A recent staff report from the Federal Trade Commission (FTC) has examined the data collection and utilization practices of major social media and video streaming services. The report reveals that these companies engaged in extensive surveillance of consumers to monetize their personal information while failing to adequately protect users online, particularly children and teenagers. The […]
Over 1,000 ServiceNow Knowledge Base (KB) articles were discovered to be misconfigured. This misconfiguration could potentially expose sensitive enterprise data to external users, including malicious actors. The exposed information may include: Security leaders weigh in Guy Rosenthal, Vice President of Product at DoControl: “The exposure of ServiceNow Knowledge Base highlights a critical security issue in […]
Note that, strictly speaking, dynamic application security testing refers to any kind of security testing that’s performed on a running application, including manual dynamic testing. In practice, though, “DAST” or “DAST tool” is now the common term for an automated web vulnerability scanner. Myth #1: DAST doesn’t find anything The very first DAST tools (we’re […]
Bot attacks were analyzed in a recent report by DataDome, revealing that over 65% of websites are not adequately protected against simple bot attacks, while 95% of advanced bot attacks go undetected on websites. Industries focused on consumers and digital technology are particularly vulnerable to cybercriminals and lack proper defenses against malicious bots. This exposes […]
Consumer trust was analyzed in a recent report by Telesign. Among the new findings, nearly one in three people globally report being a victim of digital fraud, with most victims reporting the crime occurred in the past six months. It also found that data breaches remain a significant driver of these fraud incidents, with nearly […]
Reports indicate that motorists in the United Kingdom are falling victim to QR code scams. A recent study highlighted the rise of these scams, where malicious QR codes lead users to phishing websites posing as legitimate parking payment services to obtain personal data, including payment details. The United Kingdom is not the only country facing […]
A recent study conducted by OPSWAT delves into the email security landscape within critical infrastructure organizations, revealing that 80% of critical infrastructure entities have fallen victim to an email security breach in the past year. The research indicates that for every 1,000 employees, these organizations witness the following on an annual basis: 5.7 successful phishing […]
The FBI and CISA caution that claims of hacked voter data are being spread to sow doubt in the election process. These organizations emphasize that these claims are false and are meant to erode confidence in the security of U.S. elections. The assertions being circulated suggest that cyberattacks have breached databases containing U.S. voter registration […]
GitLab announced the release of security updates to address 17 vulnerabilities. One of these vulnerabilities was deemed a critical flaw, which could potentially allow a malicious actor to execute a pipeline job as a random user. This vulnerability (CVE-2024-6678) is rated 9.9 out of 10 in terms of its CVSS score. Patrick Tiquet, Vice President, […]
Delphix conducted an analysis on data security compliance in 2024. The findings of the report indicate that safeguarding sensitive data is becoming increasingly complex with the growing influence of artificial intelligence (AI). A whopping 85% of enterprises express apprehensions regarding regulatory non-compliance within AI settings. Furthermore, 68% of the organizations surveyed perceive a lack of […]
We hate spam, we obviously will not spam you!
Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC
