433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Scheduler, as zero-days earlier this year. “Chaining together two zero-day vulnerabilities armed RomCom with an exploit that requires no user interaction,” ESET researchers said. The campaign leveraging the zero-click exploit CVE-2024-9680 allowed the attackers to execute code in the restricted context of the browser and CVE-2024-49039 allowed it … More → The post RomCom hackers chained Firefox and Windows zero-days to deliver backdoor appeared first on Help Net Security.
http://news.poseidon-us.com/TGPJLp

Bitwarden enhances inline autofill features to simplify account creation

Bitwarden further strengthened inline autofill capabilities within its browser extension. Users can easily generate and autofill strong, unique passwords for new accounts directly from the inline autofill menu. This update eliminates the need for manual password creation, making account management more efficient and intuitive. Integrating secure account creation directly into the autofill menu enables users to complete the process with just one click, enhancing functionality and convenience. Streamlining account creation and security The latest update … More → The post Bitwarden enhances inline autofill features to simplify account creation appeared first on Help Net Security.
http://news.poseidon-us.com/TGP9v3

CampusGuard Central empowers organizations to manage PCI DSS compliance

CampusGuard announced CampusGuard Central, its dynamic customer compliance portal. CampusGuard Central empowers organizations to manage PCI DSS compliance across their enterprise with a single, user-friendly tool. Central’s latest release includes the following enhancements: Updated user interface: Hide or expand the left navigation bar Collapsible group headers on the dashboard Expand the view to full screen Resize and/or filter data tables Full support for PCI DSS v4.0 Customers can define an unlimited number of Custom Fields … More → The post CampusGuard Central empowers organizations to manage PCI DSS compliance appeared first on Help Net Security.
http://news.poseidon-us.com/TGP9sV

How to recognize employment fraud before it becomes a security issue

The combination of remote work, the latest technologies, and never physically meeting your employees has made it very easy for job applicants to mask their true identities from their employer and commit employment fraud. Motivations for this type of fraud vary, so it’s essential to start by quickly reviewing the key forms that employment fraud can take: Nation-state or criminal organization fraud, where employees infiltrate an organization to gain access to systems, data, or payroll … More → The post How to recognize employment fraud before it becomes a security issue appeared first on Help Net Security.
http://news.poseidon-us.com/TGP7QY

Practical strategies to build an inclusive culture in cybersecurity

In this Help Net Security interview, Alona Geckler, Chief of Staff, SVP of Business Operations at Acronis, shares her insights on the diversity environment in the cybersecurity and IT industries. She discusses the progress made over the past two decades, initiatives to foster inclusivity, and the remaining challenges. Geckler addresses unconscious bias and barriers to career advancement, offering practical strategies for organizations to foster more inclusive environments. How has the industry evolved in terms of … More → The post Practical strategies to build an inclusive culture in cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TGP3jS

Domain security posture of Forbes Global 2000 companies

In this Help Net Security video, Vincent D’Angelo, Global Director of Corporate Development and Strategic Alliances with CSC, analyzes the domain security of the Forbes Global 2000. CSC’s 2024 Domain Security Report analyzes the highest and lowest-performing industries based on the adoption of domain security features like registry lock, CAA records, DNS redundancy, type of registrar, DNSSEC, SPF, DKIM, and DMARC. The top five highest-performing industries were Business Services and Supplies, IT Software and Services, … More → The post Domain security posture of Forbes Global 2000 companies appeared first on Help Net Security.
http://news.poseidon-us.com/TGP2H3

Cybersecurity jobs available right now: November 26, 2024

Application Security Engineer Agoda | UAE | Hybrid – View job details As an Application Security Engineer, you will develop and design application-level security controls and standards. Perform application security design reviews against new products and services. Track and prioritize all security issues. Build internal security tools that help fix security problems at scale. Perform code review and drive remediation of discovered issues. Enable automated security testing at scale to measure vulnerability, and report on … More → The post Cybersecurity jobs available right now: November 26, 2024 appeared first on Help Net Security.
http://news.poseidon-us.com/TGP2GN

ISC Stormcast For Tuesday, November 26th, 2024 https://isc.sans.edu/podcastdetail/9232, (Tue, Nov 26th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/TGP0Z3

Managing forests with smart technologies

Deforestation has remained a significant issue globally, with primary forests contributing to 16 per cent of the total tree cover loss in the last two decades, driven by climate change and intensive human activity. This threatens natural resources, biodiversity, and people’s quality of life. To protect forests, scientists have developed Forest 4.0, an intelligent forest data processing model integrating blockchain, Internet of Things (IoT), and Artificial Intelligence (AI) technologies. The system enables real-time monitoring of forest conditions, sustainable resource accounting, and a more transparent forest governance model.
http://news.poseidon-us.com/TGNtYy