433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)

A critical cross site scripting (XSS) vulnerability (CVE-2023-34192) in popular open source email collaboration suite Zimbra is being exploited by attackers. About the vulnerability (CVE-2023-34192) CVE-2023-34192 could allow a remote authenticated threat actor to execute arbitrary code through a crafted script to the /h/autoSaveDraft function. It affects Zimbra Collaboration Suite (ZCS) v.8.8.15. The company has provided admins with instruction on how to apply the fix manually, by editing a single data file. “This vulnerability has … More → The post Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192) appeared first on Help Net Security.
http://news.poseidon-us.com/SsJZQ8

IT customer service transitions make or break CX

“Transition points are where everything lives or dies,” Greg Sanker, former CIO and principle advisory director at Info-Tech Research Group, said.
http://news.poseidon-us.com/SsJDFg

Growing a 15,000 strong automotive cybersecurity group with John Heldreth

The furry in which the automotive community pried, prodded, and eventually outsmarted existing functions that are software-driven is nothing short of horrifying. While it seemed like automotive cybersecurity would never outpace these modern laptop-wielding gearheads, John Heldreth, Head of Car Security Operations at Volkswagen AG, had a different idea. Instead of trying to find solutions in a siloed manner, the automotive industry should have a place to collaborate, network, and take action against the rise … More → The post Growing a 15,000 strong automotive cybersecurity group with John Heldreth appeared first on Help Net Security.
http://news.poseidon-us.com/SsJ50P

Hybrid work, unified experiences and the road to simplified security management

According to Gartner, 39% of global knowledge workers will be hybrid by the end of 2023, with only 9% remaining fully remote.
http://news.poseidon-us.com/SsHwTj

Displacement or complement? Mixed-bag responses in human interaction study with AI

Recently, a team of researchers conducted an ambitious study of AI applications on the education front, examining how AI could enhance grading while observing human participants’ behavior in the presence of a computerized companion. They found that teachers were generally receptive to AI’s input — until both sides came to an argument on who should reign supreme. This very much resembles how human beings interact with one another when a new member forays into existing territory.
http://news.poseidon-us.com/SsG5wp

Week in review: Malware delivery via Microsoft Teams, law firms under cyberattack, CVSS 4.0 is out

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: CISO perspective on why boards don’t fully grasp cyber attack risks In this Help Net Security interview, David Christensen, CISO of PlanSource, proposes strategies to understand and acknowledge the broader organizational and strategic implications of cybersecurity risk management, strategy, and governance. How Google Cloud’s AML AI redefines the fight against money laundering In this Help Net Security interview, Anna Knizhnik, … More → The post Week in review: Malware delivery via Microsoft Teams, law firms under cyberattack, CVSS 4.0 is out appeared first on Help Net Security.
http://news.poseidon-us.com/SsFv0l

NSA working on new AI ‘roadmap’ as intel agencies grapple with recent advances

The intelligence community is grappling, like many industries and society at large, with rapid advances in large language models and generative artificial intelligence over the past nine months
http://news.poseidon-us.com/SsBtrL