433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Biden cyber EO seeks proof of security from software vendors

The new cybersecurity executive order seeks to put teeth behind the secure software development standards that federal vendors are supposed to be following. The post Biden cyber EO seeks proof of security from software vendors first appeared on Federal News Network.
http://news.poseidon-us.com/THNwJ9

New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344)

ESET researchers have identified a vulnerability (CVE-2024-7344) impacting most UEFI-based systems, which allows attackers to bypass UEFI Secure Boot. The issue was found in a UEFI application signed with Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party certificate. Exploiting this vulnerability enables the execution of untrusted code during system boot, allowing attackers to deploy malicious UEFI bootkits, such as Bootkitty or BlackLotus, even on systems with UEFI Secure Boot enabled, regardless of the operating system. Impacted … More → The post New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) appeared first on Help Net Security.
http://news.poseidon-us.com/THNsjC

Cisco AI Defense safeguards against the misuse of AI tools

Cisco announced Cisco AI Defense, a pioneering solution to enable and safeguard AI transformation within enterprises. As AI technology advances, new safety concerns and security threats are emerging at an unprecedented speed which existing security solutions are unprepared to protect against. Cisco AI Defense is purpose-built for enterprises to develop, deploy and secure AI applications with confidence. “Business and technology leaders can’t afford to sacrifice safety for speed when embracing AI,” said Jeetu Patel, EVP and … More → The post Cisco AI Defense safeguards against the misuse of AI tools appeared first on Help Net Security.
http://news.poseidon-us.com/THNshq

HarvestIQ.ai provides actionable insights for cybersecurity professionals

IT-Harvest launched HarvestIQ.ai, a platform featuring two AI assistants designed to redefine how professionals navigate the cybersecurity landscape. The Analyst AI provides access to IT-Harvest’s comprehensive database of 4,070 cybersecurity vendors, offering users instant insights into market players, trends, and innovations. Meanwhile, the Architect AI empowers users with tailored guidance on cybersecurity products, leveraging IT-Harvest’s in-depth analysis of over 11,300 products to help organizations make informed decisions about their cybersecurity strategies. “HarvestIQ.ai is a game-changer … More → The post HarvestIQ.ai provides actionable insights for cybersecurity professionals appeared first on Help Net Security.
http://news.poseidon-us.com/THNsgP

Regula enhances Document Reader SDK with full support for Digital Travel Credentials

Regula has updated its Regula Document Reader SDK. Now, the software fully supports the new Digital Travel Credential (DTC) format, aligned with the International Civil Aviation Organization (ICAO) standards. This enhancement enables governments, airlines, and border control authorities worldwide to process travel documents with security, efficiency, and ease—whether on-site or remotely. The DTC is a secure digital solution that streamlines travel experiences. It consolidates key personal information into a single virtual document that travelers can … More → The post Regula enhances Document Reader SDK with full support for Digital Travel Credentials appeared first on Help Net Security.
http://news.poseidon-us.com/THNp3V

Entrust PKI Hub streamlines PKI, certificate lifecycle management, and automation

Entrust launched PKI Hub, providing enterprise visibility, management, and automation for cryptographic assets in an all-in-one, container-based virtual appliance that can be simply deployed at scale in the cloud or on-premises. Entrust PKI Hub is a comprehensive, high-performance solution comprised of all the components required to operate a secure, post-quantum-ready PKI, protect a wide range of applications, and expand on demand. Deployed as a pre-packaged virtual appliance, PKI Hub enables customers to streamline PKI and … More → The post Entrust PKI Hub streamlines PKI, certificate lifecycle management, and automation appeared first on Help Net Security.
http://news.poseidon-us.com/THNp3T

Red Hat Connectivity Link enhances security across multiple layers of application infrastructure

Red Hat introduced Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure. Red Hat Connectivity Link integrates advanced traffic management, policy enforcement and role-based access control (RBAC) directly within Kubernetes, enhancing security and compliance across multiple layers of application infrastructure. Application development and platform engineering teams can now manage application connectivity across single and multi-cluster Kubernetes environments — streamlining the definition, management and … More → The post Red Hat Connectivity Link enhances security across multiple layers of application infrastructure appeared first on Help Net Security.
http://news.poseidon-us.com/THNp3R

Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence

Join cybersecurity leader Erwin Eimers from Sumitomo Chemicals Americas to explore how AI-driven Network Detection and Response (NDR) enhances SIEM capabilities, bridging critical visibility gaps in converged IT/OT environments. Learn how NDR provides enriched telemetry, real-time insights, and faster threat responses to secure hybrid infrastructures. The post Webinar: Amplifying SIEM with AI-driven NDR for IT/OT convergence appeared first on Help Net Security.
http://news.poseidon-us.com/THNp1z

How CISOs can elevate cybersecurity in boardroom discussions

Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares his perspective on how cybersecurity professionals can tailor their presentations to the board, aligning security strategies with business priorities. He also discusses common misconceptions that boards have about cybersecurity and offers practical advice on building lasting relationships with executives to ensure cybersecurity stays front and center in ongoing business discussions. … More → The post How CISOs can elevate cybersecurity in boardroom discussions appeared first on Help Net Security.
http://news.poseidon-us.com/THNfr0

A humble proposal: The InfoSec CIA triad should be expanded

The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point out its deficiencies, and propose to standardize the terminology involved and expand it by introducing two additional elements. The post A humble proposal: The InfoSec CIA triad should be expanded appeared first on Help Net Security.
http://news.poseidon-us.com/THNfqt