A cybersecurity researcher discovered an exposed Confidant Health database containing thousands of records such as personal identifiable information, psychosocial assessment documents, health insurance information, ID cards, and more. In total, the database contained 126,276 files (equivalent of 5.3 terabytes). A separate folder contained 1,755,571 logging records. Some of these files contain audio and video files. […]
The BlackByte ransomware group typically employs tactics that use vulnerable drivers to avoid security measures in order to deploy a self-spreading ransomware encryptor. However, recent investigations by Talos IR show that BlackByte is using different techniques than usual. BlackByte was seen exploiting a vulnerability in VMware ESXi (CVE-2024-37085) to bypass authentication. Darren Guccione, CEO and […]
Ransomware threats were analyzed in a recent report by Searchlight Cyber. The report shows how one of the biggest ransomware groups (BlackCat) ceased operations, a new gang (RansomHub) emerged in February and quickly established itself as the third most prolific ransomware group, and outlines the effects of devastating attacks executed against organizations. Other highlights of […]
Research from IANS Research and Artico Search reveals the impact the global economy is having on security budgets. The research includes a survey of more than 750 CISOs from April to August 2024. The average budget growth has increased from 6% in 2023 to 8% in 2024. However, this rise is smaller than in previous years, as 2021 […]
The White House Office of the National Cyber Director (ONCD) has published a roadmap to enhance the security of the Border Gateway Protocol (BGP). BGP is crucial for the operation of more than 70,000 independent networks, as internet traffic is routed between networks via BGP to determine reachable destinations. The BGP is fundamental for networks […]
What are HTTP security headers? HTTP security headers are those HTTP headers that are related specifically to security, exchanged between a client (like a web browser) and a server to define the security of HTTP communication. These include dedicated security headers and several others that can indirectly affect privacy and security. Setting the right security […]
According to research from Proofpoint, a new malware campaign called “Voldemort” has been growing. The campaign reportedly started on August 5, 2024, and has affected over 70 organizations globally with more than 20,000 emails sent. The majority of the targets are from the insurance, transportation, aerospace, and education sectors. While the identity of the threat […]
The Federal Trade Commission (FTC) will require security camera firm Verkada to develop and implement a comprehensive information security program to settle allegations the company failed to use appropriate information security practices, which allowed a hacker to access customers’ security cameras. Under a proposed order, which must be approved by a federal judge before it […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced its Voluntary Cyber Incident Reporting portal is now live. This portal is part of an ongoing effort to support cyber incident reporting, providing users with resources to help them understand who should report cyber events, when and why these incidents should be reported, what to report, and […]
OPSWAT and Dark Survey conducted a joint study that revealed concerns from IT and corporate leaders regarding organizational preparedness. The survey findings indicate a lack of readiness for advancing cybersecurity threats, with only 25% of respondents feeling fully equipped to handle DDoS attacks. Preparedness levels for threats like botnets, Advanced Persistent Threats (APTs), API security […]
We hate spam, we obviously will not spam you!
Copyright © TSP 2024. All rights reserved. Designed by Enovate LLC
