Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A new Cross-Site Request Forgery (CSRF) vulnerability has been discovered in PowerAdmin. This vulnerability poses a significant risk, potentially compromising user data and disrupting the designated functionality across roles.

Top tips is a weekly column where we highlight what’s trending in the tech world today and list out ways to explore these trends. This week, we’re showing you how to spot a fraud call and avoid getting scammed. Microsoft, AT&T, the FBI, and the IRS—what do these four entities have in common? Most likely, you or someone you know has received a call from somebody impersonating these entities.

New data illuminates how healthcare leaders can prioritize resilience. Organizations find themselves at the intersection of progress and peril in the rapidly evolving digital healthcare landscape. The latest data underscores that the trade-offs are significant and pose substantial risks to healthcare institutions. One of the foremost obstacles is the disconnect between senior executives and cybersecurity priorities.

Employee fraud is not just a rare occurrence, but a prevalent issue in the American workplace. Shockingly, three out of four employees have confessed to stealing from their workplace at least once for personal gain. The types of fraud are diverse, ranging from petty theft to complex schemes involving benefits, accounts receivable fraud, or intellectual property. The risk of employee fraud affects both small and large businesses.

The business world continues to move to a knowledge-worker-based economy. Companies derive less and less value from widgets and more from the processes, ideas, and innovations they create — their intellectual property (IP). But IP needs to be protected. IP theft is the appropriation of unique ideas, inventions, or theft of trade secrets, usually by malicious insiders.

Many smaller organizations aren’t sure where to start with threat intelligence; it may seem like the kind of maturity reserved for large organizations. Threat intelligence is a proactive cybersecurity strategy focused on collecting information about current threats, analyzing it, and using that information to identify and mitigate threats within the network. It’s approachable even for smaller organizations that don’t have the resources for novel research and analysis.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of real nasty Open Source issues in the past week. The first and most recent is Ghostscript. Could well be a lot of SaaS products affected.

Read Also: Four cybercrime ring members arrested for hacking government websites, teen gets one year in prison for hacking teacher’s laptop, and more.