Blog

The Pathways Program transformed agencies’ approach to early-career hiring

The Pathways Program reformed how agencies recruit the next generation of federal employees. But challenges and uncertainties put the program’s future on edge. The post The Pathways Program transformed agencies’ approach to early-career hiring first appeared on Federal News Network.
http://news.poseidon-us.com/TK9Vtt

Emotions and levels of threat affect communities’ resilience during extreme events

Researchers use mathematical modeling to probe whether cohesive communities are more resilient to extreme events, finding that emotional intensity and levels of stress play a big role.
http://news.poseidon-us.com/TK9P2H

AI-generated ‘Synthetic scarred hearts’ aid atrial fibrillation treatment

Researchers have developed an AI tool that creates synthetic yet medically accurate models of fibrotic heart tissue (heart scarring), aiding treatment planning for atrial fibrillation (AF) patients. The study could lead to more personalized care for patients affected by this common heart rhythm disorder.
http://news.poseidon-us.com/TK9P1n

Critical flaws fixed in Nagios Log Server

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability (CVE-2025-29471) in the web interface of Nagios Log Server that allows a standard (low-privilege) user to inject a malicious JavaScript payload into their profile’s ’email’ field to achieve privilege escalation. “When an administrator … More → The post Critical flaws fixed in Nagios Log Server appeared first on Help Net Security.
http://news.poseidon-us.com/TK9NDJ

Aviation sector faces rising cyber risks due to vulnerable software, aging tech

A report published Thursday called on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.
http://news.poseidon-us.com/TK9KMq

Seemplicity adds AI-driven capabilities to scale remediation operations

Seemplicity announced a major product release. This latest version of the Seemplicity Platform introduces powerful new AI-driven capabilities designed to streamline and scale remediation operations. Two major new features – called “Find the Fixer” and “Automatic Scoping” – reduce remediation chaos by eliminating manual bottlenecks and significantly accelerate the path from detection to resolution. Security teams face inadequate prioritization, misrouted remediation requests, and manual workflows that slow down progress. Legacy exposure management requires constant upkeep … More → The post Seemplicity adds AI-driven capabilities to scale remediation operations appeared first on Help Net Security.
http://news.poseidon-us.com/TK98zn

Online Services Again Abused to Exfiltrate Data, (Tue, Apr 15th)

If Attackers can abuse free online services, they will do for sure! Why spend time to deploy a C2 infrastructure if you have plenty of ways to use “official” services. Not only, they don't cost any money but the traffic can be hidden in the normal traffic; making them more difficult to detect. A very popular one was anonfiles[.]com. It was so abused that they closed in 2023![1]. A funny fact is that I still see lot of malicious scripts that refer to this domain. Of course, alternatives popped up here and there, like anonfile[.]la[2].
http://news.poseidon-us.com/TK96xq

Why shorter SSL/TLS certificate lifespans matter

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve leaned on certificates with maximum validity term stretching for months and, in some cases, even years. While convenient, these long-lived certificates are increasingly risky, and now the industry’s major browser makers, like Apple and Google, are throwing down the gauntlet: 90-day maximum validity term from Google, … More → The post Why shorter SSL/TLS certificate lifespans matter appeared first on Help Net Security.
http://news.poseidon-us.com/TK95Rc

Cybercriminal groups embrace corporate structures to scale, sustain operations

In this Help Net Security interview, Sandy Kronenberg, CEO of Netarx, discusses how cybercriminal groups are adopting corporate structures and employee incentives to scale operations, retain talent, and evade detection. He covers the strategic collaborations behind major attacks, business-like parallels, and the implications of these shifts as these groups grow more sophisticated. What motivates cybercriminal groups to adopt mainstream corporate structures and employee incentives, and what impact does this have on recruitment and retention? Loose, … More → The post Cybercriminal groups embrace corporate structures to scale, sustain operations appeared first on Help Net Security.
http://news.poseidon-us.com/TK95Qv

94% of firms say pentesting is essential, but few are doing it right

Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest issues 94% of firms view pentesting as essential to their program. This captures the assurance role of pentesting and reflects the reality that‬ most breaches don’t occur because the victim had no defenses. Rather, the defenses they had‬ weren’t as solid as they thought.‬ ‭ It’s … More → The post 94% of firms say pentesting is essential, but few are doing it right appeared first on Help Net Security.
http://news.poseidon-us.com/TK939K