Blog

ForensicScope Regula 4125 detects counterfeit documents

Regula has launched the portable and autonomous ForensicScope Regula 4125. The new device enables ID verification in any place and environment: at border and inland checkpoints, at airports, in transport, etc. Although the Regula 4125 is only smartphone-sized, it is capable of performing a wide range of document checks typical for professional forensic equipment. The new Regula 4125 is particularly effective at detecting morphing in photos in identity documents. Face morphing is an insidious threat … More → The post ForensicScope Regula 4125 detects counterfeit documents appeared first on Help Net Security.
http://news.poseidon-us.com/THd5sQ

Hiya AI Phone blocks spam and irrelevant calls

Hiya has introduced Hiya AI Phone, an AI call assistant mobile app. Designed for busy professionals, Hiya AI Phone acts like a personal assistant, saving time by screening unwanted phone calls, safeguarding against phone scams, and taking notes during calls to ensure seamless follow-up. Managing phone calls has become increasingly challenging, with professionals losing valuable time each month to robocalls, scams, and unknown numbers. According to data from Hiya, on average, Americans spend 40 minutes … More → The post Hiya AI Phone blocks spam and irrelevant calls appeared first on Help Net Security.
http://news.poseidon-us.com/THd5r4

Evolving tech talent woes call for new ‘cultural’ playbook

As leaders confront leaner budgets, creating a strong culture can be a key talent retention tool, Grant Thornton’s Andrea Schulz said.
http://news.poseidon-us.com/THd3hh

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)

Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in CoreMedia, a framework used by Apple devices for the processing of media data. The vulnerability can be triggered by a malicious application and may allow attackers to elevate privileges on targeted devices. “Apple is aware of a report that this issue may have been actively exploited … More → The post Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) appeared first on Help Net Security.
http://news.poseidon-us.com/THd2fx

Compliance Scorecard Version 7 simplifies compliance management for MSPs

Compliance Scorecard released Compliance Scorecard Version 7. This latest release is designed to seamlessly integrate compliance into cybersecurity offerings, delivering new features that simplify and enhance compliance management for MSPs and their clients. Compliance Scorecard Version 7 builds on its reputation for providing specialized tools for privacy compliance and data protection. These enhancements complement existing features—such as policy management, compliance assessments, and customizable reporting—enabling MSPs to provide comprehensive compliance solutions. The platform’s new capabilities allow … More → The post Compliance Scorecard Version 7 simplifies compliance management for MSPs appeared first on Help Net Security.
http://news.poseidon-us.com/THcwhn

Fileless Python InfoStealer Targeting Exodus, (Tue, Jan 28th)

Exodus is a well-known crypto wallet software[1] and, when you are popular, there are chances that attackers will target you! I already wrote a diary related to this application[2]. Yesterday, I found a new one that behaves differently. My previous diary described a Python script that will patch the original Exodus software. Today, it&#x27s a real “info stealer”.
http://news.poseidon-us.com/THcrYg

BloodyAD: Open-source Active Directory privilege escalation framework

BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments. Features “I created this tool because I do a lot of internal testing on Active Directory infrastructures and at the time in 2021 there was no tool on Linux that could easily do the AD privesc shown by Bloodhound. The easiest was using Powersploit, which is … More → The post BloodyAD: Open-source Active Directory privilege escalation framework appeared first on Help Net Security.
http://news.poseidon-us.com/THclCt

74% of CISOs are increasing crisis simulation budgets

In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, 23andMe, Transport for London, and Cencora, CISOs are reassessing their organisation’s readiness to manage a potential “chaos” of a full-scale cyber crisis, according to Hack The Box. Many CISOs across the UK and US are concerned about their organization’s ability to handle a cyber crisis. This is owing to several reasons – the rising volume of cyber incidents (31%), lack of incident response planning … More → The post 74% of CISOs are increasing crisis simulation budgets appeared first on Help Net Security.
http://news.poseidon-us.com/THclBv

Cybersecurity jobs available right now: January 28, 2025

Application Security Engineer Bumble | United Kingdom | Hybrid – View job details As an Application Security Engineer, you will design and implement security testing tools within CI/CD pipelines to detect vulnerabilities early without impacting development speed. Conduct risk assessments and threat modelling exercises to identify potential vulnerabilities and prioritise security measures based on impact. Identify and prioritise vulnerabilities, driving remediation efforts and offering mitigation strategies to engineering teams. CISO Global-e | Israel | On-site … More → The post Cybersecurity jobs available right now: January 28, 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/THcj2K

Transforming longevity research: AI paves the way for personalized treatments in aging science

Artificial Intelligence (AI) has the potential to transform aging research and help people live healthier, longer lives.
http://news.poseidon-us.com/THcgmr