Macquarie University appoints interim AI chief
http://news.poseidon-us.com/TRhm4s
http://news.poseidon-us.com/TRhm4s
http://news.poseidon-us.com/TRhm4s
Britain pilots social media bans, time limits and curfews for children
http://news.poseidon-us.com/TRhm4d
Orica builds a conversational AI assistant for HR
http://news.poseidon-us.com/TRhlpX
Gov proposes disclosure delay for most serious cyberattacks
http://news.poseidon-us.com/TRhlXq
Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars
A Russian national has been sentenced to 24 months in prison after admitting he managed a botnet used to launch ransomware attacks against dozens of U.S. companies. The judge also imposed a $100,000 fine and ordered him to forfeit $1.6 million linked to the scheme. Court records show that from 2017 to 2021, Ilya Angelov, 40, of Tolyatti, Russia, who used the aliases “milan” and “okart,” co-managed a Russia-based cybercrime group tracked by the FBI … More → The post Botnet operator behind $14 million in ransomware extortion payments gets 24 months behind bars appeared first on Help Net Security.http://news.poseidon-us.com/TRhl1j
Thrift Savings Plan participation at an all-time high
http://news.poseidon-us.com/TRhg3f
Cisco IOS XE Software Denial of Service Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit this vulnerability by accessing the management CLI of the affected device as a low-privileged user and using the start maintenance command. A successful exploit could allow the attacker to put the device in maintenance mode, which shuts down interfaces, resulting in a denial of service (DoS) condition. In case of exploitation, a device administrator can connect to the CLI and use the stop maintenance command to restore operations. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq This advisory is part of the March 2026 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20110http://news.poseidon-us.com/TRhfJf
Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this vulnerability by conducting an on-path attack between the affected device and the Cisco Meraki Dashboard. A successful exploit could allow the attacker to view sensitive device configuration information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB This advisory is part of the March 2026 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20115http://news.poseidon-us.com/TRhfJc
Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by sending crafted packets to an affected device. A successful exploit could allow the attacker to arbitrarily inject log entries, manipulate the structure of log files, or obscure legitimate log events. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ This advisory is part of the March 2026 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2026-20113http://news.poseidon-us.com/TRhfJb