433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (813) 563-2652

Vulnerability in Spring Framework Affecting Cisco Products: March 2022

On March 31, 2022, the following critical vulnerability in the Spring Framework affecting Spring MVC and Spring WebFlux applications running on JDK 9+ was released:      CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ For a description of this vulnerability, see VMware Spring Framework Security Vulnerability Report. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-java-spring-rce-Zx9GUc67 Security Impact Rating: Critical CVE: CVE-2022-22965
http://news.poseidon-us.com/Sj9YSs

NIST chooses encryption algorithms for lightweight IoT devices

ASCON is the name of the group of lightweight authenticated encryption and hashing algorithms that the U.S. National Institute of Standards and Technology (NIST) has chosen to secure the data generated by Internet of Things (IoT) devices: implanted medical devices, keyless entry fobs, “smart home” devices, etc. Gathered under the ASCON label are seven algorithms, some of which may not end up being included in the lightweight cryptography standard NIST is plans to publish later … More → The post NIST chooses encryption algorithms for lightweight IoT devices appeared first on Help Net Security.
http://news.poseidon-us.com/Sj94Sx

Establishing secure habits for software development in 2023

As a new year commences, it’s not unusual for people to take the opportunity to adopt better practices and principles and embrace new ways of thinking in both their personal and professional lives. Software development teams always strive to master their trade, improve their practices, and deliver secure applications and services, especially because application security risks are mounting and expectations are higher than ever (53% of developers are now expected to take full responsibility for … More → The post Establishing secure habits for software development in 2023 appeared first on Help Net Security.
http://news.poseidon-us.com/Sj8XDW

Mordecai Rosen joins Skybox Security as CEO

Skybox Security appoints Mordecai Rosen as Chief Executive Officer and closes $50 million in financing from CVC Growth Funds, Pantheon, and J.P. Morgan. Mr. Rosen is a seasoned security technology executive with over 25 years of experience and will focus on driving company growth and accelerating the adoption of the Software-as-a-Service (SaaS) solution for Security Policy and Vulnerability Management. “CVC is incredibly pleased to bring on Mo as the new CEO of Skybox and to … More → The post Mordecai Rosen joins Skybox Security as CEO appeared first on Help Net Security.
http://news.poseidon-us.com/Sj87Kx

Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery

Data security and management vendor has announced the 7.0 software release of its Cohesity Data Cloud platform. The release provides customers with enhanced cyber resiliency capabilities to help protect and secure data against cyberattacks, the firm stated in its announcement. Expanded features include privileged access hardening, accelerated ransomware recovery for files and objects, and attack surface reduction via AWS GovCloud support, Cohesity added. Cohesity 7.0 focuses on a “data-centric” approach to cyber resilience In a blog, Cohesity explained that the 7.0 software release helps businesses take a more data-centric approach to cyber resilience including data immutability, data isolation (or cyber vaulting), and recovery at scale. “Organizations are facing significant challenges with managing and securing their data estate across cloud and on-premises, with ransomware and data theft as their number one concern,” commented Chris Kent, VP product and solutions marketing, Cohesity, in a press release. “Cohesity Data Cloud 7.0 adds a new layer of protection and recovery to organizations’ most critical data.” To read this article in full, please click here
http://news.poseidon-us.com/Sj6g3x

Top 3 resolutions for security teams

As 2023 goals become solidified, companies need to decide how they are prioritizing cybersecurity. It’s time to focus on what organizations can prioritize. In this Help Net Security video, Kevin Garrett, Senior Solutions Engineer at Censys, recommends three critical elements all security teams need to add to their resolutions this year, including: High-quality, continuous education to run a successful security program. Understand what systems and data live on the public Internet in a continuous and … More → The post Top 3 resolutions for security teams appeared first on Help Net Security.
http://news.poseidon-us.com/Sj66rB

How to Write a Project Summary (Free Template Included)

There’s a lot of work involved in getting a project approved. You need to convince stakeholders or clients that the project is worthwhile. This should be done upfront and is usually accomplished via the project summary. That’s a lot of…Read More The post How to Write a Project Summary (Free Template Included) appeared first on ProjectManager.
http://news.poseidon-us.com/Sj5PFb