433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Information Disclosure Vulnerability

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential information. The vulnerability is due to a buffer tracking issue when the software parses invalid URLs that are requested from the web services interface. An attacker could exploit this vulnerability by sending a crafted GET request to the web services interface. A successful exploit could allow the attacker to retrieve memory contents, which could lead to the disclosure of confidential information. Note: This vulnerability affects only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.  This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-info-disclose-9eJtycMB This advisory is part of the May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 12 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: May 2020 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2020-3259
http://news.poseidon-us.com/T33Ysy

Lockbit cybercrime gang faces global takedown

With indictments and arrests.
http://news.poseidon-us.com/T31NCK

Federal Executive Forum Customer Experience (CX) Strategies in Government Progress and Best Practices 2024

Learn how top government CX experts are profiling customer experience success and visions for the future The post Federal Executive Forum Customer Experience (CX) Strategies in Government Progress and Best Practices 2024 first appeared on Federal News Network.
http://news.poseidon-us.com/T30wRj

Pentera collaborates with SpyCloud to reduce dwell time of compromised credentials

Pentera announced an integration with SpyCloud to automate the discovery and validation of compromised identities. Pentera uses exposure intelligence data to identify exploitable identities and facilitates targeted remediation to proactively reduce risk. Compromised credentials remain one of the most pervasive and successful attack vectors year over year. According to the 2023 Verizon Data Breach Investigations Report (DBIR) stolen credentials were the root cause of almost 50% of all attacks, and provided initial access in 86% … More → The post Pentera collaborates with SpyCloud to reduce dwell time of compromised credentials appeared first on Help Net Security.
http://news.poseidon-us.com/T30tld

Next-gen Workloads Require Next-gen Storage

Introducing the all-new all-flash PowerScale F210 and F710 nodes. Drive AI innovations faster with Dell’s AI-ready data platform. 
http://news.poseidon-us.com/T30q0k

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!

ConnectWise has fixed two vulnerabilities in ScreenConnect that could allow attackers to execute remote code or directly impact confidential data or critical systems. “There is no evidence that these vulnerabilities have been exploited in the wild, but immediate action must be taken by on-premise partners to address these identified security risks,” the company said. About ConnectWise ScreenConnect ConnectWise ScreenConnect (formerly ConnectWise Control, before the latest change to the original name) is a remote desktop software … More → The post Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP! appeared first on Help Net Security.
http://news.poseidon-us.com/T308P1

Congress should protect science, EPA workers who dedicate careers to preserving planet

The clock is ticking for the current administration to implement measures to protect science and the workers dedicating their lives to confronting this millennium’s greatest challenge: preserving our planet, its resources and its people. The post Congress should protect science, EPA workers who dedicate careers to preserving planet first appeared on Federal News Network.
http://news.poseidon-us.com/T2yPNX