433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Linux Process Name Masquerading, (Wed, Jun 24th)

In a previous diary, I talked about stack strings[1] with a practical example of them. Since my SEC670 class, I’m even more interested in malware obfuscation techniques. I had a look at process names. When you list running processes on a computer, can you trust what you see? If you're facing a rootkit, malicious processes can be simply hidden (the API calls or commands to list processed have been tampered). But a malicious process can also mimic a non-suspicious name by masquerading their name. This technique (T1036 in the MITRE ATT&CK framework[2]) has been used by attackers in many campaigns. A good example of the Velvet Ant Chinese group[3]. The goal is to hide the “malware” process name by replacing it with something that won’t attract the Security Analyst’s eyes or defeat security controls.
http://news.poseidon-us.com/TTBK09

Praxen: Open-source AI agent behavior verification

Praxen is an open-source tool with a simple job: it checks whether an AI agent does what it claims to do. The tool takes an agent’s declared policy, looks at how the agent operates, and points out every spot where the two drift apart. It is the reference implementation of Agent Behavior Verification, a control model that hands each agent an authorized role and then confirms the controls hold that agent to it. The idea … More → The post Praxen: Open-source AI agent behavior verification appeared first on Help Net Security.
http://news.poseidon-us.com/TTBHh8

Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads

The Agentic SOC market is loud. Dozens of vendors promise to take alert triage, investigation, and response off your analysts’ plates, but most claims have never been tested in production. The hard part is separating operational improvement from this marketing noise. Gartner makes the stakes concrete. In Validate the Promises of AI SOC Agents With These Key Questions, analysts Craig Lawson and Andrew Davies project that 70% of large SOCs will pilot AI agents for … More → The post Product showcase: How to evaluate AI SOC platforms and where Prophet AI leads appeared first on Help Net Security.
http://news.poseidon-us.com/TTBHgF

Security testing was built for a slower world

Software teams are pushing code into production faster than security testing can keep up. AI is accelerating development cycles and adding pressure to security programs that rely on periodic validation and manual penetration testing. The 2026 State of AI Security Testing report from Aikido Security found that 76% of organizations have had to stop, restrict, or roll back AI-driven behavior in the past 12 months. Another 71% said AI or automation made a security issue … More → The post Security testing was built for a slower world appeared first on Help Net Security.
http://news.poseidon-us.com/TTBG0k

Cybersecurity jobs available right now: June 24, 2026

Application Security Leader DriveNets | Israel | Hybrid – View job details As an Application Security Leader, you will define security requirements, drive secure coding practices, oversee vulnerability management, and integrate security testing and automation into development pipelines. You will establish security governance initiatives, including a Security Champions program, provide meaningful security metrics to leadership, and serve as the primary application security advisor for strategic programs and customer engagements. Cloud Security Architect Thales | Canada … More → The post Cybersecurity jobs available right now: June 24, 2026 appeared first on Help Net Security.
http://news.poseidon-us.com/TTBFzn

Army Corps restructuring of value engineering program prompts backlash

“The Army Corps of Engineers is not reducing our commitment to value engineering. To the contrary, it’s elevating and modernizing value engineering,” USACE said
http://news.poseidon-us.com/TTB8xN

Army Corps restructuring of value engineering program prompts backlash

“The Army Corps of Engineers is not reducing our commitment to value engineering. To the contrary, it’s elevating and modernizing value engineering,” USACE said
http://news.poseidon-us.com/TTB8rl