There are three vulnerabilities impacting Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core: CVE-2023-35078 and CVE-2023-35082, which both enable authenticated bypass for unauthorized access; and CVE-2023-35081, which allows directory traversal with privilege escalation and arbitrary file write. These Ivanti EPMM vulnerabilities have been observed in active cyber attacks on systems using the affected versions.

Hospitality is a broad field encompassing service organizations that provide lodging, food and beverages, travel and tourism, and entertainment and recreation. Since the COVID-19 pandemic hit the hospitality industry hard, it’s made significant steps toward recovery. Hospitality businesses must remain vigilant to continue this recovery amid an evolving cyber threat landscape.

While the tech sector is a pillar of efficiency and creativity, tech businesses are often vulnerable because of the type and amount of critically important data they handle. Tech companies are often at risk of cyber attacks from individual hackers, cyber spies, and nation-state-sponsored hacking groups. In this post, we’ll look at common traits of tech businesses that can expose them to cyber risks and make them a popular target for cybercriminals.

‍Educational institutions are among the top targets for hackers and cybercriminals. Education is among the sectors that experience the most cyber attacks, including healthcare, finance, and retail. According to Check Point’s Mid-Year Report for 2022, the education sector had 44% more cyber attacks than the year earlier. An average of about 2300 attacks against educational organizations were reported weekly.

Book publishers, movie distributors, TV producers, game developers, and newspaper publishers are just a few of the many businesses in the media and entertainment industry increasing their use of online services. Streaming services and the production of digital assets are the norm for media companies around the globe.

In 2016, the European Commission adopted the EU Network and Information Security (NIS) Directive. The directive aims to establish regulations that improve the overall cybersecurity level across Europe and was recently updated in January 2023 to a new directive called NIS2. The NIS Directive is a multifaceted legislation that applies to various industry sectors, providing regulations that help EU member states build strong cybersecurity postures.

Whether your organization is prepared or not, the risks associated with third-party partnerships will continue to increase. In 2022, approximately 1,802 data breaches exposed the information of more than 422 million individuals in the United States alone. While those numbers are enough to frighten any organization, many reports expect them to continue to rise throughout 2024.

Vendor Risk Management is critical for reducing the impact of security risks associated with third-party vendors. But often included with this cybersecurity practice is a bloat of administrative processes that disrupt workflows and impact VRM efficacy, defeating the purpose of even having a VRM program. To establish a scalable Vendor Risk Management program, cybersecurity teams should take advantage of every opportunity to replace manual processes with automation technology.

Technology in the modern era moves fast. Historically, new technologies emerged quickly as well, but novelty in the age of computing occurs in a matter of days, sometimes even minutes. Do you use the same computer or cell phone that you did five years ago? And how often do you run software updates or patches on your devices?

When a company contracts or partners with a third party to handle and process its sensitive customer data, it is crucial for those third parties to use effective strategies to safeguard that data. Third parties should treat the data they handle from organizations as their own, complying with regulations and security requirements set by the organization.