Blog

ThreatMark offers protection against social engineering attacks and scams

ThreatMark launched ScamFlag, a Generative AI-powered solution designed to protect digital banks and their customers from the scams and social engineering attacks. Seamlessly integrating into existing digital banking applications, ScamFlag enables financial institutions to provide their customers with scam detection capabilities without requiring separate app downloads or complex setup. The announcement comes as global fraud losses reached a staggering $486 billion in 2023, with more than 70% attributed to scams that trick legitimate users into … More → The post ThreatMark offers protection against social engineering attacks and scams appeared first on Help Net Security.
http://news.poseidon-us.com/TKsD3W

CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide

A phishing operation that targets corporate banking accounts across the globe has been analyzed in a new report by CTM360. The campaign uses fake Google ads, advanced filtering techniques, to steal sensitive login credentials and bypass MFA. Researchers uncovered more than 12,000 malicious redirector URLs spread across 35 unique potential phishing redirector templates. The infrastructure supports two distinct phishing techniques, both of which are difficult to detect and designed to evade automated scanning tools. What … More → The post CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide appeared first on Help Net Security.
http://news.poseidon-us.com/TKsD18

Malicious RVTools installer found on official site, researcher warns

The official site for RVTools has apparently been hacked to serve a compromised installer for the popular utility, a security researcher has warned. It’s difficult to say how long the malicious version has been available for download, but the website has been offline since Friday, and began showing the following notice over the weekend: Screenshot of website notice (Source: Help Net Security) Malicious RVTools installer delivers malware RVTools is a free Windows-based utility that helps … More → The post Malicious RVTools installer found on official site, researcher warns appeared first on Help Net Security.
http://news.poseidon-us.com/TKs7x2

Lawmaker calls for investigation into DOGE access to IRS systems

Connolly also highlighted potential issues with the IRS’s data-sharing agreements with the Department of Homeland Security. The post Lawmaker calls for investigation into DOGE access to IRS systems first appeared on Federal News Network.
http://news.poseidon-us.com/TKs3j8

AI makes further inroads into the mainframe ecosystem

Capgemini and Rocket Software each rolled out automation tools to help enterprises manage and modernize legacy infrastructure last week.
http://news.poseidon-us.com/TKs239

Cyble Titan strengthens endpoint security

Cyble announced Cyble Titan, its next-generation Endpoint Security. Designed to meet the evolving threat landscape, Cyble Titan integrates into the Cyble’s AI-Native Security Cloud, bringing together asset visibility, intelligence-led detection, and automated incident response in a unified solution. Unlike traditional endpoint security tools that focus solely on detection and alerts, Cyble Titan is built for modern security teams who demand both context and action. Cyble Titan is powered by native threat intelligence from Cyble Vision, … More → The post Cyble Titan strengthens endpoint security appeared first on Help Net Security.
http://news.poseidon-us.com/TKrrV2

RAT Dropped By Two Layers of AutoIT Code, (Mon, May 19th)

Like .Net, AutoIT[1] remains a popular language for years in the malware ecosystem. It's a simple language that can interact with all the components of the Windows operating system. I regularly discover AutoIT3 binaries (yes, it can be compiled). This weekend, I found a malware delivered through a double layer of AutoIT code!
http://news.poseidon-us.com/TKrqV7

AI hallucinations and their risk to cybersecurity operations

AI systems can sometimes produce outputs that are incorrect or misleading, a phenomenon known as hallucinations. These errors can range from minor inaccuracies to misrepresentations that can misguide decision-making processes. Real world implications “If a company’s AI agent leverages outdated or inaccurate data, AI hallucinations might fabricate non-existent vulnerabilities or misinterpret threat intelligence, leading to unnecessary alerts or overlooked risks. Such errors can divert resources from genuine threats, creating new vulnerabilities and wasting already-constrained SecOps … More → The post AI hallucinations and their risk to cybersecurity operations appeared first on Help Net Security.
http://news.poseidon-us.com/TKrlJY

Why EU encryption policy needs technical and civil society input

In this Help Net Security interview, Full Professor at University of Leuven, unpacks the European Commission’s encryption agenda, urging a balanced, technically informed approach to lawful access that safeguards privacy, security, and fundamental rights across the EU. Given the European Commission’s aim to enable lawful access to encrypted data, how can we reconcile this with the technical consensus that introducing such access points inherently weakens encryption? While “lawful access to encrypted data based on a … More → The post Why EU encryption policy needs technical and civil society input appeared first on Help Net Security.
http://news.poseidon-us.com/TKrlHq

Hanko: Open-source authentication and user management

Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their authentication flows by migrating users towards passkeys, while still supporting all common authentication methods like email/password, MFA, OAuth, as well as SAML SSO,” Felix Magedanz, CEO at Hanko, told Help Net Security. “What truly sets us apart is our commitment to developer experience,” explained Magedanz. Hanko is fully open source and licensed under AGPL … More → The post Hanko: Open-source authentication and user management appeared first on Help Net Security.
http://news.poseidon-us.com/TKrjlS