikt Group reveals new infrastructure links in Mozambique, Africa, and Europe, highlighting ongoing threats to civil society and political targets.
http://news.poseidon-us.com/TLK1Rw

Automated Tools to Assist with DShield Honeypot Investigations [Guest Diary], (Wed, Jun 11th)

[This is a Guest Diary by William Constantino, an ISC intern as part of the SANS.edu BACS program]
http://news.poseidon-us.com/TLK0LD

Lemony mitigates privacy and compliance risks associated with cloud-based AI

Lemony announced its on-premise artificial intelligence solution that is redefining how organizations deploy generative AI. Lemony’s secure, hardware-based node offers enterprise-grade ‘AI in a Box,’ empowering companies to run advanced, end-to-end AI workflows privately, instantly, and without cloud dependence. Lemony’s AI nodes are stackable and scalable, creating small, modular AI compute clusters that support seamless expansion across users. Lemony can host the entire technology stack, from foundation models to lightweight, use-case specific adapters and specialized … More → The post Lemony mitigates privacy and compliance risks associated with cloud-based AI appeared first on Help Net Security.
http://news.poseidon-us.com/TLJdgT

Nudge Security’s browser extension monitors real-time SaaS and GenAI activity

Nudge Security announced today a new browser extension for its SaaS and AI security governance solution that detects identity risks and guides employees toward safe, compliant SaaS and AI use in real time. Modern work happens at theWorkforce Edge, where employees make daily, independent decisions about what SaaS and generative AI apps to adopt, what data to share, and who and what gets access—outside the bounds of traditional IT security perimeters and controls. Since 2022, … More → The post Nudge Security’s browser extension monitors real-time SaaS and GenAI activity appeared first on Help Net Security.
http://news.poseidon-us.com/TLJdft

Cybercriminals are turning stolen data into a thriving black market

Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now a core currency in the underground economy. Data is the product Cybercriminals go after everything from login credentials to credit card numbers, medical records, and social media accounts. The data criminals collect helps them access accounts, impersonate users, or sell that access to others. Europol stresses that access to an … More → The post Cybercriminals are turning stolen data into a thriving black market appeared first on Help Net Security.
http://news.poseidon-us.com/TLJdfh

Want fewer security fires to fight? Start with threat modeling

CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible efforts like new tools or headline-driven response plans. The problem isn’t the practice. It’s the framing. To win support, CISOs need to show how threat modeling connects to bottom-line outcomes: fewer vulnerabilities, faster incident response, and … More → The post Want fewer security fires to fight? Start with threat modeling appeared first on Help Net Security.
http://news.poseidon-us.com/TLJZBB

Build a mobile hacking rig with a Pixel and Kali NetHunter

A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter C-deck, and it packs serious functionality into a small, 3D-printed shell. NetHunter C-deck v2.1.0 The phone runs Kali NetHunter using a custom kernel, Magisk, and TWRP. Once set up, it acts like a mobile Linux box, ready for wireless attacks, network scans, or field diagnostics. What it offers: Portable power: … More → The post Build a mobile hacking rig with a Pixel and Kali NetHunter appeared first on Help Net Security.
http://news.poseidon-us.com/TLJZB6