Cybersecurity

Reports suggest #DOGE staff are bypassing #cybersecurity best practices, installing unsecured email servers, and accessing sensitive systems without proper vetting. A security expert explains the implications: https://buff.ly/4hPEXM0

"Over many years, EFF has been pushing for users to switch to platforms that understand the value of encrypting data. We have also been pushing platforms to make end-to-end encryption for online communications and for your stored sensitive data the norm. This type of encryption helps ensure that a conversation is private between you and the recipient, and not accessible to the platform that runs it or any other third-parties. Thanks to the combined efforts of our organization and dozens of other concerned groups, tech users, and public officials, we now have a lot of options for applications and platforms that take our privacy more seriously than in previous generations. But, in light of recent political developments it’s time for a refresher course: which platforms and applications have encrypted DMs, and which have access to your sensitive personal communications.

The existence of what a platform calls “end-to-end encryption” is not foolproof. It may be poorly implemented, lack widespread adoption to attract the attention of security researchers, lack the funding to pay for security audits, or use a less well-established encryption protocol that doesn’t have much public scrutiny."

https://www.eff.org/deeplinks/2025/02/when-platforms-and-government-unite-remember-whats-private-and-what-isnt

#SocialMedia #SocialNetworks #CyberSecurity #Encryption #Privacy

Reports suggest #DOGE staff are bypassing #cybersecurity best practices, installing unsecured email servers, and accessing sensitive systems without proper vetting. A security expert explains the implications: https://buff.ly/3WPwhNm

This Musk guy is so, but so idiotic that he doesn't even know that most of the source of US soft power throughout the world was the funding by the CIA and other federal agencies of cultural activities like jazz shows and art festivals in Europe and Africa. He is a complete and total PHILISTINE. To hell with this guy! I don't want no intellectual retards imposing their will on the world.

"The capture shows that the site contains a list of vague, alleged government-funded tasks and their costs, without sources or context, like “$1.3 million to Arab and Jewish photographers," “$1.5 million for ‘art for inclusion of people with disabilities,’” and "$3.4 million for Malaysian drug-fueled gay sex app.” DEI.gov redirects to waste.gov and is currently inaccessible without a password; Elon Musk told reporters on Tuesday that his Department of Government Efficiency (DOGE) is “trying to be as transparent as possible.”

⁨The researcher is Henrik Schönemann⁩, a historian who started the Safeguarding Research & Culture archivalist project, posted screenshots on Mastodon showing the contents. Schönemann⁩ also shared the specific site scrapes that he was able to capture, which showed the contents of the site. He told 404 Media he set up a change detection app using PikaPods, and is monitoring changes across hundreds of government websites. When the dei.gov and waste.gov sites were registered 10 days ago, he started tracking them, too.

Before the site administrators added a Wordpress template to the pages, the list was online at those URLs. This list was only online for a maximum of 30 minutes, starting around 4:50 p.m. EST; by 5:23 p.m. on February 11, it was gone from public view, according to the snapshots Schönemann’s app⁩ captured."

https://www.404media.co/dei-waste-gov-doge-list-behind-password/

#USA #CyberSecurity #Musk #DOGE #DataProtection

Meta paid over $2.3 million in bounties for its whitehat program, but some cybersecurity pros remain unsatisfied.

#Meta #bounty #cybersecurity #cybercrime #DataSecurity

https://cnews.link/meta-bug-bounties-white-hatters-complain-3/

Musk’s DOGE cost-cutting efforts may backfire, as lax cybersecurity lets anyone access the government’s new website.

