433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

What to do when following the rules isn’t enough

“I still don’t break the rules but it’s finding the space within those rules that other people just never questioned,” said Lauren Weiner. The post What to do when following the rules isn’t enough first appeared on Federal News Network.
http://news.poseidon-us.com/TL23KL

Attackers hit MSP, use its RMM software to deliver ransomware to clients

A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium confidence the threat actor exploited a chain of vulnerabilities that were released in January 2025,” the company’s incident responders shared on Tuesday. The vulnerabilities in question are CVE-2024-57727, CVE-2024-57728 and CVE-2024-57726, which can be used to compromise SimpleHelp … More → The post Attackers hit MSP, use its RMM software to deliver ransomware to clients appeared first on Help Net Security.
http://news.poseidon-us.com/TL21W2

How CIOs and CISOs can improve their collaboration

IT and security leaders best serve their organizations when there are clearly defined roles and mutual respect for their counterparts’ objectives.
http://news.poseidon-us.com/TL1yRv

LogicGate brings risk management to individual business units

LogicGate is elevating its Risk Cloud platform with a new Operational Risk Management (ORM) Solution designed to allow organizations to prioritize risks based on process criticality and financial impact. By helping minimize operational disruptions, such as failed internal processes, inadequate systems, and natural disasters, ORM helps ensure the resilience of the organization. With role-based dashboards tailored to specific stakeholders and lines of defense, LogicGate’s new ORM solution enables Risk Cloud users to quantify and visualize … More → The post LogicGate brings risk management to individual business units appeared first on Help Net Security.
http://news.poseidon-us.com/TL1pVx

Why data provenance must anchor every CISO’s AI governance strategy

Across the enterprise, artificial intelligence has crept into core functions – not through massive digital transformation programs, but through quiet, incremental adoption. Legal departments are summarizing contracts. HR is rewording sensitive employee communications. Compliance teams are experimenting with due diligence automation. Most of these functions are built on large language models (LLMs), and they’re often introduced under the radar, wrapped in SaaS platforms, productivity tools, or internal pilots. It’s not the adoption that worries me. … More → The post Why data provenance must anchor every CISO’s AI governance strategy appeared first on Help Net Security.
http://news.poseidon-us.com/TL1kKV

DefectDojo’s SOC capabilities simplify cybersecurity operations

DefectDojo announced next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings. As both SOC and AppSec teams attempt to cut through noisy data from a sprawling set of tools and sources, Dojo Pro now allows two security teams to work from the same platform. SOC teams, like their counterparts in AppSec, are facing a … More → The post DefectDojo’s SOC capabilities simplify cybersecurity operations appeared first on Help Net Security.
http://news.poseidon-us.com/TL1kJJ

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of Woodpecker “We noticed recently that a number of companies are now selling red-teaming features as commercial products, so we wanted to democratize access to core red teaming capabilities that we don’t think should be limited … More → The post Woodpecker: Open-source red teaming for AI, Kubernetes, APIs appeared first on Help Net Security.
http://news.poseidon-us.com/TL1hPC

GitHub becomes go-to platform for malware delivery across Europe

Phishing has become the go-to method for attackers looking to get past security controls and access sensitive environments in Europe, according to Netskope. Users are now constantly dealing with phishing attempts, which have become so common and credible that even careful people can make mistakes. Adobe is the brand most commonly impersonated by cybercriminals, appearing in 29% of cloud phishing campaigns aimed at stealing credentials for digital services. Microsoft’s brand is the next most impersonated … More → The post GitHub becomes go-to platform for malware delivery across Europe appeared first on Help Net Security.
http://news.poseidon-us.com/TL1hP3

Hottest cybersecurity open-source tools of the month: May 2025

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers secure. LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks LlamaFirewall is a system-level security framework for LLM-powered applications, built with a … More → The post Hottest cybersecurity open-source tools of the month: May 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TL1hLp