SolarWinds has recently addressed a series of critical security vulnerabilities within its Access Rights Manager (ARM) software that pose significant risks to users. These vulnerabilities could be exploited by malicious actors to gain unauthorized access to sensitive information or to execute arbitrary code, making this a pressing concern for businesses…
Title: Exposed Databases Reveal 4.6 Million Illinois Voter Records, Raising Security Concerns in Election Data Management In a significant breach of election data security, cybersecurity expert Jeremiah Fowler has exposed 4.6 million sensitive records, including voter details, from misconfigured databases linked to a single county in Illinois. These records, which…
Organizations are experiencing staggering financial losses, estimated between $94 billion and $186 billion annually, due to the vulnerabilities present in Application Programming Interfaces (APIs) and the automated exploits conducted by malicious bots. This alarming statistic is highlighted in a report titled “The Economic Impact of API and Bot Attacks,” published…
Ivanti Identifies Active Exploitation of New Vulnerabilities in Cloud Service Appliance Ivanti has issued an alert regarding three newly discovered security vulnerabilities in its Cloud Service Appliance (CSA), which are currently being actively exploited by attackers. These vulnerabilities add to the growing concerns over the security of this essential service,…
Central Tickets Suffers Major Data Breach, Exposing User Information In July 2024, Central Tickets, a London-based platform specializing in discounted theatre tickets, encountered a significant data breach that compromised a broad spectrum of personal information for its users. The breach began on July 1, but Central Tickets remained unaware of…
To Achieve Excellence in Cybersecurity Risk Management: Georgetown University Webinar Announcement Georgetown University is hosting an informative webinar on October 23, aimed at professionals seeking to enhance their knowledge and expertise in cybersecurity risk management. This event highlights the value of pursuing a master’s degree in this critical field, emphasizing…
Critical Vulnerability Discovered in Google Cloud Platform’s Cloud Functions Service Cybersecurity experts have identified a significant privilege escalation vulnerability impacting the Cloud Functions service offered by Google Cloud Platform (GCP). Dubbed "ConfusedFunction" by Tenable, this vulnerability may allow malicious actors to access other services and sensitive information without authorization. The…
Fidelity Investments has recently disclosed a data breach that occurred in mid-August, affecting more than 77,000 of its customers. The nature of the breach raises significant concerns about the security posture of the company, particularly in relation to its customer-facing web applications, which may have been exploited due to apparent…
On April 24, 2024, cloud storage provider Dropbox reported a data breach affecting its digital signature product, Dropbox Sign, formerly known as HelloSign. Unidentified threat actors gained unauthorized access to sensitive user information, including emails, usernames, and general account settings for all Dropbox Sign users. The incident was disclosed in…