#ElonMusk #DOGE #cybersecurity #government #website #hackers

https://cnews.link/musk-doge-website-hacked-3/

"A high volume of recent ML security literature focuses on attacks against aligned large language models (LLMs). These attacks may extract private information or coerce the model into producing harmful outputs. In real-world deployments, LLMs are often part of a larger agentic pipeline including memory systems, retrieval, web access, and API calling. Such additional components introduce vulnerabilities that make these LLM-powered agents much easier to attack than isolated LLMs, yet relatively little work focuses on the security of LLM agents. In this paper, we analyze security and privacy vulnerabilities that are unique to LLM agents. We first provide a taxonomy of attacks categorized by threat actors, objectives, entry points, attacker observability, attack strategies, and inherent vulnerabilities of agent pipelines. We then conduct a series of illustrative attacks on popular open-source and commercial agents, demonstrating the immediate practical implications of their vulnerabilities. Notably, our attacks are trivial to implement and require no understanding of machine learning."

https://arxiv.org/html/2502.08586v1

#AI #GenerativeAI #LLMs #AISafety #CyberSecurity #ChatBots

"The encryption wars have reached a fever pitch, and the most contentious battle is not happening in the United States, where much of the action has been in the past — like the government’s efforts to restrict exports of encryption software until the 1990s and the FBI’s standoff with Apple in 2016. It’s in the United Kingdom, where the government has reportedly ordered Apple to give officials blanket access to iCloud users’ encrypted backups. And the order allegedly didn’t just apply to UK users — it demanded backdoor access for users worldwide.

The secret order, first reported by The Washington Post, was issued in January under the auspices of the UK’s Investigatory Powers Act of 2016. Apple’s compliance or refusal will have ramifications far beyond the UK, potentially making users less safe and signaling to other governments that they, too, can seek backdoor access — a way of bypassing encryption — to users’ information via legislation.

“Simply put, the message the UK government is sending is that its own citizens cannot expect its government to respect their privacy, and that it is willing to put their security at risk from all manner of bad actors like hackers and thieves because it cannot tolerate the ability to have a private conversation online,” Andrew Crocker, surveillance litigation director at the Electronic Frontier Foundation, told The Verge."

https://www.theverge.com/policy/612136/uk-icloud-investigatory-powers-act-war-on-encryption

#UK #CyberSecurity #Privacy #Encryption #Apple #iCloud

"The doge.gov website that was spun up to track Elon Musk’s cuts to the federal government is insecure and pulls from a database that can be edited by anyone, according to two separate people who found the vulnerability and shared it with 404 Media. One coder added at least two database entries that are visible on the live site and say “this is a joke of a .gov site” and “THESE ‘EXPERTS’ LEFT THEIR DATABASE OPEN -roro.”

Doge.gov was hastily deployed after Elon Musk told reporters Tuesday that his Department of Government Efficiency is “trying to be as transparent as possible. In fact, our actions—we post our actions to the DOGE handle on X, and to the DOGE website.” At the time, DOGE was an essentially blank webpage. It was built out further Wednesday and Thursday, and now shows a mirror of the @DOGE X account posts, as well as various stats about the U.S. government’s federal workforce.

Two different web development experts who asked to remain anonymous because they were probing a federal website told 404 Media that doge.gov is seemingly built on a Cloudflare Pages site that is not currently hosted on government servers. The database it is pulling from can be and has been written to by third parties, and will show up on the live website."

https://www.404media.co/anyone-can-push-updates-to-the-doge-gov-website-2/

#USA #Musk #Trump #DOGE #CyberSecurity #SQL #Databases #Privacy #DataProtection

Microsoft researchers expose “BadPilot,” a subgroup aiding Kremlin-backed hackers Seashell Blizzard in global cyberattacks.

#Microsoft #cybersecurity #cybercrime #Russia #cybercrime

https://cnews.link/russian-state-threat-seashell-blizzard-badpilot-subgroup-1/

Password managers are one of the most effective ways of securely storing passwords for multiple sites and platforms, but a new report tells us that cybercriminals are increasingly targeting them in their attacks.
@DigitalTrends has the details:

https://flip.it/j7LgOK

#PasswordManager #Password #Cybersecurity #InternetSecurity #Internet

Non-Western nations are increasingly relying on cybercriminals for intelligence and cyberwarfare operations.

