A recent report by Forescout Technologies has uncovered 14 additional vulnerabilities in DrayTek routers. These vulnerabilities, if left unaddressed, could potentially allow attackers to take full control of the devices, leaving them vulnerable to ransomware, denial of service attacks, and other malicious activities. This highlights the urgent need for immediate action such as patching and […]
American Water Works Company, Inc., experienced a cyberattack and was forced to pause customer billing. The organization provides services for more than 14 million individuals across 14 states, including 1,700 communities. While finer details of the attack are not currently available, American Water released a statement that unauthorized activity was discovered on its systems, prompting […]
Analysis of the challenges faced by IT leaders in the U.K. was conducted in a recent report by Hyve Managed Hosting. The report revealed that 80% of U.K. businesses are currently encountering difficulties in finding the talent needed to address present IT challenges. Research has shown that the majority of decision makers surveyed identified the […]
The Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning about a known and exploited vulnerability. This vulnerability is related to Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability (CVE-2024-29824) and has been included in CISA’s Known Exploited Vulnerabilities Catalog. Security leaders share their views Eric Schwake, Director of Cybersecurity Strategy at Salt Security: “The […]
A recent report by Ivanti analyzed unsafe security practices. According to the report, one in two office workers admit to using personal devices to log into work networks, with 32% of them revealing their employers are unaware of this practice. However, only 13% of security professionals prioritize user experience (UX) for end users when implementing […]
A security researcher has uncovered vulnerabilities in commercial platforms utilized by United States government agencies and courts. These vulnerabilities were discovered in 19 commercial platforms and could potentially grant malicious individuals access to government and legal systems, compromising confidential data, personal information, and document integrity. The research indicates that these vulnerabilities could be exploited to […]
Recent analysis in a report by Elastic examined global threats. The report delved into security tools, malware attacks, and cloud environment security. The report highlights the success of adversaries utilizing offensive security tools (OSTs) — tools designed to find security vulnerabilities proactively — in addition to misconfigured cloud environments and a growing focus on credential […]
Insecure deserialization is a vulnerability that is part of many attack chains against web applications and APIs. A vulnerable application will load data without validating it, allowing an attacker to manipulate the deserialization process and execute malicious code. While not always reported as a standalone vulnerability, insecure deserialization can have serious consequences for cybersecurity, including […]
The stress of cybersecurity professionals was examined in a recent report by ISACA. Sixty-six percent of cybersecurity professionals state that their role is more stressful now than it was five years ago, as per the report. Aligned with this concern about challenging threats, 38% of organizations are facing an increase in cybersecurity attacks compared to […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a threat response guide for K-12 schools. This resource is intended to assist K-12 schools in establishing tailored approaches to threat management, including violence and threats of violence. In this guide, the CISA outlines steps that school districts can take to understand and respond to anonymous […]
We hate spam, we obviously will not spam you!
Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC
