433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Attackers target retailers’ gift card systems using cloud-only techniques

A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and operate entirely in cloud environments. The attackers rely on phishing and smishing to harvest account credentials, then use trusted cloud services instead of deploying malware. “Once they gain access to an organization, they pursue the … More → The post Attackers target retailers’ gift card systems using cloud-only techniques appeared first on Help Net Security.
http://news.poseidon-us.com/TNqKkF

Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals

Explore how Russia’s cybercriminal ecosystem evolved under Operation Endgame—where state control, selective enforcement, and criminal alliances collide.
http://news.poseidon-us.com/TNqGx2

Ivanti enhances its solutions portfolio to drive secure, scalable, and streamlined IT operations

Ivanti announced product enhancements across its solution pillars, empowering our customers to accelerate cloud adoption, strengthen security posture and streamline IT operations. Distributed workforce requires seamless and secure access to the applications, endpoints and data essential to every role. Ivanti’s latest product updates equip IT and security teams with the power to scale operations at their own pace, modernize security and simplify management. With these advancements, organizations can adapt to evolving threats and drive productivity … More → The post Ivanti enhances its solutions portfolio to drive secure, scalable, and streamlined IT operations appeared first on Help Net Security.
http://news.poseidon-us.com/TNqF6B

Attackers turn trusted OAuth apps into cloud backdoors

Attackers are increasingly abusing internal OAuth-based applications to gain persistent access to cloud environments, Proofpoint researchers warn. These apps often remain unnoticed for quite some time and allow attackers to maintain access to high-privileged accounts even after passwords are reset or multifactor authentication (MFA) is enforced. What is OAuth and how do attackers exploit it? OAuth is an authorization protocol that lets apps connect to your account (e.g., M365) safely by using special access tokens … More → The post Attackers turn trusted OAuth apps into cloud backdoors appeared first on Help Net Security.
http://news.poseidon-us.com/TNqF5n

Rubrik Agent Cloud speeds enterprise AI with built-in security and guardrails

Rubrik announced the launch of the Rubrik Agent Cloud to accelerate enterprise AI agent adoption while managing risk of AI deployments. AI transformation is now mandatory for most organizations. However, IT leaders are constrained because agentic AI has significant risks including hallucination as well as compromise by threat actors. Rubrik Agent Cloud is designed to monitor and audit agentic actions, enforce real-time guardrails for agentic changes, fine-tune agents for accuracy and, undo agent mistakes. Built … More → The post Rubrik Agent Cloud speeds enterprise AI with built-in security and guardrails appeared first on Help Net Security.
http://news.poseidon-us.com/TNqF5N

Government shutdown takes toll on air traffic controllers

The longer the shutdown goes, the more air traffic controllers feel their anxiety and stress levels rise. The post Government shutdown takes toll on air traffic controllers first appeared on Federal News Network.
http://news.poseidon-us.com/TNqDsL

Axoflow Security Data Layer unifies data pipeline, storage, and analytics for security team

Axoflow has launched its Security Data Layer, extending its pipeline offering with multiple storage solutions. The Security Data Layer addresses challenges in log management, SIEM optimization, pipeline reliability, and data accessibility. In addition to a full-fledged security data pipeline that classifies, reduces, normalizes, and enriches data, now security teams gain access to flexible, cost-effective, and high-performance storage options. They can store, query, and process security data in diverse deployment scenarios, from storing temporal data right … More → The post Axoflow Security Data Layer unifies data pipeline, storage, and analytics for security team appeared first on Help Net Security.
http://news.poseidon-us.com/TNq6dQ

Elastic introduces Agent Builder to simplify AI agent development

Elastic released Agent Builder, a complete set of capabilities powered by Elasticsearch, that makes it easy for developers to build custom AI agents on company data—all within minutes. Agent Builder also provides an out-of-the-box conversational experience for exploring, analyzing, and optimizing any data in Elasticsearch. As AI agents evolve to take on more complex and data-driven enterprise tasks, reliability and accuracy depend on delivering accurate context. In most enterprises, this context is scattered across various … More → The post Elastic introduces Agent Builder to simplify AI agent development appeared first on Help Net Security.
http://news.poseidon-us.com/TNq6c4