Blog

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version to address the vulnerability,” the company said on Wednesday. About CVE-2025-23006 SonicWall Secure Mobile Access (SMA) is a unified secure access gateway used by organizations to provide employees access to applications from anywhere. The SMA 1000 series of appliances is aimed … More → The post SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) appeared first on Help Net Security.
http://news.poseidon-us.com/THX4wQ

DigitalOcean Per-Bucket Access Keys boosts object storage security

DigitalOcean announced Per-Bucket Access Keys for DigitalOcean Spaces, its S3-compatible object storage service. This feature provides customers with identity-based, bucket-level control over access permissions, helping to enhance their data security and simplifying management. Prior to the introduction of Per-Bucket Access Keys, many customers chose to limit the types of applications they ran on DigitalOcean infrastructure to those without object storage requirements or with minimal access management requirements in order to better control access to their … More → The post DigitalOcean Per-Bucket Access Keys boosts object storage security appeared first on Help Net Security.
http://news.poseidon-us.com/THX1Wt

Bitsight Instant Insights accelerates vendor risk assessments

Bitsight unveiled Instant Insights, a new offering from the Bitsight IQ suite of AI-based capabilities. The new feature leverages generative AI to analyze and summarize security questionnaires and reports, allowing security and compliance teams to make faster, more informed risk decisions. Security and risk management teams are constantly challenged to onboard new vendors, renew existing partnerships, and address backlogs of assessments—all while dealing with limited resources. Instant Insights, part of Bitsight IQ, delivers critical information … More → The post Bitsight Instant Insights accelerates vendor risk assessments appeared first on Help Net Security.
http://news.poseidon-us.com/THX1WG

Defense strategies to counter escalating hybrid attacks

In this Help Net Security interview, Tomer Shloman, Sr. Security Researcher at Trellix, talks about attack attribution, outlines solutions for recognizing hybrid threats, and offers advice on how organizations can protect themselves against hybrid attacks. What are the most promising technologies or methodologies for distinguishing between false flags and authentic attribution markers in cyberattacks? Can behavioral analysis contribute to identifying an attacker’s motives when both nation-states and cybercriminals use overlapping tactics? Distinguishing false flags from … More → The post Defense strategies to counter escalating hybrid attacks appeared first on Help Net Security.
http://news.poseidon-us.com/THWtLF

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features a built-in crawler to discover additional URLs for testing. The tool is designed to adapt to specific web caches for enhanced testing efficiency, is customizable, and integrates into existing CI/CD pipelines. Features Analyzing a web cache before testing … More → The post Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning appeared first on Help Net Security.
http://news.poseidon-us.com/THWtK8

Samsung unveils AI smartphones with Qualcomm chips

Aims to fend off Apple and Chinese rivals.
http://news.poseidon-us.com/THWsDC

CISOs are juggling security, responsibility, and burnout

This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk management, and developing strategies to enhance their organization’s cybersecurity posture. CISOs don’t invest enough in code security 72% of security leaders agree that the age of AI necessitates a complete reset of how organizations approach application security, according to Cycode. This urgency is reinforced by the fact that 93 billion lines of … More → The post CISOs are juggling security, responsibility, and burnout appeared first on Help Net Security.
http://news.poseidon-us.com/THWrBW

Funding soars in a milestone year for Israeli cybersecurity

In this Help Net Security video, Or Salom, Analyst at YL Ventures, discusses the State of the Cyber Nation Report 2024. The report reveals resilience and growth in the Israeli cybersecurity industry, with total investments reaching $4 billion across 89 funding rounds—more than double the $1.89 billion raised in 2023. Key highlights: Record-breaking seed activity: 50 seed rounds in 2024 with total seed funding reaching $400M, demonstrating sustained confidence in early-stage Israeli cybersecurity innovation. Explosive … More → The post Funding soars in a milestone year for Israeli cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/THWrB4

Coles’ people and culture GM moves on

Supported retailer’s delivery of SAP SuccessFactors-based HR platform.
http://news.poseidon-us.com/THWmHh

Australian Unity is ramping up an enterprise automation drive

Underpinned by Appian technology.
http://news.poseidon-us.com/THWmHP