433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco IOS XR ARP Broadcast Storm Denial of Service Vulnerability

A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.  This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities. A successful exploit could result in degraded device performance, loss of management connectivity, and complete unresponsiveness of the system, leading to a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-arp-storm-EjUU55yM This advisory is part of the September 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20340
http://news.poseidon-us.com/TN0LZr

BASE64 Over DNS, (Wed, Sep 10th)

On the Stormcast, Johannes talked about BASE64 and DNS used by a backdoor.
http://news.poseidon-us.com/TN0K2X

Coro 3.6 reduces operational burden for resource-constrained SMBs

Coro announced the latest version of its platform. Coro 3.6 leverages AI to transform complex security into easy-to-use security for resource-constrained SMBs. Today, SMBs require a solution to enhance their security posture. Coro’s unified platform ensures that everything works together across all security functions, easing the operational burden on lean IT teams and providing small businesses with advanced protection. Security threats generate overwhelming amounts of data across various security modules and tools that require time-consuming … More → The post Coro 3.6 reduces operational burden for resource-constrained SMBs appeared first on Help Net Security.
http://news.poseidon-us.com/TN0GLZ

Space Development Agency set to launch its first operational satellites

The initial 21 satellites will begin the process of knitting together what’s set to become a global “transport layer” for military communications. The post Space Development Agency set to launch its first operational satellites first appeared on Federal News Network.
http://news.poseidon-us.com/TN03Ql

Space Development Agency set to launch its first operational satellites

The initial 21 satellites will begin the process of knitting together what’s set to become a global “transport layer” for military communications. The post Space Development Agency set to launch its first operational satellites first appeared on Federal News Network.
http://news.poseidon-us.com/TN03NG

Space Development Agency set to launch its first operational satellites

The initial 21 satellites will begin the process of knitting together what’s set to become a global “transport layer” for military communications. The post Space Development Agency set to launch its first operational satellites first appeared on Federal News Network.
http://news.poseidon-us.com/TN03LS

Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday

On September 2025 Patch Tuesday, Microsoft has released patches for 80+ vulnerabilities in its various software products, but the good news is that none of them are actively exploited. Among the critical and important vulnerabilities patched by Microsoft this time around are: CVE-2025-54918, a remotely exploitable Windows NTLM elevation of privilege vulnerability. “The attack complexity is Low because an attacker does not require significant prior knowledge of the system and can achieve repeatable success with … More → The post Microsoft, Adobe, SAP deliver critical fixes for September 2025 Patch Tuesday appeared first on Help Net Security.
http://news.poseidon-us.com/TN02KY

Lookout’s AI-powered solution combats SMS phishing attacks

Lookout introduces Smishing AI, an AI-powered solution designed to protect enterprises from the growing threat of SMS phishing (smishing) attacks. SMS phishing, commonly called “smishing,” is a cyberattack where fraudsters send misleading text messages to trick people into giving up personal information. These messages often pretend to be trusted sources, like banks, delivery services, or government agencies, and may warn of unpaid bills, delivery issues, or fake prizes. The aim is to steal sensitive data, … More → The post Lookout’s AI-powered solution combats SMS phishing attacks appeared first on Help Net Security.
http://news.poseidon-us.com/TN01q3

How CIOs can steer legacy tech overhauls

When modernizing legacy IT systems, CIOs shouldn’t just keep an eye on risk. They should also connect changes to business goals.
http://news.poseidon-us.com/TN00qy

New NIST NCCoE Mobile Drivers Licenses Project Resources Now Available!

The NIST NCCoE is excited to announce and accept comments on three new draft publications under its Mobile Driver Licenses (mDL) Project. These releases include resources on mDL assurance, mDL data flows, and a privacy risk assessment. What are mDLs
http://news.poseidon-us.com/TMzymM