433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

$400M seized, 5,500 arrested in global operation targeting cyber fraud

A coordinated international operation involving law enforcement agencies from 40 countries led to the arrest of over 5,500 individuals linked to financial crimes and the confiscation of more than $400 million in virtual assets and government-backed currencies. Officers in Nigeria making an arrest (Source: INTERPOL) Operation HAECHI V details The five-month Operation HAECHI V (July – November 2024) targeted seven types of cyber-enabled frauds: voice phishing, romance scams, online sextortion, investment fraud, illegal online gambling, … More → The post $400M seized, 5,500 arrested in global operation targeting cyber fraud appeared first on Help Net Security.
http://news.poseidon-us.com/TGX9tx

Stuck in endless cycles of deliberation on how to deal with Oracle’s new Java licensing dilemma?

Stuck in endless cycles of deliberation on how to deal with Oracle’s New Java Licensing Dilemma? Use a proven blueprint to help you navigate through the choices.
http://news.poseidon-us.com/TGX59p

Credential Guard and Kerberos delegation, (Mon, Dec 2nd)

The vast majority of red team exercises that I (and my team, of course) have been doing lately are assumed breach scenarios. In an assumed breach scenario (and we cover this in the amazing SEC565: Red Team Operations and Adversary Emulation SANS course that I also teach!) red team is usually given access as a non-privileged domain user, simulating an attacker that has someone already established the first foothold in the organization.
http://news.poseidon-us.com/TGX2rM

5 reasons to double down on network security

Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies. Today, with the rise of work-from-anywhere and bring-your-own-device (BYOD) policies as well as the ongoing shift to cloud environments, we’re seeing a shift of equal magnitude as it is becoming increasingly clear that endpoint security tools alone cannot handle the new threat landscape. Endpoint security is still an … More → The post 5 reasons to double down on network security appeared first on Help Net Security.
http://news.poseidon-us.com/TGWswh

Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges

In this Help Net Security interview, Alec Summers, Project Leader for the CVE Program at MITRE, shares his insights on the 2024 CWE top 25 most dangerous software weaknesses. He discusses the impact of the new methodology that involves the CNA community and highlights the persistent vulnerabilities that continue to make the list year after year. Summers also touches on the role of AI tools in identifying vulnerabilities and the importance of root cause mapping … More → The post Inside the 2024 CWE Top 25: Trends, surprises, and persistent challenges appeared first on Help Net Security.
http://news.poseidon-us.com/TGWsvd

Data scientists create tool to spot fake images

Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye. It can identify subtle differences in images with greater accuracy than traditional methods and has been shown to detect alternations as small as 1 pixel. Highlighting differences between distorted Lenna and reference Lenna images using SSIM and Pixelator v2 The tool is developed by York St. … More → The post Data scientists create tool to spot fake images appeared first on Help Net Security.
http://news.poseidon-us.com/TGWrQv

ISC Stormcast For Monday, December 2nd, 2024 https://isc.sans.edu/podcastdetail/9236, (Mon, Dec 2nd)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TGWlN1

Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers reveal exploitable flaws in corporate VPN clients Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute code on users’ devices. Cybercriminals used a gaming engine to create undetectable malware loader Threat actors are using an ingenious new way for covertly delivering malware … More → The post Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine appeared first on Help Net Security.
http://news.poseidon-us.com/TGW8VC