Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Forced verification fraud and deepfake fraud are on the rise in the US and Canada, according to researchers at Sumsub. Pavel Goldman-Kalaydin, Sumsub’s Head of AI & ML, explains that forced verification involves bypassing biometric data checks.

A new study found that ChatGPT can accurately recall any sensitive information fed to it as part of a query at a later date without controls in place to protect who can retrieve it. The frenzy to take advantage of ChatGPT and other AI platforms like it has likely caused some to feed it plenty of corporate data in an effort to have the AI process and provide insightful output based on the queries received.

On May 31, 2023, Progress released a security advisory warning customers of a critical zero-day vulnerability being actively exploited in MOVEit Transfer, a managed file transfer (MFT) solution. The exploitation of this vulnerability could lead to escalated privileges and potential unauthorized access to an environment, allowing threat actors to steal data and extort organizations.

On May 31st, 2023, a working exploit has been publicly released for a remote code execution (RCE) vulnerability (CVE-2023-33733), impacting ReportLab PDF Toolkit python libraries of versions prior to 3.6.13. The researcher of the POC has previously contacted ReportLab in April 2023, detailing this vulnerability and ReportLab has released a fix on April 27th, 2023, through ReportLab 3.6.13.

A new critical zero-day vulnerability in the MOVEit Transfer software is being actively exploited by attackers to exfiltrate data from organizations. MOVEit Transfer is a managed file transfer (MFT) software, developed by Progress, designed to provide organizations a way to securely transfer files, which can be implemented on-premise or as a cloud SaaS platform. According to BleepingComputer, attackers have been actively exploiting MOVEit Transfer to download data from organizations.

In today’s rapidly digitizing world, the importance of data security has become paramount. With the increasing amount of sensitive information being shared and stored online, securing information from cyber attacks, information breaches, and theft has become a top priority for companies of all sizes. Data loss prevention (DLP) is a critical part of the Netskope Intelligent Security Service Edge (SSE) security platform, providing best-in-class data security to our customers.

Suffolk University is a private research university located near Boston, Massachusetts. The school serves over 7,500 students each year and offers more than 100 undergrad, professional, and graduate programs. A huge number of students submit data for financial aid, tuition, and more, and that data could be at risk at a school that doesn't secure its data well. The school earns more than $118 million in revenue annually.

High-profile companies, government agencies, healthcare companies, and government contractors were all exposed in data breaches this week. Tesla is one of the biggest companies to suffer from a breach this week, but the US Marine Corps, ABB, Apria Healthcare, and Suffolk University were also hit by ransomware gangs and targeted hackers. Get the details about these attacks below and stay up-to-date on any breaches that might impact you or your loved ones.