AI/MLTrump repeals 2023 Biden administration executive order on AILaura FrenchJanuary 21, 2025The reversal removes certain reporting requirements for developers of powerful foundation models.
Data SecurityEx-CIA intelligence analyst charged for stealing, sharing secretsShaun NicholsJanuary 21, 2025Virginia man faces up 10 years in prison for two counts of willful retention and transmission of classified information.
Data SecurityWindows BitLocker bug exposes AES-XTS encryptionSteve ZurierJanuary 21, 2025The bug shows how by manipulating ciphertext blocks, attackers can use sophisticated new ways to target BitLocker full-disk encryption.
Phishing‘Sneaky Log’ phishing kits slip by Microsoft 365 accountsSteve ZurierJanuary 17, 2025Phishing-as-a-Service kits intercept user credentials and 2FA, bypassing many email and secure web gateways.
Data SecurityFeds worry AT&T breach could out informantsShaun NicholsJanuary 17, 2025The FBI is reportedly in a panic over a possible leak of informant data thanks to an AT&T data breach
PrivacyTikTok’s national security risk warrants ban, Supreme Court rulesLaura FrenchJanuary 17, 2025The ruling could have implications for other foreign-owned applications.
Network SecurityWoe Daddy: FTC raps hosting giant GoDaddy for security lapsesShaun NicholsJanuary 16, 2025GoDaddy must adhere to a number of security compliance requirements by the FTC.
RansomwareRansomHub infection facilitated by possible AI-assisted Python backdoorLaura FrenchJanuary 16, 2025The backdoor spread laterally after initial access via a suspected SocGholish malware download.
Network Security4.2 million internet hosts hijacked via bugs in tunneling protocolsSteve ZurierJanuary 16, 2025Attackers gain network access by targeting VPN servers, home, and enterprise routers.
Vulnerability ManagementSevere Rsync vulnerabilities — CVSS 9.8 — risk RCE, data leaksLaura FrenchJanuary 15, 2025The critical and high severity flaws were discovered by Google Cloud researchers.