433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

The ARToken phishing panel targets Microsoft 365 accounts

Accounts-payable staff at U.S. companies keep receiving invoice emails that look like they come from vendors they already work with. One landed at a life-sciences company in April 2026, addressed to the person who handles payments and written in the voice of a Wisconsin contractor’s billing contact. It asked about invoices that appeared to still be outstanding, the sort of note an accounts-payable team handles every day. Behind it sits a phishing operation Cisco Talos … More → The post The ARToken phishing panel targets Microsoft 365 accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TTJ685

Claude Sonnet 5 includes safeguards against dangerous cyber use

Anthropic has introduced Claude Sonnet 5, the latest version of its general-purpose AI model, with improved reasoning, coding, tool use, and knowledge work capabilities. The model can make plans, use tools such as browsers and terminals, and complete tasks autonomously. Scores for Sonnet 5 on a variety of evaluations compared to those of Sonnet 4.6 and Opus 4.8 (Source: Anthropic) The company says Sonnet 5 improves reasoning, coding, tool use, and knowledge-work tasks. “Our safety … More → The post Claude Sonnet 5 includes safeguards against dangerous cyber use appeared first on Help Net Security.
http://news.poseidon-us.com/TTJ67L

What a financial planner taught me about cybersecurity

When I spoke at a recent cybersecurity awareness event for financial planners and tax advisors, the audience really engaged with the subject. As happens at conferences the world over, people often come up to speakers to ask follow-up questions, or just give their feedback about points made during the presentation. This time, it struck me how many of them said they had been scared by what they heard during my talk. As I made my … More → The post What a financial planner taught me about cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TTHzqS

Nika: Open-source code analysis tool

Many serious security bugs in web applications sit across several files at once. Request data enters through a controller, moves through data objects and service layers, and turns dangerous only when it reaches a sensitive operation such as a database query or a file action. A scanner that reads one file at a time can miss that path entirely. Nika, an open-source tool from the payments company PhonePe, works on that problem for Java microservices. … More → The post Nika: Open-source code analysis tool appeared first on Help Net Security.
http://news.poseidon-us.com/TTHzpp

This supercomputer encrypts your data even while it’s running it

Most people who handle sensitive data already encrypt it in two places. They lock it down when it sits on a hard drive, and they lock it down when it moves across a network. There has always been a third moment that stayed open. The instant a computer pulls that data into memory to work on it, the protection drops away. For a few seconds or a few hours, the information sits in the open, … More → The post This supercomputer encrypts your data even while it’s running it appeared first on Help Net Security.
http://news.poseidon-us.com/TTHtPK

AI-generated code risks reach security, legal, and compliance teams

Most engineering organizations write code with AI, and a good number of them keep that code away from customers. A Flux survey of engineering leaders and practitioners found that nearly half run AI-generated code in production. Almost every company in the sample uses AI somewhere in development, with under 5% reporting no plans to adopt it within a year. Where teams trust AI Teams reach for AI on repetitive work first. It writes documentation, fills … More → The post AI-generated code risks reach security, legal, and compliance teams appeared first on Help Net Security.
http://news.poseidon-us.com/TTHtPH

Microsoft wants to stop unwanted bots from entering Teams meetings

A new Microsoft Teams admin policy, Manage external bots and their access to meetings, gives organizations greater visibility and control over external bots in meetings. The policy identifies bots and applies safeguards before they are admitted. Microsoft will begin retiring the existing Require verification by participants (CAPTCHA) meeting policy. Admitting a bot should be a deliberate decision (Source: Microsoft) Admin controls for external bots Admins can assign the policy in the Teams Admin Center to … More → The post Microsoft wants to stop unwanted bots from entering Teams meetings appeared first on Help Net Security.
http://news.poseidon-us.com/TTHtNP

Why Ask Credentials If There Are Secret Codes?, (Wed, Jul 1st)

This morning, an interesting phishing email hit my mailbox. It targets Metamask[1], a cryptocurrency wallet, available as a browser extension and a mobile app, that lets users store, send, and receive crypto money. It&#x27s pretty popular, so a juicy target for criminals. In February, I already mentioned a campaign against them[2].
http://news.poseidon-us.com/TTHsT4

Getting boards to fund ERM means speaking their currency

In this Help Net Security video, Greg Young, VP Cybersecurity and Corporate Development at TrendAI, explains how to build Enterprise Risk Management that a board will pay for. Drawing on nearly four decades in cybersecurity, including time as a CISO and 14 years as a Gartner analyst, he argues that boards fund ERM when they can see how risk intelligence improves business decisions, not when someone asks for better governance. The talk covers how to … More → The post Getting boards to fund ERM means speaking their currency appeared first on Help Net Security.
http://news.poseidon-us.com/TTHrFH