433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations

Google and its Mandiant threat intelligence unit have released AuraInspector, an open-source tool aimed at auditing data access paths in Salesforce Experience Cloud applications. The tool focuses on the Aura framework, which underpins many Salesforce user interfaces and plays a central role in how data is retrieved and displayed. Focus on Aura endpoints in Experience Cloud AuraInspector is designed to examine how Salesforce Aura endpoints expose data through standard application functions. Experience Cloud sites rely … More → The post AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations appeared first on Help Net Security.
http://news.poseidon-us.com/TQKF77

Noction adds automatic anomaly detection to IRP v4.3 for faster DDoS mitigation

Noction has released Noction Intelligent Routing Platform (IRP) v4.3, delivering new capabilities in automated DDoS detection, routing safety, and operational control for modern IP networks. A key highlight of IRP v4.3 is the introduction of Automatic Anomaly Detection (AAD), a new capability designed to identify abnormal traffic behavior and mitigate threats directly at the network edge. AAD continuously analyzes traffic patterns to detect deviations that may indicate attacks such as SSH floods, HTTP(S) floods, DNS … More → The post Noction adds automatic anomaly detection to IRP v4.3 for faster DDoS mitigation appeared first on Help Net Security.
http://news.poseidon-us.com/TQKF75

Browser-in-the-Browser phishing is on the rise: Here’s how to spot it

Browser-in-the-Browser (BitB) phishing attacks are on the rise, with attackers reviving and refining the technique to bypass user skepticism and traditional security controls. BitB phishing: Dangerous and effective For BitB phishing, attackers create a pop-up window inside a real web page (browser) by using HTML, CSS, and JavaScript. The goal is to trick users into entering login credentials by making them believe they are on a legitimate login page. The technique is being used to … More → The post Browser-in-the-Browser phishing is on the rise: Here’s how to spot it appeared first on Help Net Security.
http://news.poseidon-us.com/TQKF74

Minimal Ubuntu Pro expands Canonical’s cloud security offerings

Canonical has released Minimal Ubuntu Pro images for use on public cloud platforms, aiming to give teams a smaller base image with a narrower software footprint. The solution is designed for organizations that want tighter control over what runs inside production cloud workloads. The image starts with a limited set of packages required to boot, connect, and support common cloud use cases. What Minimal Ubuntu Pro includes Minimal Ubuntu Pro is based on Ubuntu Pro, … More → The post Minimal Ubuntu Pro expands Canonical’s cloud security offerings appeared first on Help Net Security.
http://news.poseidon-us.com/TQKF6S

AI EdgeLabs launches Compliance Center and Linux Audit for NIS2 and CRA readiness

AI EdgeLabs announced the launch of Compliance Center and Linux Audit. Purpose-built for organizations facing NIS2, CRA, and global critical-infrastructure mandates, the new capabilities replace manual reporting and scan-based compliance with continuous visibility, automated control coverage, and real-time posture insights. Key capabilities include: A single Risk Score representing their current posture Real-time compliance visibility for CRA and NIS2 Prioritized assets based on impact and criticality Extended support for firmware, custom OS, and RTOS Linux audit … More → The post AI EdgeLabs launches Compliance Center and Linux Audit for NIS2 and CRA readiness appeared first on Help Net Security.
http://news.poseidon-us.com/TQK3qX

Parrot OS shares its 2026 plans for security tools and platform support

Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and privacy-focused research. The operating system bundles security tools, development utilities, and privacy features into a maintained platform used in labs, training environments, and day-to-day testing workflows. Current focus areas for the platform Parrot OS development continues to center on maintaining the core operating system and keeping bundled tools aligned with upstream projects. … More → The post Parrot OS shares its 2026 plans for security tools and platform support appeared first on Help Net Security.
http://news.poseidon-us.com/TQK1n2

Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains

Security teams are dealing with pressures tied to AI use, geopolitical instability, and expanding cybercrime that reach beyond technical controls, according to findings from the World Economic Forum’s Global Cybersecurity Outlook 2026. AI drives risk growth and defensive change Respondents view AI as accelerating change on both the defensive and offensive sides of cybersecurity. New AI driven tools help security teams process alerts, detect phishing, and respond to incidents faster. AI adoption also introduces weaknesses … More → The post Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains appeared first on Help Net Security.
http://news.poseidon-us.com/TQK1mT

Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience

In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and conflicts. He explains how it influences cybersecurity priorities, from encryption and abuse prevention to incident response and user protection. Shnell also outlines how Viber assesses and mitigates risks that blend technical threats with human behavior. Messaging platforms increasingly function as de facto critical infrastructure during crises and conflicts. How does … More → The post Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience appeared first on Help Net Security.
http://news.poseidon-us.com/TQJwn2

Teaching cybersecurity by letting students break things

Cybersecurity students show higher engagement when the work feels tangible. A new study from Airbus Cybersecurity and Dauphine University describes what happens when courses move beyond lectures and place students inside structured hacking scenarios, social engineering exercises, and competitive games. From theory fatigue to hands on pressure Cybersecurity courses often emphasize tools, frameworks, and technical controls. The study highlights that common incidents still involve human behavior. Phishing emails, weak password practices, policy shortcuts, and misplaced … More → The post Teaching cybersecurity by letting students break things appeared first on Help Net Security.
http://news.poseidon-us.com/TQJwf0