We’re all looking for the guy who did this.
There's almost no precedent for the heads of Defense, State, Intelligence and National Security to be sharing such sensitive military intelligence in a forum that was known to be unsecured.Bad boys don't play by the rules. Operational security is for sheeple.
The Trump administration has publicly and privately signaled that it does not believe Russia represents a cyber threat against US national security or critical infrastructure, marking a radical departure from longstanding intelligence assessments.US Republicans have betrayed their country. They are now the Russian party. Americans need to resist and vote for people who will protect the country, not lower its defenses for takeover.
The operational emphasis on Signal from multiple threat actors in recent months serves as an important warning for the growing threat to secure messaging applications that is certain to intensify in the near-term.Secure messaging apps under fire. Good to see the methods involved in gaining access to be aware of them.
“I don’t recall seeing an ‘NTSB Board’ being fired during the middle of a plane crash investigation,” Frost said in a recent SANS newsletter. “I can say that the attackers in the phone companies will not stop because the review board has gone away. We do need to figure out how these attacks occurred, and CISA did appear to be doing some good for the vast majority of the federal systems.”If you never investigate crimes did they really happen?
Harris said he pleaded with the company for several years to address the flaw in the product, a ProPublica investigation has found. But at every turn, Microsoft dismissed his warnings, telling him they would work on a long-term alternative — leaving cloud services around the globe vulnerable to attack in the meantime.Public corporations that value shareholders more than customers were a mistake and definitely shouldn’t be handling national security. This whole series of events is frustrating because it was preventable.
Hagenah says that in cases of employers with “bring your own devices” policies, there’s a risk of someone leaving with huge volumes of company data saved on their laptops. That’s a particular risk if they’re disgruntled or leave on bad terms, he says.Or how about when a company is sued and must turn over all related employee Recall data? Seems like much more information than texts and emails contain. Companies might want to run this feature by their general counsel before deploying.
I think they are probably going to set fire to the entire Copilot brand due to how poorly this has been implemented and rolled out. It’s an act of self harm at Microsoft in the name of AI, and by proxy real customer harm.AI has really obliterated the idea of getting consent from users. Big companies are just enabling data theft on a grand scale now. It's like people who build houses working for thieves rather than homeowners.
As North Carolina and Montana enact new age verification laws effective January 1, residents can’t view sites in Pornhub’s parent company network.Interesting Republican effort to raise awareness and use of VPNs in red states.
In a press release, the FTC said that "Ring deceived its customers by failing to restrict employees' and contractors' access to its customers' videos, using customer videos to train algorithms, among other purposes, without consent, and failing to implement security safeguards." In one case, an employee "viewed thousands of video recordings belonging to female users of Ring cameras that surveilled intimate spaces in their homes such as their bathrooms or bedrooms," the FTC said.This is awful and why I try not to buy surveillance devices. It’s difficult not to send data out of your house but I hope not being connected to the Internet becomes a selling point for electronics eventually.
"So the more correct interpretation of events is: we do not have a new breach now, LastPass rather failed to contain the August 2022 breach. And because of that failure people’s data is now gone. Yes, this interpretation is far less favorable of LastPass, which is why they likely try to avoid it."I believe password managers are critical and also that this password manager is being mismanaged. I guess the time for me to move to a different service was last year.
"Armed with secret court orders in the United States and the help of governments around the world, the Justice Department and the F.B.I. disconnected the networks from the G.R.U.’s own controllers. “Fortunately, we were able to disrupt this botnet before it could be used,” Mr. Garland said."Fantastic work and a great story. Just give me a steady stream of cybersecurity success stories please. Call the new beat Botnet Dragnet. I’ll waive my naming fee.