Technologist. Educator. Dessert hound. Sophos executive focused on the cybersecurity market. Views expressed are my own.
They Asked an A.I. Chatbot Questions. The Answers Sent Them Spiraling.
https://www.nytimes.com/2025/06/13/technology/chatgpt-ai-chatbots-conspiracies.html?utm_source=flipboard&utm_medium=activitypub
Posted into Most Emailed @most-emailed-newyorktimes
If there's anything that illustrated the hollowness of the Democratic Party as an effective opposition for me, it's this.
Yesterday, I watched a video of a sitting US Senator being thrown to the ground and cuffed by fed goons for asking questions of the fed official he has direct oversight authority over.
Within minutes, I'd gotten DOZENS of texts from Dems and Dem orgs asking for $5-$50 to "fight fascism."
That's it. "Are you terrified that your country is slipping into fascism? Pay me."
Padilla's assault & handcuffing is getting all the attention, but what Noem said is perhaps more terrifying.
"We are not going away. We are staying here to liberate the city from the socialists and the burdensome leadership that this governor and that this mayor have placed on this country and what they have tried to insert into the city."
Admitting they're not here for violent criminals, they're here to overthrow our elected officials
Oh I guess ICE is “secret police” now just because they deploy anonymous masked agents from unidentified agencies who do not show identification.
You know what’s underrated?
Sleeping without being scored.
Walking without earning a badge.
Feeling something without logging it.
https://www.joanwestenberg.com/why-i-gave-up-my-smartwatch/
This is a Brian Krebsian investigation by the folks at @SophosXOps :
"When we looked into Sakura RAT, we quickly realized two things. First, the RAT itself was likely of little threat to our customer. Second, while the repository did indeed contain malicious code, that code was intended to target people who compiled the RAT, with infostealers and other RATs. In other words, Sakura RAT was backdoored."
@SuperTaliaDX I got a Varmilo keyboard with Cherry MX Clear (similar to Brown) switches from MechanicalKeyboards.com. Well made, good look and feel, adjustable white backlighting, removable USB cable. Mine doesn't have the number pad, but of course they have versions that do.
NEW: Sen. Ron Wyden says AT&T, T-Mobile, and Verizon were not notifying senators of surveillance requests, despite being required to do so.
Wyden also revealed — without naming it — that one carrier secretly turned over Senate data to law enforcement.
@jalefkowit And a 107MB hard drive!
In our five-part series, out today, we explore the businesses and criminal activities that threat actors are discussing on underground forums.
Part 1 provides context and background on our investigation, and explores some of the ways in which cybercriminals launder money.
Parts 2-4 cover business interests, from so-called ‘legitimate’ ventures to legally and ethically dubious (but not necessarily illegal) activities, and finally criminal operations. Part 5 explores the implications and opportunities of this niche of the cybercrime ecosystem.
Read the series here: https://news.sophos.com/en-us/tag/beyond-the-kill-chain/
Ever wondered what financially-motivated threat actors do with their illicit gains? Sophos X-Ops investigated obscure areas of criminal forums dedicated to ‘legal business’ – where threat actors discuss crimes and businesses beyond cybercrime and malware.
We examined thousands of forum posts, and discovered a dark underbelly of fraud, theft, money laundering, shell companies, stolen and counterfeit goods, counterfeit currency, pornography, sex work, stocks and shares, pyramid schemes, gold, diamonds, insider trading, construction, real estate, drugs, offshore banking, money mules (people hired by launderers to physically or virtually transport/transfer money), smurfs (people hired to conduct small transactions to launder larger amounts), tax evasion, affiliate advertising and traffic generation, restaurants, education, wholesaling, tobacco and vaping, pharmaceuticals, gambling – and, believe it or not, cybersecurity companies and services.
the fact that duckduckgo has an AI thing at the top of the search results which DOESN’T answer in character as a duck, or even quack several times between each sentence, is, i think, a shocking betrayal and a demonstration of utmost cowardice
@Catvalente Along with the expletive trick, Google is much less likely to show AI results if you search only for keywords instead of a question. For example, searching for "RFK assassin" doesn't show AI results, but searching for "who assassinated RFK" does.
If US press wrote about the US the way they do the rest of the world
Youse, the thing about techbros and AI is: “making up a string of plausible lies” is exactly how they got through every conversation and every test they ever had. It’s not a bug to them. To them, AI is “just as human as us”.
Threat actors regularly look for ways to disable security products. Tamper protection - a mechanism designed to stop threat actors from interfering with security products – is therefore a critical part of any security suite.
In line with our previous efforts to provide transparency into our kernel drivers and content update architecture, and our commitment to CISA’s Secure By Design initiative, we explain our tamper protection feature in a new blog post, published today.
In the post, we cover our design philosophy around secure-by-default, role-based administration, and closing gaps when it comes to updates, upgrades, and downgrades. We also explore what our Tamper Protection feature prevents.
However, we never assume that our defenses are perfect. We have participated in an external bug bounty program since December 2017, and we regularly test our Tamper Protection through internal engineering reviews, external red-teaming, and real-world threat intelligence.
Read more here: https://news.sophos.com/en-us/2025/05/08/putting-the-dampener-on-tamperers/
@GossiTheDog I'd say it couldn't get worse, but history says otherwise.
Bloomberg - To celebrate his first 100 days in office in 2017, President Trump visited a wheelbarrow factory in Pennsylvania. That plant is now closed and the wheelbarrows are made in China. https://www.bloomberg.com/news/articles/2025-04-29/made-in-usa-wheelbarrows-promoted-by-trump-are-now-made-in-china
