433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351

Realtek SDK SIP ALG Vulnerability: A Big Deal, but not much you can do about it. CVE 2022-27255, (Sun, Aug 14th)

On Friday, Octavio Gianatiempo & Octavio Galland released details about a vulnerability in Realtek's eCos SDK. The release came as part of their talk at Defcon. Realtek patched the vulnerability they spoke about in March. But this patch may not do you much good. The vulnerability affects Realtek's SDK. Various vendors use this SDK as part of the equipment that uses Realtek's RTL819x SoCs. Affected vendors need to release patched firmware to mitigate this vulnerability. Many affected vendors have not yet released updates.
http://news.poseidon-us.com/SWd2z7

Safe havens for cooperation

Whether networks with a high level of cooperation emerge in a community depends on how quickly individuals leave — for example, because they are exploited by others. Researchers investigated this problem by modeling a well-known cooperation game. They consider a spatial network, where players can relocate between different patches if they judge the local conditions to be unfavorable.
http://news.poseidon-us.com/SWd0B9

ColorTokens partners with Aligned Automation to provide end-to-end solutions for enterprise customers

ColorTokens has partnered with Aligned Automation, to offer solutions for the journey to digital transformation with the assurance of cybersecurity. This partnership stems from the need for companies to mitigate growing risks as cyberthreats continue to impact individual privacy and business security. Aligned Automation designs and implements end-to-end digital solutions across key functions, harnessing the power of data and digital technologies through the Nerve Center. As they empower businesses with digital processes, the partnership with … More → The post ColorTokens partners with Aligned Automation to provide end-to-end solutions for enterprise customers appeared first on Help Net Security.
http://news.poseidon-us.com/SWbF8J

Phishing HTML Attachment as Voicemail Audio Transcription, (Sat, Aug 13th)

I have been seeing this form of phishing in Microsoft Office 365 for several weeks. The email comes in as an attachment like this with a phone icon preceding it:
http://news.poseidon-us.com/SWZhZv

IRS hits $80 billion jackpot, now embarks on hiring surge to rebuild workforce

The IRS is getting its shot to rebuild its workforce and bring its IT into the 21st century, after more than a decade of belt-tightening.
http://news.poseidon-us.com/SWXk5m