433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Trump names his planned nominee for OPM director

Scott Kupor, currently a managing partner at Andreessen Horowitz, would be the new lead on federal workforce issues in Donald Trump’s second term. The post Trump names his planned nominee for OPM director first appeared on Federal News Network.
http://news.poseidon-us.com/TGyq9D

Trump names his planned nominee for OPM director

Scott Kupor, currently a managing partner at Andreessen Horowitz, would be the new lead on federal workforce issues in Donald Trump’s second term. The post Trump names his planned nominee for OPM director first appeared on Federal News Network.
http://news.poseidon-us.com/TGyq7c

US charges suspected LockBit ransomware developer

The US Department of Justice has unsealed charges against Rostislav Panev, 51, a dual Russian and Israeli national, suspected of being a developer for the LockBit ransomware group. Panev was arrested in August 2024 and is currently in custody in Israel pending extradition. The charges “According to the superseding complaint, documents filed in this and related cases, and statements made in court, Panev acted as a developer of the LockBit ransomware group from its inception … More → The post US charges suspected LockBit ransomware developer appeared first on Help Net Security.
http://news.poseidon-us.com/TGygNb

NFT scammers charged for stealing $22 million through “rug pulls”

A six-count indictment was unsealed on Friday in Los Angeles charging two California men with defrauding investors of more than $22 million in cryptocurrency through a series of digital asset project “rug pulls,” a type of fraud scheme in which the creator of a nonfungible token (NFT) or other digital asset project solicits funds from investors for the project and then abruptly abandons the project and fraudulently retains investors’ funds. Both men were arrested on … More → The post NFT scammers charged for stealing $22 million through “rug pulls” appeared first on Help Net Security.
http://news.poseidon-us.com/TGyYcb

Modiloader From Obfuscated Batch File, (Mon, Dec 23rd)

My last investigation is a file called “Albertsons_payment.GZ”, received via email. The file looks like an archive but is identified as a picture by TrID:
http://news.poseidon-us.com/TGyDd9

Evilginx: Open-source man-in-the-middle attack framework

Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively take over accounts, bypassing the need for credentials or even MFA authorization. This discovery led me to consider the possibility of executing such an attack remotely by proxying HTTP traffic between … More → The post Evilginx: Open-source man-in-the-middle attack framework appeared first on Help Net Security.
http://news.poseidon-us.com/TGyBkk

Maximizing the impact of cybercrime intelligence on business resilience

In this Help Net Security interview, Jason Passwaters, CEO of Intel 471, discusses how integrating cybercrime intelligence into an organization’s security strategy enables proactive threat management and how measuring intelligence efforts can help mitigate risks before they escalate. Passwaters also shares best practices for building a robust intelligence program, focusing on data sources, adversary identification, and collaboration between the private sector and law enforcement. The post Maximizing the impact of cybercrime intelligence on business resilience appeared first on Help Net Security.
http://news.poseidon-us.com/TGyBkQ

How companies can fight ransomware impersonations

As these threat actors become increasingly strategic and harder to detect, organizations must take all measures to protect their data, including cybersecurity training. In this Help Net Security video, Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security, discusses how companies can defend themselves against threats and be prepared for future ones. The post How companies can fight ransomware impersonations appeared first on Help Net Security.
http://news.poseidon-us.com/TGy7VP

What open source means for cybersecurity

With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to threats. In this article, you will find excerpts from 2024 open-source security reports that can help your organization strengthen its software security practices. 70% of open-source components are poorly or no longer maintained Regardless of geographic origin, the average mid-size application has several disturbing trends leading to critical vulnerabilities. Open-source contributes 2 to 9 times … More → The post What open source means for cybersecurity appeared first on Help Net Security.
http://news.poseidon-us.com/TGy7TX