Our news

  • Cybersecurity and Artificial Intelligence Regulation

    Cybersecurity regulation has evolved over the years. This has become the norm as technology is constantly advancing and being used in new and scary ways. Similar to how the Health Insurance Portability and Accountability Act, otherwise known as HIPPA, tells administrators who can view patient information and how that information must be protected digitally, cybersecurity

    READ MORE

  • New CISA Plan Aligns Federal Agencies in Cyber Defense

    Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan. Developed in collaboration with FCEB agencies, this plan provides standard, essential components of enterprise operational cybersecurity and aligns the collective operational defense capabilities across the federal enterprise. Currently, federal agencies maintain their own networks and

    READ MORE

  • Vulnerability Summary for the Week of September 9, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info Siemens–Industrial Edge Management Pro  A vulnerability has been identified in Industrial Edge Management Pro (All versions < V1.9.5), Industrial Edge Management Virtual (All versions < V2.3.1-1). Affected components do not properly validate the device tokens. This could allow an unauthenticated remote attacker

    READ MORE

  • CISA Releases Analysis of FY23 Risk and Vulnerability Assessments

    CISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23). The analysis details a sample attack path including tactics and steps a cyber threat actor could follow to compromise an organization with weaknesses representative of those

    READ MORE

  • Cisco Releases Security Updates for Cisco Smart Licensing Utility

    Cisco released security updates to address two vulnerabilities (CVE-2024-20439 and CVE-2024-20440) in Cisco Smart Licensing Utility. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisory and apply the necessary updates:  Cisco Smart Licensing Utility Vulnerabilities

    READ MORE

  • Ivanti Releases Security Updates for Endpoint Manager, Cloud Service Application, and Workspace Control

    Ivanti released security updates to address multiple vulnerabilities in Ivanti Endpoint Manager, Cloud Service Application 4.6, and Workspace Control. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary guidance and updates:  Ivanti Endpoint

    READ MORE

  • Pegasus Spyware Sextortion Scams – What You Need to Know

    In recent years, cybercriminals have become increasingly adept at deploying a variety of phishing and extortion tactics to manipulate and intimidate unsuspecting victims. One of the more alarming threats involves the Pegasus spyware sextortion scam, a new twist on classic phishing schemes designed to frighten recipients into paying a ransom. Below, we’ll dive into the

    READ MORE

  • Citrix Releases Security Updates for Citrix Workspace App for Windows

    Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following and apply necessary updates:  Citrix Workspace app for Windows Security Bulletin for CVE-2024-7889 and CVE-2024-7890

    READ MORE

  • The Psychology of Phishing

    But I’m smart! How did I get hacked?  Whether cognizant of our actions, or not, we all use forms of social engineering in our everyday lives.  Perhaps you praise a child to reinforce good behavior.  Did you unconsciously curate your social media to present only what you want others to see and therefore think about

    READ MORE

  • Vulnerability Summary for the Week of September 2, 2024

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Patch Info abcd-community — abcd  A vulnerability classified as problematic has been found in ABCD ABCD2 up to 2.2.0-beta-1. This affects an unknown part of the file /common/show_image.php. The manipulation of the argument image leads to path traversal: ‘../filedir’. It is possible to initiate

    READ MORE