Ivanti Identifies Active Exploitation of New Vulnerabilities in Cloud Service Appliance Ivanti has issued an alert regarding three newly discovered security vulnerabilities in its Cloud Service Appliance (CSA), which are currently being actively exploited by attackers. These vulnerabilities add to the growing concerns over the security of this essential service,…
On October 15, 2024, the Software Freedom Law Centre India (SFLCI), a legal services organization based in New Delhi, formally requested the Indian Computer Emergency Response Team (CERT-In) to investigate a significant cybersecurity incident. This incident concerns a severe data breach affecting Star Health and Allied Insurance, one of the…
Docker Warns of Critical Flaw in Docker Engine Docker has issued an urgent alert regarding a significant vulnerability affecting various versions of the Docker Engine. This flaw could allow attackers to bypass authorization plugins (AuthZ) under certain conditions, posing a serious security risk for users. Labeled as CVE-2024-41110, this bypass…
WP Automatic Plugin Targeted by Attackers Exploiting Critical Security Flaw Recent reports indicate that threat actors are actively trying to exploit a severe vulnerability in the ValvePress Automatic plugin for WordPress, which has the potential to enable site takeovers. The vulnerability, identified as CVE-2024-27956, has a CVSS score of 9.9,…
Central Tickets Suffers Major Data Breach, Exposing User Information In July 2024, Central Tickets, a London-based platform specializing in discounted theatre tickets, encountered a significant data breach that compromised a broad spectrum of personal information for its users. The breach began on July 1, but Central Tickets remained unaware of…
Sophos Survey Exposes Disturbing Trends in Ransomware Strategies A comprehensive report from Sophos, titled “Turning the Screws: The Pressure Tactics of Ransomware Gangs,” uncovers alarming trends in ransomware operations. The study indicates a disturbing shift from traditional ransomware methods—merely stealing and encrypting data for ransom—to a more aggressive approach designed…
Major Data Exposure Due to Server Misconfiguration at FleetPanda A significant server misconfiguration has led to the exposure of almost one million documents belonging to FleetPanda, a noted software provider in the petroleum and fuel industry. This incident has potentially compromised a wide array of sensitive information, including invoices, driver…
South Yorkshire Police Faces Data Loss After Three Years of Body Cam Footage Deleted In a significant incident that raises serious concerns about data management within law enforcement, South Yorkshire Police (SYP) has publicly apologized for the deletion of over three years’ worth of officer body cam footage from its…
To Achieve Excellence in Cybersecurity Risk Management: Georgetown University Webinar Announcement Georgetown University is hosting an informative webinar on October 23, aimed at professionals seeking to enhance their knowledge and expertise in cybersecurity risk management. This event highlights the value of pursuing a master’s degree in this critical field, emphasizing…
