Security

In the digital age, Aadhaar Plus has emerged as a powerful tool, revolutionizing identity verification and secure digital user onboarding processes. With its conveniently designed workflows, and efficiently integrated technology, Aadhaar Plus is reshaping the way we process digital identities and carry out Know-Your-Customer (KYC) processes in India. In this blog, we will explore the potential of Aadhaar Plus and how it is transforming various sectors.

Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that forced verification involves bypassing biometric data checks.

The evolution of cybersecurity tools is nothing short of remarkable, but I suppose they had to be when it isn’t just the Morris Worm you’re worried about. There has been a wave of buzz around the latest technology in years gone by. EDR evolved into MDR, then SASE, and in recent times we’ve seen Immutable Backup take the front seat.

A zero-day vulnerability, denoted by the CVE identifier CVE-2023-30777, exposes a dangerous reflected cross-site scripting (XSS) flaw. This high-severity vulnerability has been discovered within the WordPress plugin (Advanced Custom Fields (ACF) and Advanced Custom Fields Pro). The CVE-2023-30777 exposes over 2 million installations to security risks, triggering widespread concern and anxiety among website owners and administrators.

A new study found that ChatGPT can accurately recall any sensitive information fed to it as part of a query at a later date without controls in place to protect who can retrieve it. The frenzy to take advantage of ChatGPT and other AI platforms like it has likely caused some to feed it plenty of corporate data in an effort to have the AI process and provide insightful output based on the queries received.

As organizations continue to place more emphasis on cybersecurity for medical devices and IoT, consider fuzz testing. Cybersecurity in medical devices has become a hot topic for both medical and IoT verticals, and it is starting to gain government attention, too.

ISO 27001 is commonly used for assessing supply chain and data breach risks during due diligence. This post provides a free ISO 27001 vendor questionnaire template for a high-level evaluation of vendor information security standards. Though this security assessment template only broadly covers Supply Chain Risk Management aspects of ISO 27001, it should still be sufficient for identifying potential deficiencies in a vendor’s security control strategy requiring further investigation.

On May 31, 2023, Progress released a security advisory warning customers of a critical zero-day vulnerability being actively exploited in MOVEit Transfer, a managed file transfer (MFT) solution. The exploitation of this vulnerability could lead to escalated privileges and potential unauthorized access to an environment, allowing threat actors to steal data and extort organizations.

Tweak our default severity rules or create new ones and align GitGuardian’s automated severity scoring engine with your organization’s security priorities!

With digital transformation rapidly multiplying attack vectors across the cloud, remote work environments, and Shadow IT endpoints, mapping your digital footprint, let alone implementing an effective attack surface management strategy, is not as easy as it once was. As a result, communicating the value and progress of Attack Surface Management (ASM) to the board is becoming a considerable challenge that must be addressed before threat landscapes evolve beyond the reach of mitigation capabilities.