Poseidon

NIST Finalizes ‘Lightweight Cryptography’ Standard to Protect Small Devices

Aug 13, 2025

Four related algorithms are now ready for use to protect data created and transmitted by the Internet of Things and other electronics.
http://news.poseidon-us.com/TMSnxf

Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)

Aug 13, 2025

For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as part of a BadSuccessor attack. The vulnerability, discovered by Akamai researcher Yuval Gordon, exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025 and can be used to compromise any … More → The post Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779) appeared first on Help Net Security.
http://news.poseidon-us.com/TMSnkB

Tiny “talking” robots form shape-shifting swarms that heal themselves

Aug 13, 2025

Scientists have designed swarms of microscopic robots that communicate and coordinate using sound waves, much like bees or birds. These self-organizing micromachines can adapt to their surroundings, reform if damaged, and potentially undertake complex tasks such as cleaning polluted areas, delivering targeted medical treatments, or exploring hazardous environments.
http://news.poseidon-us.com/TMSl1f

Federal appeals court gives DOGE access to sensitive data at several agencies

Aug 13, 2025

The U.S. Court of Appeals for the Fourth Circuit overturned a lower court’s ruling that barred DOGE from accessing records at several agencies. The post Federal appeals court gives DOGE access to sensitive data at several agencies first appeared on Federal News Network.
http://news.poseidon-us.com/TMSkzv

Federal appeals court gives DOGE access to sensitive data at several agencies

Aug 13, 2025

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Aug 13, 2025

Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by organizations to collect, correlate and analyze logs, events, and alerts from across an organization’s IT and security infrastructure, to help detect threats and investigate incidents. CVE-2025-25256 is caused by improper neutralization of special elements and may allow unauthenticated attackers to … More → The post Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) appeared first on Help Net Security.
http://news.poseidon-us.com/TMSdQL

CVE-2017-11882 Will Never Die, (Wed, Aug 13th)

Aug 13, 2025

One of the key messages broadcasted by security professionals is: “Patch, patch and patch again!”. But they are nasty vulnerabilities that remain exploited by attackers even if they are pretty old. %%cve:2017-11882%% is one of them: this remote code execution affects Microsoft Office and, more precisely, the good old “Equation Editor”. This tool was even killed by Microsoft due to numerous security issues[1]. But it still remains used by attackers to spread modern malware.
http://news.poseidon-us.com/TMSTw7

AWS CISO explains how cloud-native security scales with your business

Aug 13, 2025

In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes that scale security. Herzog also explains how AI helps automate threat detection and vulnerability management. What does “cloud-native security” mean? Cloud-native security refers to both security controls that work the same way the cloud does and … More → The post AWS CISO explains how cloud-native security scales with your business appeared first on Help Net Security.
http://news.poseidon-us.com/TMSNv7

Product showcase: Apricorn Aegis NVX, a high-security, portable SSD

Aug 13, 2025

The Apricorn Aegis NVX is a hardware-based 256-Bit AES XTS external SSD drive with integrated USB-C cable. Its storage capacities range from 500GB to 2TB. The device is OS free and cross-platform compatible. Design and build The drive comes with a compact carry case, a USB-C to USB-A adapter, and a quick start guide. It is enclosed in aircraft-grade aluminum alloy and sealed with tamper-resistant, tamper-evident uni-directional breakaway security fasteners that are driven and cemented … More → The post Product showcase: Apricorn Aegis NVX, a high-security, portable SSD appeared first on Help Net Security.
http://news.poseidon-us.com/TMSNv1

How to build and grow a scalable vCISO practice as an MSP

Aug 13, 2025

The cybersecurity needs of small and midsize businesses have reached a critical point. Compliance mandates, increasing ransomware attacks, and cyber insurance requirements are driving demand for expert guidance. Yet, hiring a full-time Chief Information Security Officer (CISO) remains out of reach for many. The growing demand for strategic security leadership – without the cost of a full-time hire- has created a valuable opportunity for MSPs and MSSPs to offer virtual CISO (vCISO) services. In fact, … More → The post How to build and grow a scalable vCISO practice as an MSP appeared first on Help Net Security.
http://news.poseidon-us.com/TMSNqy