433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Secure Firewall Management Center Software Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficient input validation of certain HTTP request parameters that are sent to the web-based management interface. An attacker could exploit this vulnerability by authenticating to the interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute commands as the root user on the affected device. To exploit this vulnerability, an attacker would need Administrator-level credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-HCRLpFyN This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20306
http://news.poseidon-us.com/TMTz6P

The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice

“The new enforcement areas have to do with drug pricing, in particular rebate payments to get access to formularies,” said Andrew Hoffman. The post The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice first appeared on Federal News Network.
http://news.poseidon-us.com/TMTypj

The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice

“The new enforcement areas have to do with drug pricing, in particular rebate payments to get access to formularies,” said Andrew Hoffman. The post The DOJ and HHS are teaming up again — and federal contractors in healthcare should take notice first appeared on Federal News Network.
http://news.poseidon-us.com/TMTyXX

Transportation Command moving all systems to DoD-approved identity provider by end of year

“We need those granular attributes that right now I don’t know if the DoD is really postured to handle,” Donald “DJ” Cook said. The post Transportation Command moving all systems to DoD-approved identity provider by end of year first appeared on Federal News Network.
http://news.poseidon-us.com/TMTtxx

Brute-force attacks hammer Fortinet devices worldwide

A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network of passive sensors collects, analyzes, and labels data about internet-wide scanning activity, shared on Tuesday that they say spotted two waves of attacks: On August 3, 780+ unique IPs triggered the company’s … More → The post Brute-force attacks hammer Fortinet devices worldwide appeared first on Help Net Security.
http://news.poseidon-us.com/TMTt12

Palo Alto Networks helps organizations accelerate their quantum readiness

Palo Alto Networks announced two new security solutions to help organizations confidently navigate the quantum landscape, and to keep pace with highly dynamic cloud and AI environments. These innovations provide enterprises with the visibility, agility and defenses needed to accelerate their quantum readiness and secure their workloads in a multicloud world. “The quantum threat to encryption is no longer theoretical; it’s an inevitability that demands action now. With these latest innovations that cover the entire … More → The post Palo Alto Networks helps organizations accelerate their quantum readiness appeared first on Help Net Security.
http://news.poseidon-us.com/TMTpbV

For $40, you can buy stolen police and government email accounts

Active police and government email accounts are being sold on the dark web for as little as $40, giving cybercriminals a direct line into systems and services that rely on institutional trust. According to new research from Abnormal AI, the accounts come from agencies in the United States, United Kingdom, Germany, India, and Brazil, and are being traded on underground forums. Source: Abnormal AI Unlike spoofed or dormant addresses, these accounts are functional and still … More → The post For $40, you can buy stolen police and government email accounts appeared first on Help Net Security.
http://news.poseidon-us.com/TMTpXB

What’s the right number of AI projects? It depends.

Analysts say the roster hinges on the goals, budget and overall readiness of an enterprise, as well as its technology stack and workforce.
http://news.poseidon-us.com/TMTgqk

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaws to its Known Exploited Vulnerabilities catalog and ordered US federal civilian agencies to mitigate them within a week. About the vulnerabilities (CVE-2025-8875, CVE-2025-8876) N-able N-central … More → The post Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) appeared first on Help Net Security.
http://news.poseidon-us.com/TMTfdp

Brivo Visitor Management, powered by Envoy, boosts front-desk security

Brivo a strategic partnership with Envoy. The integration brings Envoy’s workplace platform, designed to connect people, spaces, and data, into Brivo Security Suite. Together, Brivo Visitor Management powered by Envoy merges workplace experience with physical security, eliminating silos and enabling a modern, secure sign-in process that scales from single offices to Fortune 500 enterprises. This partnership makes visitor management simpler, more secure, and boosts front-desk security by automating approvals, notifications, and compliance tracking. Unlike fragmented … More → The post Brivo Visitor Management, powered by Envoy, boosts front-desk security appeared first on Help Net Security.
http://news.poseidon-us.com/TMTX88