433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Yubico extends hardware passkey deployment options

Yubico announced a significant expansion of YubiKey as a Service, introducing new capabilities that make modern organizations more agile and cyber resilient. With new Self-Service Ordering of YubiKeys enabled through a more streamlined Customer Portal, organizations can deliver phishing-resistance company-wide. Designed to enable the rollout and management of YubiKeys at a global scale, these enhancements enable organizations to move towards passwordless authentication with hardware passkeys. “As the cyber threat landscape continues evolving with AI-driven attacks, … More → The post Yubico extends hardware passkey deployment options appeared first on Help Net Security.
http://news.poseidon-us.com/TQc8GL

Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages

Volante Technologies announced the launch of its Multi-cloud Resiliency Service, engineered to keep financial institutions’ payment operations running seamlessly during major cloud provider outages. Built on Volante’s cloud-native payments platform, the service provides cross-cloud continuity, eliminating single-cloud/provider dependency for the payments layer. Recent large-scale outages across hyperscale cloud providers have demonstrated the real-world impact of cloud concentration risk for banks: delayed or failed transactions, SLA penalties, customer churn, operational recovery costs, and reputational damage. While … More → The post Volante’s Multi-cloud Resiliency Service keeps payments running during cloud outages appeared first on Help Net Security.
http://news.poseidon-us.com/TQc8GH

Pondurance RansomSnare blocks file encryption and data exfiltration

Pondurance launched RansomSnare, a new module for its MDR service that halts ransomware attacks at the moment the malicious process attempts to encrypt files and prevents threat actors from exfiltrating sensitive data. RansomSnare is a next-generation ransomware prevention capability that works by immediately suspending a malicious process the moment it attempts to encrypt its first file—long before traditional tools would detect or react to the attack. Unlike signature-based or behaviorally trained controls, RansomSnare requires no … More → The post Pondurance RansomSnare blocks file encryption and data exfiltration appeared first on Help Net Security.
http://news.poseidon-us.com/TQc8G9

WhatsApp rolls out new security feature to protect users from sophisticated attacks

To add an extra layer of protection to its end-to-end encryption, WhatsApp has begun rolling out a new privacy and security feature called Strict Account Settings. It is designed to help users protect their accounts from sophisticated cyberattacks. “We think you should be able to have a private conversation online, just like you would in-person. We will always defend that right to privacy for everyone, starting with default end-to-end encryption,” company said in a blog … More → The post WhatsApp rolls out new security feature to protect users from sophisticated attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TQc8G1

Android just got smarter at stopping snatch-and-run phone thefts

Google announced updates to the Android theft protection features that expand existing safeguards and make stolen devices harder to use. These updates are available on Android 16 and later. One update builds on Failed Authentication Lock, a feature introduced in Android 15 that locks the screen after repeated failed unlock attempts. Google is adding a dedicated on and off toggle in settings, giving users direct control over whether the feature is enabled. Android devices provide … More → The post Android just got smarter at stopping snatch-and-run phone thefts appeared first on Help Net Security.
http://news.poseidon-us.com/TQc8FK

CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities

CERT UEFI Parser, a new open-source security analysis tool from the CERT Coordination Center has been released to help researchers and defenders examine the structure of Unified Extensible Firmware Interface (UEFI) software and identify classes of vulnerabilities that are often difficult to study. UEFI software The tool is published by the Software Engineering Institute (SEI) at Carnegie Mellon University and applies program analysis techniques to UEFI firmware code to extract architectural details that are typically … More → The post CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities appeared first on Help Net Security.
http://news.poseidon-us.com/TQc3MN

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed to GitLab or GitHub, you cannot remove it. You can modify it or remove it from a Git repository. However, the references will remain in the database, and you can always consult them afterwards.” Database references persist indefinitely. Anyone with … More → The post Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom appeared first on Help Net Security.
http://news.poseidon-us.com/TQc3MF

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions

A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by Incogni, which analyzed 442 AI-powered Google Chrome extensions for its 2026 privacy risk report. The study reviewed extensions across eight categories and assessed their permissions, declared data collection practices, and security risk scores. High-impact access is common Every extension … More → The post Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions appeared first on Help Net Security.
http://news.poseidon-us.com/TQc3LF

Audits for AI systems that keep changing

Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through recurring measurement and automated evidence collection tied to live system behavior. The specification addresses a common challenge in AI oversight. Models evolve through retraining, data pipelines change, and system configurations shift during operation. Oversight methods … More → The post Audits for AI systems that keep changing appeared first on Help Net Security.
http://news.poseidon-us.com/TQc0fV

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out on [January 22, 2026],” the company shared. About CVE-2026-24858 On January 20, several Fortinet customers revealed that attackers gained access to their FortiGate firewalls and created new local admin accounts despite the devices running … More → The post Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) appeared first on Help Net Security.
http://news.poseidon-us.com/TQbtWB