433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

IT security budgets triple as businesses confront more cyberattacks

About half of all businesses suffered a breach or attack in 2022, versus 39% in 2020, according to specialty insurance provider Hiscox.
http://news.poseidon-us.com/SjXMzy

Cyber leaders applaud forthcoming updates to NIST cybersecurity framework

NIST is updating its Cybersecurity Framework for the first time in five years, and there’s a new focus on “governance” and other emerging cyber issues.
http://news.poseidon-us.com/SjXKjf

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk

The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That’s according to the 2023 State of Enterprise DFIR survey by Magnet Forensics, a developer of digital investigation solutions. The firm surveyed 492 DFIR professionals in North America and Europe, the Middle East, and Africa working in organizations in industries such as technology, manufacturing, government, telecommunications, and healthcare. Respondents described the current cybercrime landscape as one that is evolving beyond ransomware and taking a toll on their ability to investigate threats and incidents, Magnet Forensics said. To read this article in full, please click here
http://news.poseidon-us.com/SjWPzq

In-person exclusive with the Test & Evaluation director at the Transportation Security Laboratory in Atlantic City

Luggage and passenger screening is a complicated applied science. An idea has to be verified before it can be built into prototype equipment for testing and eventual production.
http://news.poseidon-us.com/SjTPp3

In-person exclusive with the Test & Evaluation director at the Transportation Security Laboratory in Atlantic City

Luggage and passenger screening is a complicated applied science. An idea has to be verified before it can be built into prototype equipment for testing and eventual production.
http://news.poseidon-us.com/SjTP44

Descope launches authentication and user management SaaS

Descope has launched its first product, a platform designed to help developers add authentication and user management capabilities to their business-to-consumer and business-to-business applications. The software as a service is available now. Developers can access the product free of charge for up to 7,500 monthly active uses for B2C applications and up to 50 tenants for B2B apps. Beyond these there is a US$0.10 per user and US$20 per tenant. The Descope platform aims to make it easier to build passwordless authentication, according to the company. Descope says the new product allows organizations to: * Create authentication flows and user-facing screens using a visual workflow designer. * Seamlessly add a variety of passwordless authentication methods to apps such as magic links, biometrics and passkeys (based on WebAuthn), authenticator apps, and social logins. * Validate, merge, and manage identities across the user journey. * Get business apps enterprise-ready with single sign-on (SSO), access control, tenant management, and automated user provisioning. * Enhance user protection by easily enabling multi-factor authentication (MFA), step-up, or biometric authentication within applications. Descope’s platform offers different integration options: a no-code workflow builder and screen editor, a set of client and backend SDKs, and comprehensive REST APIs. To read this article in full, please click here
http://news.poseidon-us.com/SjSGTm

Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)

The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823). The three zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823) CVE-2023-21715 a vulnerability that allows attackers to bypass a Microsoft Publisher security feature: Office macro policies used to block untrusted or malicious files. “The attack itself is carried out locally by a user with authentication to the targeted system. An authenticated attacker could exploit … More → The post Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823) appeared first on Help Net Security.
http://news.poseidon-us.com/SjQRww