U.S. Sanctions Cloud Provider âFunnullâ as Top Source of âPig Butcheringâ Scams
The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams, commonly known as âpig butchering." In January 2025, KrebsOnSecurity detailedâŚ
Microsoft Authenticator now warns to export passwords before July cutoff
The Microsoft Authenticator app is now issuing notifications warning that the password autofill feature is being deprecated in July, suggesting users move to Microsoft Edge instead.
Offensive OSINT s05e09 - Open Source Surveillance - Anomaly detection
The one and only situational awareness platform OS-Surveillance is evolving faster than ever, integrating powerful new data sources and innovative features designed to make real-time geospatial intelligence gathering super intuitive.
In todayâs episode, I will walk you through the latest enhancements to the platform and share insights into the world of live geospatial OSINT.
We will explore why geospatial context is crucial for situational awareness, how to harness real-time data feeds effecti
Parties behind 2024 Biden AI robocall reach deal in lawsuit | CyberScoop
The defendants will increase reporting on spoofing, create a compliance team or AI and conduct regular training for staff on how to identify deceptive messages and the dangers of misinformation in U.S. elections.
Friday Squid Blogging: NGC 1068 Is the "Squid Galaxy" - Schneier on Security
I hadnât known that the NGC 1068 galaxy is nicknamed the âSquid Galaxy.â It is, and itâs spewing neutrinos without the usual accompanying gamma rays.
ConnectWise breached in cyberattack linked to nation-state hackers
IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers.
The company said it ârecently learned of suspicious activityâ within its environment that it believes âwas tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers.â
Defending against evolving identity attack techniques
Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like passkeys, can improve security against these evolving threats.
Talos Content Manager Amy introduces themself, shares her unconventional journey into cybersecurity and reports on threats masquerading as AI installers.
Threat actors abuse Google Apps Script in evasive phishing attacks
Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools.
Southeast Asian provider of âinfrastructure launderingâ for scams is sanctioned by US
Funnull Technology supports âhundreds of thousands of websitesâ dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Departmentâs Office of Foreign Assets Control.
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple's Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users.
US sanctions firm linked to cyber scams behind $200 million in losses
The U.S. Treasury Department has sanctioned Funnull Technology, a Philippines-based company that supports hundreds of thousands of malicious websites behind cyber scams linked to over $200 million in losses for Americans.
[tl;dr sec] #281 - Free AI Red Teaming Labs, Cloud Security Roadmaps, o3 Finds 0-day
Free Black Hat training by Microsoft's AI red team, a cloud security roadmap for your start-up, o3 finds an 0-day in the Linux kernelâs SMB implementation
Attackers are mapping your attack surfaceâare you?
Attackers are mapping your infrastructure before you even realize what's exposed. Sprocket ASM flips the script â giving you the same recon capabilities they use, plus change detection and actionable insights to close gaps fast. See your attack surface the way hackers do and beat them to it.
Porn sites probed for allegedly failing to prevent minors from accessing content
Four porn sites are being investigated by the European Commission under its Digital Services Act (DSA) for allegedly failing to verify its users' ages properly.