433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Overview of a Mirai Payload Generator, (Sat, Mar 11th)

The Mirai[1] botnet is active for years. It was the first botnet targeting devices running Linux like camera recorders. Our first diary about it was in 2016![2]. Still today, my honeypot is hit by hundreds of Mirai requests every day! I found a Python script that generates a Mirai payload (SHA256:f56391e9645df1058847e28af6918c64ddc344d9f328b3dde9015213d5efdc7e[3]) and deploys networking services to serve it via FTP, HTTP, and TFTP. Nothing very fancy but it will give you a good idea about how Linux hosts are abused to deliver malicious payloads.
http://news.poseidon-us.com/Skjj0j

Avast One Platinum protects users against new and evolving threats

Avast launched Avast One Platinum, the new premium tier of the Cyber Safety service, Avast One. The new Platinum offering combines the full feature set from Avast One Family with identity monitoring and protection, identity theft resolution and reimbursement, and premium technical support, to give people more control and reassurance over their digital lives. “The new Avast One Platinum tier is a step-change improvement to the award-winning Avast One integrated solution,” said Leena Elias, CPO … More → The post Avast One Platinum protects users against new and evolving threats appeared first on Help Net Security.
http://news.poseidon-us.com/SkjPg6

Hotter than infinity: Light pulses can behave like an exotic gas

In our modern society huge amounts of data are transmitted every day, mainly as short optical pulses propagating through glass fibers. With the steadily increasing density of such optical signals, their interaction grows, which can lead to data loss. Physicists are now investigating how to control large numbers of optical pulses as precisely as possible to reduce the effect of such interactions. To this end they have monitored an ensemble of optical pulses as they propagated through an optical fiber and have found that it follows fixed rules — albeit mainly those of thermodynamics.
http://news.poseidon-us.com/SkhqXx

CISA funding to top $3 billion under Biden’s FY 2024 budget

President Biden released his FY 2024 budget proposal that seeks a bigger budget for the Cybersecurity and Infrastructure Security Agency (CISA) and greater cyber investigative capabilities for the FBI. The budget also calls for increasing the federal government’s IT modernization efforts, exploring cybersecurity efforts surrounding gender-based cybercrimes, expanding efforts to counter China’s problematic behaviors, and helping Ukraine better defend itself on the digital front. “The Budget continues to invest in cybersecurity programs recognizing that cybersecurity is essential to the basic functioning of our economy, the operation of our critical infrastructure, the strength of our democracy and democratic institutions, the privacy of our data and communications, and our national security,” a White House factsheet accompanying the budget states. “The recently signed National Cybersecurity Strategy details a comprehensive approach to better secure cyberspace and ensure the United States is in the strongest possible position to seize all the benefits and potential of our digital future.” To read this article in full, please click here
http://news.poseidon-us.com/SkgWqx

1Password Unlock with SSO helps enterprises secure their employees

1Password has launched Unlock with Single Sign-On (SSO) which enables enterprise customers to use Okta for unlocking their 1Password accounts, with Azure AD and Duo integration to follow in the coming months. Unlock with SSO helps IT teams improve their security posture while reducing daily login hassles and stress for employees. “Securing employees at scale is no small task. At 1Password, we believe that the foundation of enterprise security is secure employees, and we’re driven … More → The post 1Password Unlock with SSO helps enterprises secure their employees appeared first on Help Net Security.
http://news.poseidon-us.com/SkfWvp

ISC Stormcast For Friday, March 10th, 2023 https://isc.sans.edu/podcastdetail.html?id=8404, (Fri, Mar 10th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
http://news.poseidon-us.com/SkfRrK

Microsoft Previews ChatGPT in Azure OpenAI Service

Microsoft announced on Thursday that its Azure OpenAI service now offers a preview of ChatGPT, the OpenAI-based chat engine.
http://news.poseidon-us.com/Skdwtj

New Chinese regulatory body expected to streamline data governance rules

A new data regulation body that China is reportedly set to create is expected to clarify and establish new data sovereigny rules for multinational companies and accelerate tech-based initatives such as public administration services built on anonymized citizen data. The new governent body will streamline data governance policies in the country, amid increasing confusion from businesses that deal with multiple bodies presiding over different aspects of data governance within the country’s borders, according to a Wall Street Journal report citing sources familiar with the issues.  To read this article in full, please click here
http://news.poseidon-us.com/SkdnTD

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy. None of the patched vulnerabilities is actively exploited, but Fortinet’s devices are often targeted by ransomware gangs and other cyber attackers, so implementing the offered security updates quickly is advised. About CVE-2023-25610 Discovered by Fortinet infosec engineer Kai Ni, CVE-2023-25610 is a buffer underwrite (‘buffer underflow’) vulnerability found in the FortiOS and FortiProxy … More → The post Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610) appeared first on Help Net Security.
http://news.poseidon-us.com/SkcRZl