Blog

Malicious RVTools installer found on official site, researcher warns

The official site for RVTools has apparently been hacked to serve a compromised installer for the popular utility, a security researcher has warned. It’s difficult to say how long the malicious version has been available for download, but the website has been offline since Friday, and began showing the following notice over the weekend: Screenshot of website notice (Source: Help Net Security) Malicious RVTools installer delivers malware RVTools is a free Windows-based utility that helps … More → The post Malicious RVTools installer found on official site, researcher warns appeared first on Help Net Security.
http://news.poseidon-us.com/TKs7x2

Lawmaker calls for investigation into DOGE access to IRS systems

Connolly also highlighted potential issues with the IRS’s data-sharing agreements with the Department of Homeland Security. The post Lawmaker calls for investigation into DOGE access to IRS systems first appeared on Federal News Network.
http://news.poseidon-us.com/TKs3j8

AI makes further inroads into the mainframe ecosystem

Capgemini and Rocket Software each rolled out automation tools to help enterprises manage and modernize legacy infrastructure last week.
http://news.poseidon-us.com/TKs239

Cyble Titan strengthens endpoint security

Cyble announced Cyble Titan, its next-generation Endpoint Security. Designed to meet the evolving threat landscape, Cyble Titan integrates into the Cyble’s AI-Native Security Cloud, bringing together asset visibility, intelligence-led detection, and automated incident response in a unified solution. Unlike traditional endpoint security tools that focus solely on detection and alerts, Cyble Titan is built for modern security teams who demand both context and action. Cyble Titan is powered by native threat intelligence from Cyble Vision, … More → The post Cyble Titan strengthens endpoint security appeared first on Help Net Security.
http://news.poseidon-us.com/TKrrV2

RAT Dropped By Two Layers of AutoIT Code, (Mon, May 19th)

Like .Net, AutoIT[1] remains a popular language for years in the malware ecosystem. It's a simple language that can interact with all the components of the Windows operating system. I regularly discover AutoIT3 binaries (yes, it can be compiled). This weekend, I found a malware delivered through a double layer of AutoIT code!
http://news.poseidon-us.com/TKrqV7

AI hallucinations and their risk to cybersecurity operations

AI systems can sometimes produce outputs that are incorrect or misleading, a phenomenon known as hallucinations. These errors can range from minor inaccuracies to misrepresentations that can misguide decision-making processes. Real world implications “If a company’s AI agent leverages outdated or inaccurate data, AI hallucinations might fabricate non-existent vulnerabilities or misinterpret threat intelligence, leading to unnecessary alerts or overlooked risks. Such errors can divert resources from genuine threats, creating new vulnerabilities and wasting already-constrained SecOps … More → The post AI hallucinations and their risk to cybersecurity operations appeared first on Help Net Security.
http://news.poseidon-us.com/TKrlJY

Why EU encryption policy needs technical and civil society input

In this Help Net Security interview, Full Professor at University of Leuven, unpacks the European Commission’s encryption agenda, urging a balanced, technically informed approach to lawful access that safeguards privacy, security, and fundamental rights across the EU. Given the European Commission’s aim to enable lawful access to encrypted data, how can we reconcile this with the technical consensus that introducing such access points inherently weakens encryption? While “lawful access to encrypted data based on a … More → The post Why EU encryption policy needs technical and civil society input appeared first on Help Net Security.
http://news.poseidon-us.com/TKrlHq

Hanko: Open-source authentication and user management

Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their authentication flows by migrating users towards passkeys, while still supporting all common authentication methods like email/password, MFA, OAuth, as well as SAML SSO,” Felix Magedanz, CEO at Hanko, told Help Net Security. “What truly sets us apart is our commitment to developer experience,” explained Magedanz. Hanko is fully open source and licensed under AGPL … More → The post Hanko: Open-source authentication and user management appeared first on Help Net Security.
http://news.poseidon-us.com/TKrjlS

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel

In this Help Net Security video, Adam Pennington, MITRE ATT&CK Lead, breaks down what’s new in the ATT&CK v17 release. He highlights the addition of the ESXi platform, new and updated techniques for Linux, refinements to mitigation guidance, and over 140 new analytics to help defenders act faster. Pennington also discusses changes across ATT&CK for enterprise, ICS, and mobile, emphasizing community contributions and the framework’s continued evolution to track emerging adversary behavior. The post Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel appeared first on Help Net Security.
http://news.poseidon-us.com/TKrjkQ

ISC Stormcast For Monday, May 19th, 2025 https://isc.sans.edu/podcastdetail/9456, (Mon, May 19th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TKrfxj