433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351

Week in review: Public MS Word RCE PoC, API exploitation, Patch Tuesday forecast

Microsoft to boost protection against malicious OneNote documents Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document – a known high-risk phishing file type. Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). … More → The post Week in review: Public MS Word RCE PoC, API exploitation, Patch Tuesday forecast appeared first on Help Net Security.
http://news.poseidon-us.com/Skm2Vv

ThreatBlockr and Engaged Security Partners help users prioritize breach prevention

ThreatBlockr and Engaged Security Partners announced a partnership focusing on “left of boom” protection to bring enhanced breach prevention to customers. Engaged Security Partners uses ThreatBlockr’s platform for threat intelligence management and integration into the network. Together, Engaged Security Partners’ customers will benefit from blocking malicious traffic and reducing human error, turning employees into threat hunters and creating a strong first and last line of defense. “We have been seeking a partner who prioritizes breach … More → The post ThreatBlockr and Engaged Security Partners help users prioritize breach prevention appeared first on Help Net Security.
http://news.poseidon-us.com/SklKg8

Overview of a Mirai Payload Generator, (Sat, Mar 11th)

The Mirai[1] botnet is active for years. It was the first botnet targeting devices running Linux like camera recorders. Our first diary about it was in 2016![2]. Still today, my honeypot is hit by hundreds of Mirai requests every day! I found a Python script that generates a Mirai payload (SHA256:f56391e9645df1058847e28af6918c64ddc344d9f328b3dde9015213d5efdc7e[3]) and deploys networking services to serve it via FTP, HTTP, and TFTP. Nothing very fancy but it will give you a good idea about how Linux hosts are abused to deliver malicious payloads.
http://news.poseidon-us.com/Skjj0j

Avast One Platinum protects users against new and evolving threats

Avast launched Avast One Platinum, the new premium tier of the Cyber Safety service, Avast One. The new Platinum offering combines the full feature set from Avast One Family with identity monitoring and protection, identity theft resolution and reimbursement, and premium technical support, to give people more control and reassurance over their digital lives. “The new Avast One Platinum tier is a step-change improvement to the award-winning Avast One integrated solution,” said Leena Elias, CPO … More → The post Avast One Platinum protects users against new and evolving threats appeared first on Help Net Security.
http://news.poseidon-us.com/SkjPg6

Hotter than infinity: Light pulses can behave like an exotic gas

In our modern society huge amounts of data are transmitted every day, mainly as short optical pulses propagating through glass fibers. With the steadily increasing density of such optical signals, their interaction grows, which can lead to data loss. Physicists are now investigating how to control large numbers of optical pulses as precisely as possible to reduce the effect of such interactions. To this end they have monitored an ensemble of optical pulses as they propagated through an optical fiber and have found that it follows fixed rules — albeit mainly those of thermodynamics.
http://news.poseidon-us.com/SkhqXx

CISA funding to top $3 billion under Biden’s FY 2024 budget

President Biden released his FY 2024 budget proposal that seeks a bigger budget for the Cybersecurity and Infrastructure Security Agency (CISA) and greater cyber investigative capabilities for the FBI. The budget also calls for increasing the federal government’s IT modernization efforts, exploring cybersecurity efforts surrounding gender-based cybercrimes, expanding efforts to counter China’s problematic behaviors, and helping Ukraine better defend itself on the digital front. “The Budget continues to invest in cybersecurity programs recognizing that cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and democratic institutions, the privacy of our data and communications, and our national security,” a White House factsheet accompanying the budget states. “The recently signed National Cybersecurity Strategy details a comprehensive approach to better secure cyberspace and ensure the United States is in the strongest possible position to seize all the benefits and potential of our digital future.” To read this article in full, please click here
http://news.poseidon-us.com/SkgWqx