Blog

Trend Micro improves SIEM performance with agentic AI

Trend Micro announced new agentic AI technology designed to solve the traditional pain points associated with Security Information and Event Management (SIEM). When combined with Trend’s digital twin capabilities it will help to transform security operations by proactively mitigating security risks. “As the cybersecurity stack increasingly becomes AI driven, the security data layer must evolve to support data-hungry agentic capabilities, including infusing agentic AI into core SIEM functions. Trend Vision One Agentic SIEM enters the SIEM … More → The post Trend Micro improves SIEM performance with agentic AI appeared first on Help Net Security.
http://news.poseidon-us.com/TMRlRs

Rubrik Agent Rewind enables organizations to undo mistakes made by agentic AI

Rubrik launched Agent Rewind, following the close of Rubrik’s acquisition of Predibase. Agent Rewind, powered by Predibase AI infrastructure, will enable organizations to undo mistakes made by agentic AI by providing visibility into agents’ actions and enabling enterprises to rewind those changes to applications and data. “As companies consider investing in AI, they often don’t take into account the mistakes that AI agents can and will make,” said Johnny Yu, Research Manager at IDC. “Agentic … More → The post Rubrik Agent Rewind enables organizations to undo mistakes made by agentic AI appeared first on Help Net Security.
http://news.poseidon-us.com/TMRlPk

WinRAR zero-day was exploited by two threat actors (CVE-2025-8088)

The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations. BI.ZONE researchers may have also uncovered how RomCom and Paper Werewolf got their hands on the same exploit: it looks like it may have been offered for sale on a cybercrime forum in late June … More → The post WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) appeared first on Help Net Security.
http://news.poseidon-us.com/TMRlM1

Digital Identity Guidelines – Revision 4 Public Webinar

NIST will host a public webinar to discuss the recently released final version of Special Publication 800-63, Digital Identity Guidelines, Revision 4, which intends to respond to the changing digital landscape that has emerged since the last major
http://news.poseidon-us.com/TMRhCq

SpartanNash hires CIO, CISO as it preps for merger

The grocery company has also combined its finance, IT and strategy groups ahead of its planned acquisition by C&S Wholesale Grocers.
http://news.poseidon-us.com/TMRgzD

APT groups are getting personal, and CISOs should be concerned

Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store files in cloud accounts, and stay active online. These behaviors open doors for attackers, especially when personal networks are not monitored or protected at the same level as corporate infrastructure. APT groups may begin with basic … More → The post APT groups are getting personal, and CISOs should be concerned appeared first on Help Net Security.
http://news.poseidon-us.com/TMRd5x

Research shows AI agents are highly vulnerable to hijacking attacks

Attackers could exploit widely deployed AI technologies for data theft and manipulation, experts from Zenity Labs found.
http://news.poseidon-us.com/TMRYTR

What makes a security program mature and how to get there faster

Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key gaps holding security programs back and what sets mature programs apart. From fragmented data and workflows to ineffective prioritization, learn where to focus to evolve faster and prove progress. As more organizations strive to level up their capabilities, conversations around security program maturity are becoming central to … More → The post What makes a security program mature and how to get there faster appeared first on Help Net Security.
http://news.poseidon-us.com/TMRLVT

Why AI emails can quietly destroy trust at work

AI is now a routine part of workplace communication, with most professionals using tools like ChatGPT and Gemini. A study of over 1,000 professionals shows that while AI makes managers’ messages more polished, heavy reliance can damage trust. Employees tend to accept low-level AI help, such as grammar fixes, but become skeptical when supervisors use AI extensively, especially for personal or motivational messages. This “perception gap” can lead employees to question a manager’s sincerity, integrity, and leadership ability.
http://news.poseidon-us.com/TMRLL2

EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations

EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and exploiting common misconfigurations. The tool creates a range of privilege escalation paths and supports black-box testing methods. It uses PowerShell scripts and Microsoft Graph APIs to set up the environment, keeping it separate from production systems so users can experiment safely. Each scenario comes with everything … More → The post EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations appeared first on Help Net Security.
http://news.poseidon-us.com/TMRHmX