Blog

Leap in modelling human impact on climate may lead to early warning of climate disasters

Mathematicians have applied statistical mechanics to climate change detection and attribution for first time. They have shown how to separate the ‘signal’ of human-made climate change from the ‘noise’ of natural climate fluctuations. This allows for a dramatic improvement in the ability to detect climate change and early warnings of climatic tipping points.
http://news.poseidon-us.com/TGk6Fl

A connection between quantum theory and information theory

With the help of a new experiment, researchers have succeeded in confirming a ten-year-old theoretical study, which connects one of the most fundamental aspects of quantum mechanics — the complementarity principle — with information theory. Their study provides a piece of the puzzle for understanding future quantum communication, metrology, and cryptography.
http://news.poseidon-us.com/TGk6Cz

BadRAM: $10 hack unlocks AMD encrypted memory

Cybersecurity researchers have identified a vulnerability (CVE-2024-21944, aka BadRAM) affecting ADM processors that can be triggered by rogue memory modules to unlock the chips’ encrypted memory. The SPD chip can be modified using an off-the-shelf microcontroller. The researchers used a Raspberry Pi Pico, for a cost of around $10 “We found that tampering with the embedded SPD chip on commercial DRAM modules allows attackers to bypass AMD’s Secure Encrypted Virtualization (SEV) protections — including AMD’s … More → The post BadRAM: $10 hack unlocks AMD encrypted memory appeared first on Help Net Security.
http://news.poseidon-us.com/TGk3hL

​​6 enterprise technology predictions to watch in 2025

Executives and analysts expect businesses to reassess their AI priorities next year, grappling with vendor and workforce shifts along the way.
http://news.poseidon-us.com/TGk2YP

House, Senate Democrats urge Biden to bump civilian federal pay raise up to 4.5%

Lawmakers called for a 4.5% federal pay raise to align with the military’s expected 2025 raise. Currently, civilian feds are likely to get a 2% raise next year. The post House, Senate Democrats urge Biden to bump civilian federal pay raise up to 4.5% first appeared on Federal News Network.
http://news.poseidon-us.com/TGk1R7

Picus provides automated pentesting testing to help uncover critical risks

Picus Security announced new innovations to its Attack Path Validation (APV) product. The new Picus APV now offers security teams accurate, risk-free, and continuous automated penetration testing to uncover critical risks, while significantly reducing business disruptions and time spent on threat research. Combined with its Breach and Attack Simulation technology, Picus provides a comprehensive approach to Adversarial Exposure Validation for enterprise organizations. By pairing evasive automated penetration testing alongside attack path-mapping capabilities, Picus allows users … More → The post Picus provides automated pentesting testing to help uncover critical risks appeared first on Help Net Security.
http://news.poseidon-us.com/TGjxbX

Cato Networks extends SASE-based protection to IoT/OT environments

With the introduction of Cato IoT/OT Security, Cato Networks is enabling enterprises to simplify the management and security of Internet of Things (IoT) and operational technology (OT) devices. Cato IoT/OT Security converges device discovery and classification, policy enforcement, and threat prevention in a SASE platform. Cato IoT/OT Security is a native feature in the Cato SASE Cloud Platform, which allows enterprises to instantly activate the new solution with a click of a button. There is … More → The post Cato Networks extends SASE-based protection to IoT/OT environments appeared first on Help Net Security.
http://news.poseidon-us.com/TGjxYQ

Trellix Drive Encryption enhances security against insider attacks

Trellix announced Trellix Drive Encryption upgrades for on-premises and SaaS management. Customers benefit from the flexibility needed for encryption protection deployment to safeguard their data and devices from unauthorized access. “The majority of lost and stolen assets reported this past year resulted in a data disclosure, making it essential for organizations to have strong drive encryption implementation,” said Gareth Maclachlan, CPO, Trellix. “Trellix continuously innovates our encryption offerings to provide protection against data leaks and … More → The post Trellix Drive Encryption enhances security against insider attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TGjsZW

CyTwist’s detection engine combats AI-generated malware

CyTwist launches its patented detection engine to combat the insidious rise of AI-generated malware. Enhancing an organization’s existing security stack, CyTwist’s solution profiles threat actors using field-proven counterintelligence methodologies and hyper-targeted probability algorithms, resulting in detection of a suspected attack within minutes. Validated by a red team live attack simulation with a prominent telecoms provider, mirrored on the September 2024 attack against French government agencies and private companies, CyTwist’s platform’s results are unambiguous – successfully … More → The post CyTwist’s detection engine combats AI-generated malware appeared first on Help Net Security.
http://news.poseidon-us.com/TGjsZB

Open source malware up 200% since 2023

Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers examined how threat actors leverage malicious open-source packages to target developers, particularly as enterprises increasingly adopt open-source tools to build custom AI models. Source: Sonatype Open source malware thrives in ecosystems with low entry barriers, no author verification, high usage, and diverse users. Platforms like npm and PyPI, which handle … More → The post Open source malware up 200% since 2023 appeared first on Help Net Security.
http://news.poseidon-us.com/TGjlRp