Leveraging Knowledge to Manage Your Data Risks
Threat actors are leveraging the publicity around AI tools to trick users into downloading the malware known as Noodlophile through social media sites.
Researchers from Morphisec have observed threat actors, believed to originate from Vietnam, posting on Facebook groups and other social media sites touting free AI tools. Users are tricked into believing that the…
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025.
The report stated, “Specifically, Oregonians are concerned about how government entities are handling their personal information. As of March 31, 2025, the unit had received…
I have been getting a lot of texts that are clearly scams, and those around me have confirmed an increase in spammy texts.
According to an FTC Consumer Protection Data Spotlight, individuals lost over $470 million resulting from text scams. The top text scams of 2024 that accounted for half of the $470 million…
Wired has reported that several government officials involved in the Signal chat exposing sensitive national security plans have also exposed their Venmo accounts by not adjusting their account privacy settings to prohibit the information from being publicly accessible. This means that they “left not only their contact lists publicly visible but also their transactions, which…
In the ongoing saga of the 23andMe bankruptcy, Federal Trade Commission Chairman Andrew N. Ferguson recently sent a letter to the Trustee overseeing the 23andMe bankruptcy proceeding stating, “As Chairman of the Federal Trade Commission, I write to express the FTC’s interests and concerns relating to the potential sale or transfer of millions of…
Genetic testing company 23andMe has filed for Chapter 11 bankruptcy protection, and its CEO has resigned. It is seeking to sell “substantially all of its assets” through a reorganization plan that will have to be approved by a federal bankruptcy judge.
Mark Jensen, Chair and member of the Special Committee of the Board of…
A Microsoft blog post reported that incident response researchers uncovered a remote access trojan in November 2024 (dubbed StilachiRAT) that “demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.”
According to Microsoft, the StilachiRAT threat actors use different methods to steal information from the victim, including credentials stored in…
We have educated our readers about phishing, smishing, QRishing, and vishing scams, and now we’re warning you about what we have dubbed “snailing.” Yes, believe it or not, threat actors have gone retro and are using snail mail to try to extort victims. TechRadar is reporting that, according to GuidePoint Security, an organization received several…
According to a new LayerX report, most users are logging into GenAI tools through personal accounts that are not supported or tracked by an organization’s single sign on policy. These logins to AI SaaS applications are unknown to the organization and are “not subject to organizational privacy and data controls by the LLM tool.”…
