September 2025 CVE Landscape
http://news.poseidon-us.com/TNkqs9
http://news.poseidon-us.com/TNkqs9
http://news.poseidon-us.com/TNkqs9
More resources are popping up for federal employees during the shutdown
http://news.poseidon-us.com/TNkkwx
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)
Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation targeted victims running older Linux systems that do not have endpoint detection response solutions,” Trend Micro researchers shared. Once a rootkit was implanted, it would set a universal password (containing the word “disco”) and install several hooks onto the IOSd (process) memory space, to make fileless components disappear after a reboot. About CVE-2025-20352 … More → The post Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352) appeared first on Help Net Security.http://news.poseidon-us.com/TNkgb1
The IRS is losing lawyers, giving companies leverage in court
http://news.poseidon-us.com/TNkdD6
The IRS is losing lawyers, giving companies leverage in court
http://news.poseidon-us.com/TNkdC5
Email Bombs Exploit Lax Authentication in Zendesk
http://news.poseidon-us.com/TNkWVM
Tech vendors switch up pricing models to offset rising cloud costs
Significant delivery costs for AI products and soaring cloud spend is driving providers to reassess pricing structures, according to a Revenera report.http://news.poseidon-us.com/TNkVH8
Microsoft revokes 200 certs used to sign malicious Teams installers
By revoking 200 software-signing certificates, Microsoft has hampered the activities of Vanilla Tempest, a ransomware-wielding threat actor that has been targeting organizations with malware posing as Microsoft Teams. “In this campaign, Vanilla Tempest used fake MSTeamsSetup.exe files hosted on malicious domains mimicking Microsoft Teams, for example, teams-download[.]buzz, teams-install[.]run, or teams-download[.]top. Users are likely directed to malicious download sites using SEO poisoning,” the company’s threat intelligence team shared. The campaign In this latest campaign, spotted by … More → The post Microsoft revokes 200 certs used to sign malicious Teams installers appeared first on Help Net Security.http://news.poseidon-us.com/TNkTZv
Censys ICS/OT solution closes visibility gaps and secures exposed industrial systems
Censys announced the release of a new ICS/OT Internet intelligence offering designed to close the visibility gap defenders face when securing exposed industrial assets. From energy and manufacturing to defense and utilities, organizations across industries face growing risks as IT and OT networks converge. Adversaries have long used automated tools to identify ICS/OT assets at scale, while defenders were left with blind spots, inconsistent data, and little ability to validate ownership or context. The result: … More → The post Censys ICS/OT solution closes visibility gaps and secures exposed industrial systems appeared first on Help Net Security.http://news.poseidon-us.com/TNkPHl
AISLE emerges from stealth with AI-native cyber reasoning system to tackle zero-day vulnerabilities
AISLE emerged from stealth, delivering the AI-native cyber reasoning system (CRS) that autonomously identifies, triages and remediates with verification both known and zero-day application vulnerabilities, which still account for the majority of security breaches. Malicious actors continue to exploit a massive attack surface of unpatched software vulnerabilities. Now armed with AI, they can inexpensively scale and exploit known and new zero-day software vulnerabilities within minutes of discovery. Defenders are still drowning in an impossible backlog … More → The post AISLE emerges from stealth with AI-native cyber reasoning system to tackle zero-day vulnerabilities appeared first on Help Net Security.http://news.poseidon-us.com/TNkPHf