433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Solana’s popular web3.js library backdoored in supply chain compromise

A software supply chain attack has lead to the publication of malicious versions of Solana’s web3.js library on the npm registry. Just like the recent Lottie Player supply chain compromise, this attack was reportedly made possible due to compromised (phished) npm.js account credentials. What happened? “Earlier today, a publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana [decentralized apps]. This allowed an attacker to publish unauthorized and malicious packages … More → The post Solana’s popular web3.js library backdoored in supply chain compromise appeared first on Help Net Security.
http://news.poseidon-us.com/TGbCQ7

Cisco NX-OS Software Image Verification Bypass Vulnerability

A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification. This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL Security Impact Rating: High CVE: CVE-2024-20397
http://news.poseidon-us.com/TGb9vQ

How widespread is mercenary spyware?

A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this year, iVerify added a threat hunting feature to its mobile security solution for Android-based phones and iPhones and urged users to try it out. 2,500 of them did, and six (possibly seven) discovered that they’ve been infected with NSO Group’s … More → The post How widespread is mercenary spyware? appeared first on Help Net Security.
http://news.poseidon-us.com/TGb3Zz

Product showcase: Securing Active Directory passwords with Specops Password Policy

Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only protect sensitive data but also align with best practices and compliance requirements, such as those outlined by NIST. Specops research has found that passwords are still used by 88% of organizations. So even if they can cause … More → The post Product showcase: Securing Active Directory passwords with Specops Password Policy appeared first on Help Net Security.
http://news.poseidon-us.com/TGb3YN

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.
http://news.poseidon-us.com/TGb3JL

PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for enterprises. CVE-2024-8785 and the PoC exploit CVE-2024-8785 stems from the incorrect use of a privileged application programming interface (API) that may allow attackers to overwrite the Windows Registry. The API endpoint in question – NmAPI.exe – can be exploited by unauthenticated, remote attackers to change an existing registry value or … More → The post PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) appeared first on Help Net Security.
http://news.poseidon-us.com/TGZsJc

FortiAppSec Cloud simplifies web application security management

Fortinet announced FortiAppSec Cloud, a new cloud-delivered platform that integrates key web application security and performance management tools into a single offering. The platform streamlines web and API security, advanced bot defense, and global server load balancing, among other capabilities, so customers can confidently secure and manage their hybrid and multi-cloud environments. “Web applications are foundational to the success of modern enterprises, but they are extremely challenging to secure, leaving businesses with a substantial attack … More → The post FortiAppSec Cloud simplifies web application security management appeared first on Help Net Security.
http://news.poseidon-us.com/TGZjvJ

AttackIQ Flex 3.0 empowers security teams to take control of their detection strategies

AttackIQ announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience. A growing need for efficient and accurate threat detection As cyber threats grow more sophisticated, organizations are struggling to detect and mitigate breaches. In 2024, it takes organizations on average about 10 days to detect an attacker, while it only takes an adversary mere hours to accomplish their objective. Meanwhile, most organizations’ threat detection … More → The post AttackIQ Flex 3.0 empowers security teams to take control of their detection strategies appeared first on Help Net Security.
http://news.poseidon-us.com/TGZjvG

Veeam Data Platform v12.3 encompasses three key objectives for enterprises

Veeam Software released Veeam Data Platform v12.3. This release encompasses three key objectives for enterprises: protecting identity and access management with support for backing up Microsoft Entra ID, powering proactive threat analysis with Recon Scanner and Veeam Threat Hunter, and utilizing Generative AI to deliver more intelligent protection of enterprise data with advanced reporting powered by Veeam Intelligence. In addition, Veeam Data Platform v12.3 expands data portability by offering complete Nutanix AHV protection with application-aware … More → The post Veeam Data Platform v12.3 encompasses three key objectives for enterprises appeared first on Help Net Security.
http://news.poseidon-us.com/TGZjtD