433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Brakeman: Open-source vulnerability scanner for Ruby on Rails applications

Brakeman is an open-source security scanner used by teams that build applications with Ruby on Rails. The tool focuses on application code and configuration, giving developers and security teams a way to identify common classes of web application risk during development and testing. Brakeman analyzes application source code directly, including controllers, models, views, and templates. The scanner builds an internal representation of how data moves through the application, which allows it to flag patterns associated … More → The post Brakeman: Open-source vulnerability scanner for Ruby on Rails applications appeared first on Help Net Security.
http://news.poseidon-us.com/TQYtBk

AWS releases updated PCI PIN compliance report for payment cryptography

Amazon Web Services has published an updated Payment Card Industry Personal Identification Number (PCI PIN) compliance package for its AWS Payment Cryptography service, confirming a recent third-party audit of the platform. The report package is now accessible through AWS’s compliance portal. Two PCI PIN compliance reports included The update includes two primary deliverables. The first is a PCI PIN Attestation of Compliance (AOC) showing that a Qualified Security Assessor (QSA) validated AWS Payment Cryptography against … More → The post AWS releases updated PCI PIN compliance report for payment cryptography appeared first on Help Net Security.
http://news.poseidon-us.com/TQYrLX

Researchers tested AI against 100,000 humans on creativity

A massive new study comparing more than 100,000 people with today’s most advanced AI systems delivers a surprising result: generative AI can now beat the average human on certain creativity tests. Models like GPT-4 showed strong performance on tasks designed to measure original thinking and idea generation, sometimes outperforming typical human responses. But there’s a clear ceiling. The most creative humans — especially the top 10% — still leave AI well behind, particularly on richer creative work like poetry and storytelling.
http://news.poseidon-us.com/TQYPw1

Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: AI Strategy and Security AI Strategy and Security is a guide for organizations planning enterprise AI programs. The book targets technology leaders, security professionals, and executives responsible for strategy, governance, and operational execution. It treats AI adoption as an organizational discipline that spans planning, staffing, security engineering, risk management, and ongoing operations. More employees get AI tools, fewer rely … More → The post Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw appeared first on Help Net Security.
http://news.poseidon-us.com/TQYDLs

Okta users under attack: Modern phishing kits are turbocharging vishing attacks

Threat actors who specialize in vishing (i.e., voice phishing) have started using phishing kits that can intercept targets’ login credentials while also allowing attackers to control the authentication flow in a targeted user’s browser in real-time. At least two custom-made phishing kits are currently used by a number of threat actors that go after credentials and authentication factors to gain access to corporate systems and assets. “These custom kits are made available on an as-a-service … More → The post Okta users under attack: Modern phishing kits are turbocharging vishing attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TQWgMd

1Password targets AI-driven phishing with built-in prevention

To help reduce phishing risk, 1Password added an extra layer of protection and began rolling out a phishing prevention feature designed to stop users before they share passwords with scammers. How 1Password phishing prevention works When a user clicks a link whose URL doesn’t match a saved login, 1Password will not autofill their credentials. To avoid confusion, the product displays a warning message that prompts users to pause and reconsider before proceeding. Source: 1Password For … More → The post 1Password targets AI-driven phishing with built-in prevention appeared first on Help Net Security.
http://news.poseidon-us.com/TQWXtD

Raspberry Pi now offers a branded USB flash drive, starts at $30

Raspberry Pi has launched a USB flash drive optimized for use across its lineup of single-board computers. The drive is offered in two capacities, with the 128GB model priced at $30 and the 256GB version at $55. The Raspberry Pi Flash Drive is a compact, high-capacity USB 3.0 Type-A device with an aluminum enclosure designed for durability and easy handling. “It can sustain a write speed of 75MB/s (128GB variant) or 150MB/s (256GB variant), and … More → The post Raspberry Pi now offers a branded USB flash drive, starts at $30 appeared first on Help Net Security.
http://news.poseidon-us.com/TQWRmr