#cybersecurity #Ukraine #Russia #cybercrime #cyberattack

https://cnews.link/russia-cybercriminals-ukraine-war-1/

Cl0p, a Russia-linked ransomware gang, has resurfaced, claiming attacks on 47 companies, including DXC Technology and Chicago Public Schools.

#ransomware #Russia #cyberattack #cybersecurity #cybercrime #chicago

https://cnews.link/chicago-schools-dxc-technology-cl0p-ransomware-1/

"When the Chinese hacker group known as Salt Typhoon was revealed last fall to have deeply penetrated major US telecommunications companies—ultimately breaching no fewer than nine of the phone carriers and accessing Americans' texts and calls in real time—that hacking campaign was treated as a four-alarm fire by the US government. Yet even after those hackers' high-profile exposure, they've continued their spree of breaking into telecom networks worldwide, including more in the US.

Researchers at cybersecurity firm Recorded Future on Wednesday night revealed in a report that they've seen Salt Typhoon breach five telecoms and internet service providers around the world, as well as more than a dozen universities from Utah to Vietnam, all between December and January. The telecoms include one US internet service provider and telecom firm and another US-based subsidiary of a UK telecom, according to the company's analysts, though they declined to name those victims to WIRED."

https://www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/

#CyberSecurity #China #SaltTyphoon #StateHacking #USA #BigTelco #Hacking

An exposed instance with an unknown owner has revealed copious amounts of records from multiple Middle Eastern nations.

#CyberSecurity #DataPrivacy #DataSecurity #Database #infosec

https://cnews.link/hundreds-millions-records-phone-numbers-leak-3/

Cyberdrama was unleashed after attackers claimed they had breached the notorious personal data dumpsite Doxbin.

#cybersecurity #cyberattack #datasecurity #DataPrivacy

https://cnews.link/hackers-doxbin-breach-1/

There’s a direct correlation between the surge in crypto prices and the likelihood of your devices getting infected with malware.

#malware #cybersecurity #device #crypto #USB

https://cnews.link/crypto-boom-malware-surge-1/

CISA warns that threat actors are exploiting two newly disclosed Microsoft zero-day vulnerabilities and urges immediate patching.

#cybersecurity #CISA #Microsoft #cybercrime #patch

https://cnews.link/microsoft-patches-new-windows-zero-days-3/

"In the nascent field of AI hacking, indirect prompt injection has become a basic building block for inducing chatbots to exfiltrate sensitive data or perform other malicious actions. Developers of platforms such as Google's Gemini and OpenAI's ChatGPT are generally good at plugging these security holes, but hackers keep finding new ways to poke through them again and again.

On Monday, researcher Johann Rehberger demonstrated a new way to override prompt injection defenses Google developers have built into Gemini—specifically, defenses that restrict the invocation of Google Workspace or other sensitive tools when processing untrusted data, such as incoming emails or shared documents. The result of Rehberger’s attack is the permanent planting of long-term memories that will be present in all future sessions, opening the potential for the chatbot to act on false information or instructions in perpetuity."

https://arstechnica.com/security/2025/02/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory/

#AI #GenerativeAI #CyberSecurity #PromptEngineering #Gemini #Google #PromptInjection

"Another person who was allegedly targeted on WhatsApp with spyware made by Israeli company Paragon has come forward.

Beppe Caccia, one of the co-founders of Mediterranea Saving Humans, an Italian non-government organization that helps immigrants, told TechCrunch that he had been targeted by the spyware campaign.

Caccia disclosed he was targeted after another one of his organization’s co-founders, Luca Casarini, said publicly last week that he had also received a notification from WhatsApp alerting him to the suspected spyware attack.

