433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (727) 493-2351

Novel design helps develop powerful microbatteries

Translating electrochemical performance of large format batteries to microscale power sources has been a long-standing technological challenge, limiting the ability of batteries to power microdevices, microrobots and implantable medical devices. Researchers have created a high-voltage microbattery (> 9 V), with high-energy and -power density, unparalleled by any existing battery design.
http://news.poseidon-us.com/SgrCy8

Royal ransomware group actively exploiting Citrix vulnerability

The Royal ransomware group is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway. To read this article in full, please click here
http://news.poseidon-us.com/SgqHzm

The GSA administrator on the agency’s plans for the President’s management agenda in 2023

The General Services Administration has been busy since passage of the American Rescue Plan two years ago and, most recently, the Inflation Reduction Act. GSA is applying funds to fulfill several parts of the President’s Management Agenda.
http://news.poseidon-us.com/SgnWcj

Multicloud Data Protection Mitigates Risk for DevOps Teams

Critical cloud development data could be an unintended casualty in the unbridled rush to get new application services to market.
http://news.poseidon-us.com/SgnSpG

BrandPost: The Unrelenting Rise of Botnet Threats

As the world has moved to scalable online services for everything from video streaming to gaming to messaging, it’s really no surprise that malware has followed close behind. Specifically, threats such as botnets are evolving and scaling at such speeds that it’s more important than ever to proactively manage potential security threats.  Botnets, a portmanteau or blend of the phrase robot networks, are collections of malware-infected computing resources that can be used to attack any connected target system. They’re a growing risk for every organization, enabling cyber criminals to steal passwords and gain access to corporate systems, deploy disruptive attacks that shut down entire network, or even hijack corporate data with ransomware. To read this article in full, please click here
http://news.poseidon-us.com/SgnKPD

Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)

Cisco has acknowledged one critical (CVE-2023-20025) and two medium-severity (CVE-2023-20026, CVE-2023-20045) vulnerabilities affecting some of its Small Business series of routers, but won’t be fixing them as the devices “have entered the end-of-life process.” Proof-of-concept exploit code for CVE-2023-20025 and CVE-2023-20026 is available online, but there is currently no indication of any of these flaws being exploited by attackers. About the vulnerabilities CVE-2023-20025 is an authentication bypass vulnerability in the web-based management interface of Cisco … More → The post Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026) appeared first on Help Net Security.
http://news.poseidon-us.com/SgmDmC

Cybercriminals bypass Windows security with driver-vulnerability exploit

The Scattered Spider cybercrime group has recently been observed attempting to deploy a malicious kernel driver using a tactic called bring your own vulnerable driver (BYOVD) — a warning to security professionals that the technique, which exploits longstanding deficiencies in Windows kernel protections, is still being employed by cybercriminals, according to cybersecurity company CrowdStrike. In this latest BYOVD attack, which was observed and stopped by CrowdStrike’s Falcon security system, Scattered Spider attempted to deploy a malicious kernel driver via a vulnerability — CVE-2015-2291 in MITRE’s Common Vulnerability and Exposures program — in the Intel Ethernet diagnostics driver for Windows (iqvw64.sys). To read this article in full, please click here
http://news.poseidon-us.com/Sgl40P

Replacing On-Premises File Servers with SharePoint Online: Five Common Pitfalls

Check out this insightful discussion where we will examine the pros and cons of potential options, starting with SharePoint Online. Hear from Liam Cleary, Microsoft MVP and Karl Becker, Director of Egnyte’s Value Engineering Group and former Director of Global IT at Merkle B2B!
http://news.poseidon-us.com/Sgkbt6

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off. The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like written text, but they can build entire email chains to make their emails more convincing and can even generate messages using the writing style of real people based on provided samples of their communications. To read this article in full, please click here
http://news.poseidon-us.com/SgkVhF