433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-inf-disc-qGgsbxAm Security Impact Rating: Medium CVE: CVE-2025-20329
http://news.poseidon-us.com/TNhcTq

Harmonic Security targets AI data risks with Model Context Protocol Gateway

Harmonic Security announced Model Context Protocol (MCP) Gateway, a developer-friendly, locally installed gateway that gives security teams complete visibility and control over their organization’s agentic AI ecosystem. The solution intercepts all MCP traffic enabling security teams to discover what clients and servers are in use, enforce granular policies to block risky actions, and apply Harmonic’s sensitive data models to prevent the exfiltration of critical intellectual property and other sensitive information. Without visibility or controls, sensitive … More → The post Harmonic Security targets AI data risks with Model Context Protocol Gateway appeared first on Help Net Security.
http://news.poseidon-us.com/TNhRPM

Blumira rolls out SOC Auto-Focus to streamline threat investigation

Blumira launched SOC Auto-Focus, an AI-powered security investigation tool, alongside enhancements to its Managed Service Provider (MSP) partner program. SOC Auto-Focus is designed to help IT teams and MSPs work smarter, reduce alert fatigue and accelerate incident response through contextual intelligence and expert guidance. SOC Auto-Focus is a fundamental shift for how under-resourced IT administrators and security teams approach threat investigation. Rather than replacing human decision-making, the solution enhances analyst capabilities by providing context, prioritization … More → The post Blumira rolls out SOC Auto-Focus to streamline threat investigation appeared first on Help Net Security.
http://news.poseidon-us.com/TNhRNF

Microsoft patches three zero-days actively exploited by attackers

On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-24990 is in the third-party driver (ltmdm64.sys) for the software-based Agere Modem, which is used for dial-up internet access and sending/receiving faxes. The vulnerable driver was, until now, shipped natively with Windows and the vulnerability, which allows attackers to gain administrator privileges, has been exploited by … More → The post Microsoft patches three zero-days actively exploited by attackers appeared first on Help Net Security.
http://news.poseidon-us.com/TNhFfT

Aura enhancements simplify opt-outs and strengthen online privacy

Aura new tools to help consumers reclaim control over their personal information online. The new capabilities automate some of the most time-consuming privacy tasks, including removing personal details from Google search results, opting out of data broker sites, and identifying forgotten or active accounts that may be leaking sensitive data. “America has a uniquely modern problem: personal information is everywhere online, scraped, sold and re-sold in an endless cycle,” said Hari Ravichandran, CEO of Aura. … More → The post Aura enhancements simplify opt-outs and strengthen online privacy appeared first on Help Net Security.
http://news.poseidon-us.com/TNhB14

BigID introduces MCP Server to unlock AI-native access to enterprise data

BigID announced the launch of its Model Context Protocol (MCP) server, designed to unlock AI-native access to enterprise data context across the broadest range of data sources — structured, unstructured, on-prem, cloud, business applications, and AI frameworks. Built on BigID’s discovery and classification foundation, the MCP Server gives AI agents secure, governed, and contextual visibility into enterprise metadata — enabling AI to understand, reason, and act on data safely. With this new capability, organizations can … More → The post BigID introduces MCP Server to unlock AI-native access to enterprise data appeared first on Help Net Security.
http://news.poseidon-us.com/TNhB10

BarracudaONE adds AI-powered tools to help MSPs simplify security

Barracuda Networks unveiled enhancements to its AI-powered BarracudaONE platform. New capabilities, including bulk remediation for email threats, PSA integrations for automated billing and invoicing, and streamlined account management, are purpose-built for managed service providers (MSPs), helping them accelerate security across multi-tenant environments, simplify operations, and drive scalable growth. “These new capabilities underscore Barracuda’s unwavering commitment to helping MSPs scale securely, respond to threats faster and operate with greater agility,” said Michelle Hodges, SVP of global … More → The post BarracudaONE adds AI-powered tools to help MSPs simplify security appeared first on Help Net Security.
http://news.poseidon-us.com/TNhB0F

New Cranium AI features enhance compliance, security, and agentic AI scalability

Cranium AI released several new agentic AI capabilities and featured releases to its AI Governance and Security Platform. These new products and capabilities are designed to enable enterprises to scale faster with AI agents, streamline compliance and fortify AI systems against real-world vulnerabilities. The key new products and capabilities released today include: Cranium AgentSensor – a capability that provides organizations visibility into the agentic layer of their applications. It automatically detects AI agents, the tools … More → The post New Cranium AI features enhance compliance, security, and agentic AI scalability appeared first on Help Net Security.
http://news.poseidon-us.com/TNh6nQ

Netcraft launches Phone Scam Disruption to stop brand impersonation calls and texts

Netcraft unveiled a new solution to help protect organizations’ customers from scam texts and phone calls that impersonate their brand. Netcraft’s Phone Scam Disruption automates the detection and takedown of fraudulent phone numbers used in impersonation scam campaigns, shutting down threats before they spread. Netcraft’s approach has resulted in a 99.8% success rate across more than 50,000 takedowns with several pilot customers. A common tactic involves threat actors repeatedly posting fake customer service phone numbers … More → The post Netcraft launches Phone Scam Disruption to stop brand impersonation calls and texts appeared first on Help Net Security.
http://news.poseidon-us.com/TNh6nP