433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

ConfD CLI Privilege Escalation and Arbitrary File Read and Write Vulnerabilities

Multiple vulnerabilities in the ConfD CLI could allow an authenticated, low-privileged, local attacker to read and write arbitrary files as root or elevate privileges to root on the underlying operating system.   For more information about these vulnerabilities, see the Details section of this advisory.  Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cnfd-rwpesc-ZAOufyx8 Security Impact Rating: High CVE: CVE-2024-20326,CVE-2024-20389
http://news.poseidon-us.com/T6wd73

Got MFA? If not, Now is the Time!, (Wed, May 15th)

I had an interesting call from a client recently – they had a number of “net use” and “psexec” commands pop up on a domain controller, all called from PSEXEC (thank goodness for a good EDR deployed across the board!!). The source IP was a VPN session.
http://news.poseidon-us.com/T6w7xB

NIST aims to cut ‘tech speak’ from cyber workforce framework

The NICE framework, which defines cyber workforce roles, just added new competencies and updated skills. But for cyber leaders at NIST, that’s only the start. The post NIST aims to cut ‘tech speak’ from cyber workforce framework first appeared on Federal News Network.
http://news.poseidon-us.com/T6tczR

AWS CEO steps down, sales chief to take over

After a three-year stint helming the cloud titan, Adam Selipsky is passing the baton to AWS veteran Matt Garman.
http://news.poseidon-us.com/T6ssHq

OpenAI introduces faster, cheaper GPT-4o model

GPT-4o is the LLM maker’s first multimodal model and will begin to roll out to customers Monday. 
http://news.poseidon-us.com/T6qpqY

White House wants to hold the software sector accountable for security

Federal officials are taking steps toward a long-stated goal of shifting the security burden from technology users to the companies that build it.
http://news.poseidon-us.com/T6qpNl

Cats purrfectly demonstrate what it takes to trust robots

Would you trust a robot to look after your cat? New research suggests it takes more than a carefully designed robot to care for your cat, the environment in which they operate is also vital, as well as human interaction.
http://news.poseidon-us.com/T6qmZ8