433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351

3 ways agencies can build on CISA’s new secure-by-design, secure-by-default principles

CISA’s new Secure-by-Design, Secure-by-Default principles offer a road map to guide technology providers to a more secure future. By addressing integration, automation and collaboration, agencies can improve the odds our shared technology ecosystem reaches that destination.
http://news.poseidon-us.com/SvmVdH

MacOS malware has a new trick up its sleeve

A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. Mac malware delivered through Google ads The malware, which was first advertised in April 2023, is an infostealer that can grab passwords from browsers, Apple’s keychain, files, crypto wallets, and more. “Criminals who buy the toolkit have been distributing it mostly via cracked software downloads but are also impersonating … More → The post MacOS malware has a new trick up its sleeve appeared first on Help Net Security.
http://news.poseidon-us.com/SvlzQw

Pynt introduces API security platform and raises $6 million

Pynt released its autopilot platform for API security used by developers and security experts, as well as $6 million in Seed funding led by Joule Ventures with the participation of Dallas VC and Honeystone VC. The use of APIs is exploding, with 83% of internet traffic today related to API services. These software interfaces enable seamless integration, propelling businesses toward success. But reliance on them has created myriads of critical vulnerabilities. API security breaches can … More → The post Pynt introduces API security platform and raises $6 million appeared first on Help Net Security.
http://news.poseidon-us.com/SvlzPT

Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform privilege escalation attacks to read or modify arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid Administrator-level privileges on the affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address one of these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw Security Impact Rating: Medium CVE: CVE-2023-20193,CVE-2023-20194
http://news.poseidon-us.com/SvjnrW

Taking advantage of data and compute at the edge

Explore the benefits, data security implications and strategies for managing complex edge systems. Our new ebook highlights how NOAA and VA aim to better serve users everywhere and shares real-world best practices from Red Hat experts.
http://news.poseidon-us.com/Svj8xp

Intuit launches AI-fueled financial assistant for consumers, small businesses

The tool assists Intuit tax advisors, providing personalized recommendations and helps customers contextualize finances through a conversational interface.
http://news.poseidon-us.com/Svj8Lw

Pioneering beyond-silicon technology via residue-free field effect transistors

Beyond-silicon technology demands ultra-high-performance field-effect transistors (FETs). Transition metal dichalcogenides (TMDs) provide an ideal material platform, but the device performances such as contact resistance, on/off ratio, and mobility are often limited by the presence of interfacial residues caused by transfer procedures. We show an ideal residue-free transfer approach using polypropylene carbonate (PPC) with a negligible residue for monolayer MoS2. By incorporating bismuth semimetal contact with atomically clean monolayer MoS2-FET on h-BN substrate, we obtain an ultralow Ohmic contact resistance approaching the quantum limit and a record-high on/off ratio of ~1011 at 15 K. Such an ultraclean fabrication approach could be the ideal platform for high-performance electrical devices using large-area semiconducting TMDs.
http://news.poseidon-us.com/SvgzMj

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.
http://news.poseidon-us.com/Svgwr6