On July 10, 2024, ServiceNow disclosed a series of critical vulnerabilities impacting their platform, identified as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. These vulnerabilities were responsibly disclosed to ServiceNow in May 2024 by Assetnote, a cybersecurity firm. ServiceNow responded by patching hosted instances in June 2024.

Data leaks are a growing concern for organizations due to the rising volume of sensitive information stored digitally. Leaks occur when sensitive data is inadvertently exposed, and they can easily lead to cyber attacks, reputational damage, and enormous financial costs. The best way to protect against them is to stop them from occurring in the first place. In this blog, we’ll delve into the common causes of leaks and best practices to bolster data security and prevent data leaks effectively. ‍

The relentless battle against cyber threats continues, and CVE-2024-30078 stands as a stark reminder of the ever-present need for vigilance. A critical vulnerability (CVE-2024-30078) has been identified in Wi-Fi drivers for various Microsoft Windows versions. This flaw allows attackers within Wi-Fi range to remotely execute malicious code (RCE) on vulnerable systems. Immediate patching is recommended.

Google Chat is a popular communication software that allows you to share content and send messages in real time. Individuals use it for personal communication or collaboration with teams at work. However, as its popularity is increasing, people are using it as their primary form of communication.

LinkedIn is the world's largest professional networking service for accountants, policemen, politicians, advertising professionals, business executives, college students, investment bankers, and consultants. Most use LinkedIn to connect with others and help with career development, new business contacts, and professional networking. However, job scams and other online cybercriminals use LinkedIn features for fraudulent activities.

Ponzo schemes continue to grow in complexity and notoriety. These schemes are not transactions or one-time hacks. “Ponzi schemes are fraudulent business operations that promise high returns with little or no risk, claiming investors' money will go towards a legitimate investment.” Investors believe they will score huge returns from their initial investment, yet most only realize once it is too late that the entire scheme is doomed to fail from the beginning.

“Safeguarding personal health information (PHI) is governed under the Health Insurance Portability and Accountability Act (HIPAA).” Protecting identifiable health data is the responsibility of everyone who comes into contact with it, including covered entities. Healthcare providers, health plan companies, school districts not covered under FERPA, universities, employers, and federal, state, and local government agencies are mandated to protect PHI data from any security risk.

Network Access Control (NAC) has undergone significant advancements since the beginning, continuously adapting for cybersecurity threats and technological innovation. As organizations embrace BYOD (Bring Your Own Device) and IoT/OT (Internet of Things/Operational Technology), vendors have transformed traditional NAC solutions to meet these new demands while maintaining a balance between usability and security.