Blog

Health and Human Services employees call for RFK Jr.’s resignation

Most recently, Kennedy fired the director of the Centers for Disease Control and Prevention. The post Health and Human Services employees call for RFK Jr.’s resignation first appeared on Federal News Network.
http://news.poseidon-us.com/TMvLHv

Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)

A critical vulnerability (CVE-2025-42957) in SAP S/4HANA enterprise resource planning software is being exploited by attackers “to a limited extent”, the Dutch National Cyber Security Center (NCSC NL) has warned on Friday. Their alert seems to be based on a report by SecurityBridge’s Threat Research Labs, who professedly verified that the exploit for the flaw is being used in the wild. About CVE-2025-42957 CVE-2025-42957 is a code injection vulnerability affecting SAP S/4HANA’s function module exposed … More → The post Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957) appeared first on Help Net Security.
http://news.poseidon-us.com/TMv8NZ

How AI can mitigate legacy tech troubles

Companies have found success with AI-assisted data migration and code refactoring, according to West Monroe’s Christina Powers.
http://news.poseidon-us.com/TMv0st

DigitalOcean adds Single Sign-On to help businesses centralize user access

DigitalOcean has announced support for Single Sign-On. This integration is designed to provide digital native businesses with secure authentication to their DigitalOcean accounts. DigitalOcean Single Sign-On (SSO) helps to centralize user access and makes user onboarding and offboarding seamless. It’s built on the industry-standard OpenID Connect (OIDC) protocol, ensuring secure and reliable authentication. SSO connects your existing Identity Provider (IdP) to DigitalOcean, starting with Okta and expanding to other leading IdPs in the future. For … More → The post DigitalOcean adds Single Sign-On to help businesses centralize user access appeared first on Help Net Security.
http://news.poseidon-us.com/TMtycp

Hirsch Velocity 3.9 turns security into business value

Hirsch released Velocity 3.9, the latest advancement in its security management platform. Purpose-built for organizations that demand trust, compliance, and operational efficiency, Velocity 3.9 helps leaders safeguard people, assets, and data while simplifying operations at scale. Built for business impact Executives face a dual challenge: defending against threats while reducing complexity and cost. Velocity 3.9 addresses both with innovations that make security an enabler of resilience and growth: Holiday groups – Streamlines scheduling across multi-site … More → The post Hirsch Velocity 3.9 turns security into business value appeared first on Help Net Security.
http://news.poseidon-us.com/TMtyYt

From YARA Offsets to Virtual Addresses, (Fri, Sep 5th)

YARA is an excellent tool that most of you probably already know and use daily. If you don't, search on isc.sans.edu, we have a bunch of diaries about it[1]. YARA is very powerful because you can search for arrays of bytes that represent executable code. In this case, you provide the hexadecimal representation of the binary machine code.
http://news.poseidon-us.com/TMtpbP

September 2025 Patch Tuesday forecast: The CVE matrix

We work in an industry driven by Common Vulnerabilities and Exposures (CVE). Each security update released by myriad vendors addresses some flaw in software that could be exploited and those flaws that are publicly acknowledged are assigned a CVE designator and associated parameters. It’s these parameters, type, severity, publicly disclosed, known exploited, CVSS, etc. that are used to determine the risk to our network and computing assets, and ultimately the priority to apply the security … More → The post September 2025 Patch Tuesday forecast: The CVE matrix appeared first on Help Net Security.
http://news.poseidon-us.com/TMtn4Y

How to reclaim control over your online shopping data

Online shopping is convenient, saves time, and everything is just a click away. But how often do we stop to think about what happens to the data we leave behind, or the risks that might come with it? Where shopping data goes Retailers often store purchase histories, addresses, and account details for years, sometimes longer, unless legal requirements or customer requests mandate deletion. They may also share customer information with third-party companies for marketing or … More → The post How to reclaim control over your online shopping data appeared first on Help Net Security.
http://news.poseidon-us.com/TMtn4M

File security risks rise as insiders, malware, and AI challenges converge

Breaches tied to file access are happening often, and the costs add up quickly. Many organizations have faced multiple file-related incidents over the last two years, with financial losses stretching into the millions. The fallout often includes stolen customer data, reduced productivity, and exposure of intellectual property. A new study from Ponemon Institute shows that data leakage from insiders is a huge threat. Both negligence and malicious intent drive this risk, leaving organizations exposed when … More → The post File security risks rise as insiders, malware, and AI challenges converge appeared first on Help Net Security.
http://news.poseidon-us.com/TMtn1d

Connected cars are smart, convenient, and open to cyberattacks

Consumers are concerned about vulnerabilities in their vehicles, which directly impacts purchasing behavior and brand loyalty, according to RunSafe Security. Vehicles now run on over 100 million lines of code, which is more than most fighter jets, but they often lack the cybersecurity measures needed to keep them safe. These innovations bring plenty of convenience, from over-the-air (OTA) updates to smartphone integration, but they also create new opportunities for cybercriminals to exploit. 65% of drivers … More → The post Connected cars are smart, convenient, and open to cyberattacks appeared first on Help Net Security.
http://news.poseidon-us.com/TMtjF6