Security

The company released a statement last week disclosing that an “unauthorized external party” managed to obtain “contact information relating to consumers who had contacted our customer service help desk in the past.”

The tumultuous year under the Trump administration continues for the Cybersecurity and Infrastructure Security Agency (CISA), as many senior officials across the agency have recently left, or will soon be leaving, according to a report by The Washington Post and cited by Cybersecurity Drive. These departures punctuate numerous setbacks the agency has faced since Trump took office, including being told to halt its election security efforts and almost lapsing the CVE program that some of the world’s biggest companies rely on to track cybersecurity vulnerabilities.

On Monday, a report from 404Media found that a hacker obtained direct messages and CBP contact information from TeleMessage after Mike Waltz was spotted using the company’s modified version of Signal.

Donald Trump announced Thursday that he would remove Michael Waltz as National Security Advisor and appoint him as ambassador to the United Nations. CBS reported earlier that Trump did not want to explicitly fire Waltz, the person who accidentally added The Atlantic’s Jeffrey Goldberg to the group chat, but waited several weeks before he could spin the demotion as part of a reorganization strategy at the National Security Council.

The increase in AI tools, deepfake technology, and fully remote jobs following the covid pandemic has enabled a new kind of scam: workers who take jobs with US and European companies under false identities and send their salaries to the North Korean government.

Dutch right-wing activist Eva Vlaardingerbroek reported receiving a message from Apple, saying the company “detected a targeted mercenary spyware attack against your iPhone.” The message adds, “This attack is likely targeting you specifically because of who you are or what you do.”

Trump’s interview with The Atlantic editor in chief Jeffrey Goldberg (on purpose, this time) is now out. If you choose to use Signal, we have some advice on how, but here’s the president’s take:

After posting to its blog for the first time in 8 years on Friday, 4chan published a new post explaining what took the site down on April 14th, as Engadget spotted. The social media site blames hackers uploading a “bogus PDF” that “exploited an out-of-date software package on one of 4chan’s servers.”

Google’s Scam Detection feature, which works on Pixel Watch 2 and 3 devices connected to a Pixel 9 and newer phone, will notify you if it thinks you’re talking to a scammer on a call, according to a support post.

Apple has won its first legal battle over the UK’s demand for a backdoor to encrypted data: the right to tell everyone it’s happening. The Investigatory Powers Tribunal has ruled on whether Apple’s claim should be kept secret on national security grounds, and Apple won.

After years of providing breach notifications and useful advice about how to avoid getting hacked, Have I Been Pwned operator Troy Hunt’s personal blog mailing list has become the source of a breach after he fell for a fake spam alert phishing attack this week. He has notified subscribers, and is following up for people who unsubscribed but still had data stored by his provider, Mailchimp.

The device helps you access your Google account without a password by connecting to your PC through a USB port or wirelessly with NFC. It’s now available for purchase in 11 more countries, including Ireland, Portugal, The Netherlands, Australia, New Zealand, Singapore, Puerto Rico, and others.

CIA director John Ratcliffe, Director of National Intelligence Tulsi Gabbard, FBI Director Kash Patel, and others are testifying today before the House Intelligence Committee. Unsurprisingly, a good amount of the hearing is centered around Signalgate, with most questions coming from Democrats. Watch a recording below.

A day after The Atlantic EIC Jeffrey Goldberg revealed he’d been inadvertently included in a group message on Signal where Trump admin officials discussed details of an upcoming military strike, CBS News reports on an NSA warning from February that the app isn’t approved for “nonpublic unclassified” information. Despite testimony today that no classified material was shared, the NSA noted the danger posed by Russian phishing campaigns attempting to add a linked device and bypass Signal’s encryption for surveillance.