433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950)

Moxa has fixed 5 vulnerabilities in its industrial network security appliances and routers, including a remotely exploitable flaw (CVE-2025-6950) that may result in complete system compromise. There’s no mention of these flaws being exploited in the wild, but due to their severity, the company has advised customers to apply the latest firmware updates immediately. CVE-2025-6950 et al. Moxa is a Taiwanese company that specializes in industrial communications, networking, and edge connectivity for operational technology (OT) … More → The post Hard-coded credentials found in Moxa industrial security appliances, routers (CVE-2025-6950) appeared first on Help Net Security.
http://news.poseidon-us.com/TNnN2M

China-linked Salt Typhoon hackers attempt to infiltrate European telco

Salt Typhoon, the China-linked APT group that has a penchant for targeting telecommunications companies, has been spotted trying to sneak into yet another one. The intrusion “Darktrace observed activity in a European telecommunications organisation consistent with Salt Typhoon’s known tactics, techniques and procedures (TTPs), including dynamic-link library (DLL) sideloading and abuse of legitimate software for stealth and execution,” the British cybersecurity company shared on Monday. Other attack elements indicating Salt Typhoon’s involvement include: The exploitation … More → The post China-linked Salt Typhoon hackers attempt to infiltrate European telco appeared first on Help Net Security.
http://news.poseidon-us.com/TNnDwl

Jamf adds AI forensics to help organizations detect and respond to mobile threats

Jamf announced the beta release of AI Analysis for Jamf Executive Threat Protection, a new AI-powered capability designed to accelerate and simplify mobile forensic analysis. Jamf Executive Threat Protection is a mobile forensics solution that helps organizations detect sophisticated attacks targeting high-value users such as executives, journalists, and political figures. In recent years, Apple has sent threat notifications to users in more than 150 countries about potential exposure to mercenary spyware, a growing risk for … More → The post Jamf adds AI forensics to help organizations detect and respond to mobile threats appeared first on Help Net Security.
http://news.poseidon-us.com/TNn4cZ

Army seeks to adopt multi-vendor approach for NGC2 as it refines its on- and off-ramp strategy

“We’re still early on the prototyping phase and having a multi-vendor approach. We are trying to figure out what right will look like,” Danielle Moyer said. The post Army seeks to adopt multi-vendor approach for NGC2 as it refines its on- and off-ramp strategy first appeared on Federal News Network.
http://news.poseidon-us.com/TNn34F

Most AI privacy research looks the wrong way

Most research on LLM privacy has focused on the wrong problem, according to a new paper by researchers from Carnegie Mellon University and Northeastern University. The authors argue that while most technical studies target data memorization, the biggest risks come from how LLMs collect, process, and infer information during regular use. A narrow view of privacy research The study reviewed 1,322 AI and machine learning privacy papers published between 2016 and 2025. It found that … More → The post Most AI privacy research looks the wrong way appeared first on Help Net Security.
http://news.poseidon-us.com/TNmhGF

Why ex-military professionals are a good fit for cybersecurity

After years of working as part of a team, many military veterans look for work that still carries meaning, challenge, and purpose. Cybersecurity offers a new way to serve and protect on a different battlefield. Earlier this year, the Department of Veterans Affairs announced plans for staffing cuts, raising concern among veterans about benefits and job security. While the agency later stepped back from large layoffs, smaller reductions and hiring freezes have left many uncertain … More → The post Why ex-military professionals are a good fit for cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TNmhDg

Using Syscall() for Obfuscation/Fileless Activity, (Mon, Oct 20th)

I found another piece of malware this weekend. This one looks more like a proof-of-concept because the second-stage payload is really “simple”, but it attracted my attention because it uses a nice technique to obfuscate the code.
http://news.poseidon-us.com/TNmgF2