433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Why zero trust should be the foundation of your cybersecurity ecosystem

For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external cybercriminals, cyberterrorists, or rogue nation-states. But not anymore. Threats from within organizations – also known as “insider threats” – are increasing and cybersecurity practitioners are feeling the pain. Traditional perimeter defenses are not designed to prevent these attacks. They also struggle to keep external attackers out. Clever hackers … More → The post Why zero trust should be the foundation of your cybersecurity ecosystem appeared first on Help Net Security.
http://news.poseidon-us.com/SZ3BQj

ISC Stormcast For Tuesday, September 27th, 2022 https://isc.sans.edu/podcastdetail.html?id=8190, (Tue, Sep 27th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SZ361h

McDonough says VA needs to hire 45K nurses over next 3 years to keep up with attrition

The Department of Veterans Affairs is looking at a major, across-the-board hiring initiative as the agency looks to bring even more patients into its health care network.
http://news.poseidon-us.com/SZ2dgj

Long-time columnist Mike Causey dead at 82

Causey was a figure in the federal workforce and D.C. journalism worlds for more than 50 years.
http://news.poseidon-us.com/SZ2XMH

Zoho ManageEngine flaw is actively exploited, CISA warns

A remote code execution vulnerability in Zoho’s ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities last week, highlighting an immediate threat for organizations that haven’t yet patched their vulnerable deployments. The vulnerability, tracked as CVE-2022-3540, was privately reported to Zoho in June by a security researcher identified as Vinicius and was fixed later that same month. The researcher posted a more detailed writeup at the beginning of this month and, according to him, it’s a Java deserialization flaw inherited from an outdated version of Apache OFBiz, an open-source enterprise resource planning system, where it was patched in 2020 (CVE-2020-9496). This means that the Zoho ManageEngine products were vulnerable for two years due a failure to update a third-party component. To read this article in full, please click here
http://news.poseidon-us.com/SZ2X3f

Authomize expands REST API framework to provide in-depth visibility into the IAM permission models

Authomize has expanded its REST API framework that enables customers to easily build their own custom connectors to their cloud and homegrown applications and services in as little as a couple of hours. Authomize’s Software-as-a-Service (SaaS) solution enables organizations to automatically secure access privileges across their entire cloud stack, including IaaS, SaaS, and IAM solutions. Utilizing native connectors, REST APIs, SCIM connectors, and a file uploader, Authomize can ingest, normalize, and analyze identity and access … More → The post Authomize expands REST API framework to provide in-depth visibility into the IAM permission models appeared first on Help Net Security.
http://news.poseidon-us.com/SYztf9