A new threat vector discovered by Cato Research could reveal proprietary information about the internal configuration of a GPT, the simple custom agents for ChatGPT. With that information, hackers could clone a GPT and steal one’s business. Extensive resources were not needed to achieve this aim. Using simple prompts, I was able to get all the files that were uploaded to GPT knowledge and reveal their internal configuration.

Yes, it is possible for someone to hack your Zelle account with your phone number if you use your phone number as a method of authentication for the Zelle app. This is possible due to a cyber threat known as a SIM-swapping attack. However, this shouldn’t be a cause for panic, as there are security measures you can take to prevent this from happening.

Researchers have developed AI technology that can mimic someone’s handwriting with only a few paragraphs of written content. Experts worry about the possibility of misuse. The Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) in Abu Dhabi announced they have developed handwriting AI based on a neural network designed to learn context and meaning in sequential data.

Researchers at Check Point warn that scammers are using airdrops to distribute phony non-fungible tokens (NFTs) that direct users to malicious sites. “This campaign is unique in its methodology, employing a source spoofing technique to target a broad spectrum of token holders,” the researchers write.

Passwords are part of every organization’s security risk profile. Just one weak password with access to an organization’s critical systems can cause a breach, take down a network or worse. Whether we like it or not, passwords are here to stay as a form of authentication. It’s why cybercriminals never stop looking for ways to hack into your network. If your users’ passwords can be guessed, they’ve made the bad actors’ jobs that much easier.

Researchers at Malwarebytes warn that a malvertising campaign is targeting Chinese-speaking users with phony ads for encrypted messaging apps. The ads impersonate apps that are restricted in China, such as Telegram or LINE. “The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead,” Malwarebytes says.

With the digitalization of patient data, the healthcare industry has significantly improved and transformed healthcare processes. This shift to digital data has brought many benefits, like improved quality of care, reduction in errors, and improved communication. However, the shift to digitalization has also led to the exponential collection of data, which is primarily unstructured. To put things in perspective, a typical healthcare and life sciences organization manages over 32.6 million sensitive files.

Zero-day vulnerabilities have transformed into something of a boogeyman for business owners. They represent a significant threat to sensitive information and assets but are extremely challenging to respond to. Learning the importance of preemptive strategies for zero-day attacks is vital for individuals and organizations wanting to remain safe from threat actors.

This week, federal guidelines were published to assist owners and operators in the water and wastewater systems (WWS) sector on best practices for cyber incident response. Guideline are great, but they are just suggestions unless there are the resources for the WWS operators to enable them and some form industry monitoring to ensure they are met.

We spend a lot of time focusing on simplifying cloud management and many of the most difficult IT challenges for our customers that we sometimes forget how unique this is. Which is why we were pleasantly surprised when CRN told us they were naming 11:11 Systems to its Stellar Cloud Startup list.