433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (727) 493-2351

EU cyber resilience regulation could translate into millions in fines

The EU Commission’s Cyber Resilience Act (CRA) is intended to close the digital fragmentation problem surrounding devices and systems with network connections – from printers and routers to smart household appliances and industrial control systems. Industrial networks and critical infrastructures require special protection. According to the European Union, there is currently a ransomware attack every eleven seconds. In the last few weeks alone, among others, a leading German children’s food manufacturer and a global Tier1 … More → The post EU cyber resilience regulation could translate into millions in fines appeared first on Help Net Security.
http://news.poseidon-us.com/Sh5yXh

How monitoring user activity on unclassified networks can help protect classified networks and data

Federal organizations like the Defense Department and agencies in the intelligence community manage large volumes of highly sensitive information. To protect that data, they operate classified networks that must meet specific cybersecurity guidelines.
http://news.poseidon-us.com/Sh5L7C

Google ads increasingly pointing to malware

The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers – anything that can be downloaded, really – via Google and Bing. The recent explosion of search engine malvertising Malware peddlers employ a variety of methods to deliver their wares to unsuspecting users: Malicious links or … More → The post Google ads increasingly pointing to malware appeared first on Help Net Security.
http://news.poseidon-us.com/Sh44pg

Devo DeepTrace helps security teams investigate alerts and suspicious events

Devo Technology unveiled Devo DeepTrace, an autonomous alert investigation and threat hunting solution that uses attack-tracing artificial intelligence (AI) to advance how security teams identify attacks, investigate threats and secure their organizations. DeepTrace augments the work security analysts do by building complete traces of suspicious activity detected across an organization’s infrastructure, which alleviates much of their mundane, repetitive tasks. “Today’s SOCs are under strain and SOC analysts in particular are overwhelmed with the ever-increasing volume … More → The post Devo DeepTrace helps security teams investigate alerts and suspicious events appeared first on Help Net Security.
http://news.poseidon-us.com/Sh318g

DigiCert Trust Lifecycle Manager unifies CA-agnostic certificate management

DigiCert has released DigiCert Trust Lifecycle Manager, a digital trust solution unifying CA-agnostic certificate management and public key infrastructure (PKI) services. Trust Lifecycle Manager integrates with DigiCert’s public trust issuance for a full-stack solution governing seamless management of corporate digital trust infrastructure. Organizations that prioritize a unified digital trust strategy add to their top line and protect their bottom line. At the top line, digital trust accelerates customer acquisition, improves employee productivity and drives digital … More → The post DigiCert Trust Lifecycle Manager unifies CA-agnostic certificate management appeared first on Help Net Security.
http://news.poseidon-us.com/Sh317Z

How attackers might use GitHub Codespaces to hide malware delivery

Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub’s servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way. “If the application port is shared privately, browser cookies are used and required for authentication,” researchers from security firm Trend Micro said in a new report. “However, if ports are shared with the public (that is, without authentication or authentication context), attackers can abuse this feature to host malicious content such as scripts and malware samples.” To read this article in full, please click here
http://news.poseidon-us.com/Sh2HcK

US Maritime Administrator to study port crane cybersecurity concerns

The 2023 National Defense Authorization Act (NDAA) passed by Congress and signed by President Biden in late December 2022 was filled with a host of military-related cybersecurity provisions. One little-noticed provision in the bill called for a study of cybersecurity and national security threats posed by foreign-manufactured cranes at United States ports. Under this provision, the Maritime Administrator, working with Homeland Security, the Pentagon, and the Cybersecurity and Infrastructure Security Agency (CISA), is required to conduct a study to assess whether foreign manufactured cranes at United States ports pose cybersecurity or national security threats. It must be completed by late December 2023 and submitted to the Senate Commerce and Armed Services committees and House Transportation and Armed Services committees. To read this article in full, please click here
http://news.poseidon-us.com/Sh0tdg

Training, endpoint management reduce remote working cybersecurity risks

33% of companies are not providing any cybersecurity awareness training to users who work remotely, according to Hornetsecurity. The study also revealed that nearly 74% of remote staff have access to critical data, which is creating more risk for companies in the new hybrid working world. Despite the current lack of training and employees feeling ill-equipped, almost 44% of respondents said their organization plans to increase the percentage of employees that work remotely. “The popularity … More → The post Training, endpoint management reduce remote working cybersecurity risks appeared first on Help Net Security.
http://news.poseidon-us.com/SgzyvL