433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

CISA’s SILENTSHIELD assessment requires urgent measures

The SILENTSHIELD red team assessment has highlighted the urgent need for enhanced cyber resilience within federal agencies. The post CISA’s SILENTSHIELD assessment requires urgent measures first appeared on Federal News Network.
http://news.poseidon-us.com/TG98RC

Legislation to eliminate WEP and GPO clears the House

After the House passed the Social Security Fairness Act in a vote of 327 to 75, the legislation is now facing its next hurdle: passage in the Senate. The post Legislation to eliminate WEP and GPO clears the House first appeared on Federal News Network.
http://news.poseidon-us.com/TG979j

Cisco IOS XR Software Bootloader Unauthenticated Information Disclosure Vulnerability

A vulnerability in the GRand Unified Bootloader (GRUB) for Cisco IOS XR Software could allow an unauthenticated attacker with physical access to the device to view sensitive files on the console using the GRUB bootloader command line.  This vulnerability is due to the inclusion of unnecessary commands within the GRUB environment that allow sensitive files to be viewed. An attacker could exploit this vulnerability by being connected to the console port of the Cisco IOS XR device when the device is power-cycled. A successful exploit could allow the attacker to view sensitive files that could be used to conduct additional attacks against the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-load-infodisc-9rdOr5Fq This advisory is part of the March 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2023-20064
http://news.poseidon-us.com/TG8zN2

Vectra AI adds AI-powered detections to help secure Microsoft customers

Vectra AI announced the extension of the Vectra AI Platform to include comprehensive coverage for customers’ Microsoft Azure environments. With the addition of over 40 unique attacker behavior detections for Microsoft Azure, Vectra AI now delivers over 100 AI-driven attacker behavior detections. Now, Microsoft customers achieve comprehensive hybrid and multi-cloud defense for their entire Microsoft environment – Microsoft Active Directory, Microsoft Entra ID, Microsoft M365, Microsoft Copilot for M365 and now Microsoft Azure. According to … More → The post Vectra AI adds AI-powered detections to help secure Microsoft customers appeared first on Help Net Security.
http://news.poseidon-us.com/TG8zM1

Cequence Security enables organizations to elevate their API defenses

Cequence Security announced its new API Security Assessment Services. Designed to provide immediate, actionable insights into API security risks, these time-bound and fixed services leverage Cequence’s advanced Unified API Protection platform, enabling companies to identify and address security gaps within their existing infrastructure. As digital transformation accelerates, the reliance on APIs introduces new security challenges. Cequence’s assessment services provide a clear and comprehensive view of an organization’s API environment, helping identify hidden risks and comply … More → The post Cequence Security enables organizations to elevate their API defenses appeared first on Help Net Security.
http://news.poseidon-us.com/TG8zLw

Absolute Security releases Enterprise Edition

Absolute Security launched Enterprise Edition, combining the new Safe Connect for Secure Access and Comply Module for Secure Endpoint. With these innovations, Enterprise Edition is the comprehensive Security Service Edge (SSE) that can ensure only secure and compliant devices are accessing corporate networks, while delivering an optimized user experience for remote and hybrid workers. Backed by firmware-embedded resilience, customers are assured their SSE remains resilient, always on, and fully operational. “Hybrid work, complexity, ransomware, and … More → The post Absolute Security releases Enterprise Edition appeared first on Help Net Security.
http://news.poseidon-us.com/TG8zHN

Pentagon secrets leaker Jack Teixeira sentenced to 15 years in prison by a federal judge

A federal judge sentenced Teixeira to 15 years in prison after he pleaded guilty to leaking highly classified military documents about the war in Ukraine. The post Pentagon secrets leaker Jack Teixeira sentenced to 15 years in prison by a federal judge first appeared on Federal News Network.
http://news.poseidon-us.com/TG8vQb

GoIssue phishing tool targets GitHub developer credentials

Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on a cybercrime forum, GoIssue allows attackers to send bulk emails while keeping their identity hidden using proxies. The tool’s capabilities extend beyond simple phishing, posing a threat to entire organizations by potentially hijacking developer accounts and accessing private repositories. GoIssue may be linked to the GitLoker extortion campaign, which uses … More → The post GoIssue phishing tool targets GitHub developer credentials appeared first on Help Net Security.
http://news.poseidon-us.com/TG8vGP

Infostealers increasingly impact global security

Check Point Software’s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cybercriminals across the globe. Last month researchers discovered an infection chain where fake CAPTCHA pages are being utilized to distribute Lumma Stealer malware, which has climbed to 4th place in the monthly top malware rankings. This campaign is notable for its global reach, … More → The post Infostealers increasingly impact global security appeared first on Help Net Security.
http://news.poseidon-us.com/TG8vCr