433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Financial reporting rules boost trust — but small firms still face steep compliance costs

“Auditor attestation does involve a significant cost increase for firms,” said Michael Clements. The post Financial reporting rules boost trust — but small firms still face steep compliance costs first appeared on Federal News Network.
http://news.poseidon-us.com/TMkDRT

Financial reporting rules boost trust — but small firms still face steep compliance costs

“Auditor attestation does involve a significant cost increase for firms,” said Michael Clements. The post Financial reporting rules boost trust — but small firms still face steep compliance costs first appeared on Federal News Network.
http://news.poseidon-us.com/TMkDP9

Veterans Affairs says it has guaranteed 29 million home loans for service members

More than 4 million service members and veterans have active home loans guaranteed by the VA. The post Veterans Affairs says it has guaranteed 29 million home loans for service members first appeared on Federal News Network.
http://news.poseidon-us.com/TMkBj9

Veterans Affairs says it has guaranteed 29 million home loans for service members

More than 4 million service members and veterans have active home loans guaranteed by the VA. The post Veterans Affairs says it has guaranteed 29 million home loans for service members first appeared on Federal News Network.
http://news.poseidon-us.com/TMkBfJ

Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius

A threat group Google tracks as UNC6395 has pilfered troves of data from Salesforce corporate instances, in search of credentials that can be used to compromise those organizations’ environments. “[Google Threat Intelligence Group] observed UNC6395 targeting sensitive credentials such as Amazon Web Services (AWS) access keys (AKIA), passwords, and Snowflake-related access tokens,” the company’s incident responders shared. How did UNC6395 access Salesforce instances? Salesforce is a cloud-based customer relationship management platform. To access the targeted … More → The post Hundreds of Salesforce customer orgs hit in clever attack with potentially huge blast radius appeared first on Help Net Security.
http://news.poseidon-us.com/TMk72p

Free Project Proposal Template for Google Docs

A project proposal template for Google Docs is a document designed to help teams and individuals organize, structure and present project ideas clearly and professionally. It usually includes sections such as problem statement, proposed solution, project scope, timeline, budget and… Read More The post Free Project Proposal Template for Google Docs appeared first on ProjectManager.
http://news.poseidon-us.com/TMk50g

Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20241
http://news.poseidon-us.com/TMk1Qf

Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious data into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must be a member of the Administrator or AAA Administrator role. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-xss-Ey6XhyPS This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20296
http://news.poseidon-us.com/TMk1Qb

Cisco Integrated Management Controller Virtual Keyboard Video Monitor Open Redirect Vulnerability

A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to redirect a user to a malicious website. This vulnerability is due to insufficient verification of vKVM endpoints. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious webpage and potentially capture user credentials. Note: The affected vKVM client is also included in Cisco UCS Manager. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-vkvmorv-CnKrV7HK Security Impact Rating: High CVE: CVE-2025-20317
http://news.poseidon-us.com/TMk1QY