433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software

The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a crafted SNMP packet to an affected system via IPv4 or IPv6. Only traffic directed to an affected system can be used to exploit these vulnerabilities. The vulnerabilities are due to a buffer overflow condition in the SNMP subsystem of the affected software. The vulnerabilities affect all versions of SNMP – Versions 1, 2c, and 3. To exploit these vulnerabilities via SNMP Version 2c or earlier, the attacker must know the SNMP read-only community string for the affected system. To exploit these vulnerabilities via SNMP Version 3, the attacker must have user credentials for the affected system. A successful exploit could allow the attacker to execute arbitrary code and obtain full control of the affected system or cause the affected system to reload. Customers are advised to apply the workaround as contained in the Workarounds section below. Fixed software information is available via the Cisco IOS Software Checker. All devices that have enabled SNMP and have not explicitly excluded the affected MIBs or OIDs should be considered vulnerable. Cisco has released software updates that address these vulnerabilities. There are workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp Security Impact Rating: High CVE: CVE-2017-6736,CVE-2017-6737,CVE-2017-6738,CVE-2017-6739,CVE-2017-6740,CVE-2017-6741,CVE-2017-6742,CVE-2017-6743,CVE-2017-6744
http://news.poseidon-us.com/TMC6hg

10 Free Productivity Templates

Improving productivity takes more than just good intentions. You need a system in place to organize tasks, prioritize responsibilities and manage time effectively. That’s where productivity templates come in. These tools provide structure, making it easier to focus on what… Read More The post 10 Free Productivity Templates appeared first on ProjectManager.
http://news.poseidon-us.com/TMC2Vl

NIST Consortium and Draft Guidelines Aim to Improve Security in Software Development

NIST is soliciting comments from the public on the draft until Sept. 12, and the agency is planning a virtual event to showcase the project and gather feedback on Aug. 27.
http://news.poseidon-us.com/TMBxhM

C-suite leaders attribute revenue, software development boosts to AI

Executives credit increased AI use over the past year for bringing an estimated 44% bump in revenue, according to a GitLab report published Tuesday. 
http://news.poseidon-us.com/TMBn0K

OSINT Unveiled: Distinguished coices shaping the future of OSINT – Part 1

Explore how AI-powered OSINT is reshaping the future of national security—and what tools agencies need to keep up with the pace of global threats. The post OSINT Unveiled: Distinguished coices shaping the future of OSINT – Part 1 first appeared on Federal News Network.
http://news.poseidon-us.com/TMBkwT

OSINT Unveiled: Distinguished coices shaping the future of OSINT – Part 1

Explore how AI-powered OSINT is reshaping the future of national security—and what tools agencies need to keep up with the pace of global threats. The post OSINT Unveiled: Distinguished coices shaping the future of OSINT – Part 1 first appeared on Federal News Network.
http://news.poseidon-us.com/TMBkj3

Artemis: Open-source modular vulnerability scanner

Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most important feature of the tool is report generation. Besides scanning, it is capable to generate a concise e-mail with vulnerability information and as few false positives as possible. We automatically send these e-mails to scanned entities. We don’t know about any other … More → The post Artemis: Open-source modular vulnerability scanner appeared first on Help Net Security.
http://news.poseidon-us.com/TMBZD4

The food supply chain has a cybersecurity problem

It’s unsettling to think that our food supply chain could be targeted or that the safety of our food could be compromised. But this is exactly the challenge the agri-food sector is dealing with right now. Despite agriculture’s importance, cybersecurity in this field doesn’t get the attention it deserves. Farms, processing plants, and distribution systems are going digital, and that’s opening the door to cyber attacks. A big problem is that a lot of the … More → The post The food supply chain has a cybersecurity problem appeared first on Help Net Security.
http://news.poseidon-us.com/TMBZBz