On Monday, during a press conference organized by Sandro Ruotolo, an Italian member of the European Parliament, Casarini said that he filed a complaint with the Prosecutor’s Office in Palermo, Italy, regarding the alleged hack. Casarini said his goal was to find out who targeted him and his organization.

“We don’t have anything to hide. Those who spy have a lot to hide,” said Casarini.
(...)
In the same press release, the Italian government said that Meta told it there were other targets in Austria, Belgium, Cyprus, Czech Republic, Denmark, Germany, Greece, Latvia, Lithuania, the Netherlands, Portugal, Spain, and Sweden."

https://techcrunch.com/2025/02/11/another-person-targeted-by-paragon-spyware-comes-forward/

#CyberSecurity #Spyware #Paragon #WhatsApp #SocialMedia

The US joined Australia and Britain in sanctioning Russia-based Zservers for aiding Lockbit ransomware, the Treasury announced.

#US #Australia #Russia #ransomware #CyberSecurity #cybercrime

https://cnews.link/lockbit-hosting-zservers-sanctioned-treasury-4/

▪ @cybernews@infosec.exchange research ▪ Hipshipper, an international shipping platform, exposed millions of shipping labels with customer data.

#cybersecurity #DataSecurity #dataprivacy #shipping #data

https://cnews.link/hipshipper-data-leak-exposed-shipping-records-3/

"On Monday, Apple released updates for its mobile operating systems for iOS and iPadOS, which fixed a flaw that the company said “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

In the release notes for iOS 18.3.1 and iPadOS 18.3.1, the company said the vulnerability allowed the disabling of USB Restricted Mode “on a locked device.” Introduced in 2018, USB Restricted Mode is a security feature that blocks the ability for an iPhone or iPad to send data over a USB connection if the device isn’t unlocked for seven days. Last year, Apple released another security feature that reboots devices if they are not unlocked for 72 hours, making it harder for law enforcement or criminals using forensic tools to access data on those devices.

Based on its language used in its security update, Apple hints that the attacks were most likely carried out with physical control of a person’s device, meaning whoever was abusing this flaw had to connect to the person’s Apple devices with a forensics device like Cellebrite or Graykey, two systems that allow law enforcement to unlock and access data stored on iPhones and other devices.

The vulnerability was discovered by Bill Marczak, a senior researcher at the Citizen Lab, a University of Toronto group that investigates cyberattacks against civil society."

https://techcrunch.com/2025/02/10/apple-fixes-iphone-and-ipad-bug-used-in-an-extremely-sophisticated-attack/

#CyberSecurity #Apple #iPhone #iOS #iPadOS #iPad

#Nordnet - nordic digital platform for savings and investments - had an issue where people could see each others information. The website has been taken down for now.

https://www.nordnet.fi/

#infosec #infosecurity #cybersecurity #privacy

"The nation’s payment system has historically been operated by a very small group of nonpartisan career civil servants. In recent days, that norm has been upended, and the roles of these nonpartisan officials have been compromised by political actors from the so-called Department of Government Efficiency. One has been appointed fiscal assistant secretary — a post that for the prior eight decades had been reserved exclusively for civil servants to ensure impartiality and public confidence in the handling and payment of federal funds.

These political actors have not been subject to the same rigorous ethics rules as civil servants, and one has explicitly retained his role in a private company, creating at best the appearance of financial conflicts of interest. They lack training and experience to handle private, personal data — like Social Security numbers and bank account information. Their power subjects America’s payments system and the highly sensitive data within it to the risk of exposure, potentially to our adversaries. And our critical infrastructure is at risk of failure if the code that underwrites it is not handled with due care. That is why a federal judge this past weekend blocked, at least temporarily, these individuals from the Treasury’s payments system, noting the risk of “irreparable harm.”"

https://www.nytimes.com/2025/02/10/opinion/treasure-secretaries-doge-musk.html

#USA #DOGE #Musk #FederalTreasury #USTreasury #USConstitution #Cybersecurity #Privacy #DataProtection