On April 16, 2024, Ivanti disclosed two critical vulnerabilities within its Avalanche Mobile Device Management (MDM) solution. These vulnerabilities, identified as CVE-2024-29204 and CVE-2024-24996, are heap overflow issues in the WLInfoRailService and WLAvalancheService components, respectively. Both vulnerabilities have been assigned a CVSS score of 9.8, indicating their critical nature due to the potential for unauthenticated Remote Code Execution (RCE) in low-complexity attacks.

Spring is not just a time for dusting off shelves and donating old clothes; it's also the perfect season to declutter and organize your digital space.

We are happy to inform you that BDRSuite has been recognized as the “Channel Partners Preferred Backup Software of the Year” by CyberSEC Global Awards 2024 held at Dubai, UAE. This prestigious award is a testament to our unwavering commitment to delivering innovative data backup and protection solutions to our valued partners and customers.

Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post.

The US Department of Justice has indicted four Iranian nationals for allegedly launching spear phishing attacks against the US government and defense contractors. In one instance, the hackers compromised over 200,000 employee accounts at a victim organization. “In conducting their hacking campaigns, the group used spearphishing — tricking an email recipient into clicking on a malicious link — to infect victim computers with malware,” the Justice Department said.

There are so many exciting things happening in the AI space currently. One of them is the integration of Microsoft Copilot, a generative AI, with Microsoft 365 applications. This fusion brings Copilot’s capabilities into the suite’s comprehensive office productivity tools to transform daily workloads and enhance productivity efficiency through the automation of mundane tasks, alongside offering insights and analyzing data. Key features include.

The Sysdig Threat Research Team (TRT) is on a mission to help secure innovation at cloud speeds. A group of some of the industry’s most elite threat researchers, the Sysdig TRT discovers and educates on the latest cloud-native security threats, vulnerabilities, and attack patterns. We are fiercely passionate about security and committed to the cause. Stay up to date here on the latest insights, trends to monitor, and crucial best practices for securing your cloud-native environments.

While the top concern for healthcare cybersecurity professionals is credential access, the Kroll Threat Intelligence team finds that the healthcare industry is consistently targeted by ransomware groups using a combination of valid credential theft and the exploitation of vulnerabilities. These and other insights are discussed in the new Kroll report, The State of Cyber Defense: Diagnosing Cyber Threats in Healthcare.