433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

AppGate extends zero trust to secure AI workloads with Agentic AI Core Protection

AppGate announced the launch of Agentic AI Core Protection, a new capability within AppGate ZTNA designed to secure AI workloads deployed in enterprise core environments across on-prem and cloud venues. This innovation enables organizations to embrace AI-driven transformation while maintaining robust security and compliance. As enterprises accelerate AI adoption, agents are increasingly deployed in servers, VMs, and Kubernetes cluster, typically as part of a corporate policy for security and compliance. These deployments often expose APIs … More → The post AppGate extends zero trust to secure AI workloads with Agentic AI Core Protection appeared first on Help Net Security.
http://news.poseidon-us.com/TPtqsX

Microsoft 365 users targeted in device code phishing attacks

Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting users with device codes that, when entered, inadvertently grant attackers control of enterprise accounts. This trend reflects a broader shift away from basic password theft toward abusing modern authentication flows to bypass multi-factor authentication protection. The campaigns and the tools used … More → The post Microsoft 365 users targeted in device code phishing attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TPtmXr

More than half of public vulnerabilities bypass leading WAFs

Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as foundational infrastructure and evaluates their effectiveness against critical vulnerabilities, CVEs, and AI-driven threats. The report also explores how the WAF’s edge placement, combined with runtime intelligence, can support a more reliable and AI-ready mitigation layer for modern defense strategies. “This study clarifies that WAFs are currently an underutilized … More → The post More than half of public vulnerabilities bypass leading WAFs appeared first on Help Net Security.
http://news.poseidon-us.com/TPtcjt

Group Policy abuse reveals China-aligned espionage group targeting governments

ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, tracked as LongNosedGoblin, has targeted government institutions in Southeast Asia and Japan with a toolset built for long-term surveillance. Group Policy is widely used with Active Directory to manage settings and permissions across Windows environments. The group leverages that trust to distribute malware at scale once access is … More → The post Group Policy abuse reveals China-aligned espionage group targeting governments appeared first on Help Net Security.
http://news.poseidon-us.com/TPtYwj

Concentric AI expands Private Scan Manager with Azure support for regulated industries

Concentric AI announced expanded Private Scan Manager functionality in its Semantic Intelligence data security governance platform. Customers now have the ability to deploy Semantic Intelligence within their own private Microsoft Azure cloud. This follows an announcement earlier this year where Concentric AI announced support for private scanning in AWS environments, and gives customers the choice of deploying in either private cloud environment. For compliance reasons, organizations in certain highly regulated industries must process their data … More → The post Concentric AI expands Private Scan Manager with Azure support for regulated industries appeared first on Help Net Security.
http://news.poseidon-us.com/TPtYvx

Push Security detects and blocks malicious copy-and-paste activity

Push Security announced the release of a new feature designed to tackle one of the fastest-growing cyber threats: ClickFix-style attacks. The company’s latest innovation, malicious copy-and-paste detection, blocks users from copying malicious scripts in their web browser, preventing them from being run on machines, and cutting off attackers at the earliest opportunity. Push Security’s malicious copy-and-paste detection identifies and blocks the exact user action that makes ClickFix possible. By monitoring copy events in the browser, … More → The post Push Security detects and blocks malicious copy-and-paste activity appeared first on Help Net Security.
http://news.poseidon-us.com/TPtVzk

The soft underbelly of space isn’t in orbit, it’s on the ground

In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why stations remain a focal point for security efforts. He notes that many risks stem from supply chain gaps and legacy infrastructure that supports critical missions. He also explains how KSAT works to keep latency low while maintaining security across global operations. Adversaries are increasingly exploiting the “ground … More → The post The soft underbelly of space isn’t in orbit, it’s on the ground appeared first on Help Net Security.
http://news.poseidon-us.com/TPtRRJ

Privacy risks sit inside the ads that fill your social media feed

Regulatory limits on explicit targeting have not stopped algorithmic profiling on the web. Ad optimization systems still adapt which ads appear based on users’ private attributes. At the same time, multimodal LLMs have lowered the barrier for turning these hidden signals into profiling tools. A new study examines this risk and asks how outside parties could use these signals to infer private attributes from ad exposure alone. Conceptual overview of the adversarial profiling threat from … More → The post Privacy risks sit inside the ads that fill your social media feed appeared first on Help Net Security.
http://news.poseidon-us.com/TPtRPy

Should AI access be treated as a civil right across generations?

AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that access to AI should be treated as an intergenerational civil right, rather than a service shaped mainly by market forces. The study examines what happens when rising demand for AI collides with limited energy, network capacity, and compute, then proposes a new delivery model to avoid … More → The post Should AI access be treated as a civil right across generations? appeared first on Help Net Security.
http://news.poseidon-us.com/TPtNkj