Beware of Deepfakes: A New Age of Deception
Steve was at his desk when he received a frantic video call from his manager, Bela. She looked stressed in the video call, her voice hurried. “I need you to send the confidential client report to this new email right away!” she insisted. Seeing her familiar face and hearing her distinct voice, he didn’t hesitate, he sent the confidential report to the new email address. Hours later, Bela walked into his office and asked about the report. Confused, Steve mentioned the video call. Bela’s expression turned to shock — she hadn’t called him. The person he saw on the video wasn’t Bela. It was a deepfake, created by a cyber-criminal to trick him. Steve couldn’t believe how real the fake call seemed. The face, the voice, everything matched his boss perfectly. He had fallen victim to a growing cyber threat where criminals use Artificial Intelligence (AI) to create highly convincing fakes.
FTC will send $25.5 million to victims of tech support scams
Later this week, the Federal Trade Commission (FTC) will start distributing over $25.5 million in refunds to those misled by tech support companies Restoro and Reimage’s scare tactics. The FTC will send 736,375 PayPal payments starting March 13 to consumers tricked into paying for unnecessary computer repair services. Between now and March 13, those eligible for a refund will receive an email and must redeem the PayPal payment within 30 days.
X outages reportedly caused by massive cyberattack
Social media platform X was reportedly hit by a massive cyberattack on Monday, causing intermittent outages. While owner Elon Musk has cited the attack as the cause, a hacking group known as Dark Storm Team has claimed responsibility. Based on data from Downdetector, the site had been up and down throughout the morning. The first outage started around 6 a.m. ET, with more than 20,000 reports that X was down. But then reports popped up again around 9 a.m. ET and then more dramatically around 10 a.m. ET, with more than 40,000 people chiming in.
Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months
Chinese hackers connected to the Volt Typhoon campaign spent nearly one year inside the systems of a major utility company in Littleton, Massachusetts. In a report published Wednesday, operational technology (OT) cybersecurity firm Dragos described their work helping Littleton Electric Light & Water Department grapple with what was determined to be part of a larger effort by China’s government to preposition their hackers within U.S. critical infrastructure — with the end goal believed to be destructive action taken in the event of a conflict. U.S. law enforcement alleges the group has infiltrated a range of critical infrastructure organizations in the U.S., as well as Guam.
DeepSeek’s Malware-Generation Capabilities Put to Test
Researchers at security firm Tenable have analyzed the ability of the Chinese gen-AI DeepSeek to develop malware such as keyloggers and ransomware. The DeepSeek R1 chatbot was released in January and it has made many headlines since, including regarding its susceptibility to jailbreaks. Just like all major LLMs, DeepSeek has guardrails designed to prevent its use for malicious purposes, such as creating malware. However, these guardrails can be fairly easily bypassed using jailbreak methods. When directly asked to write the code for a keylogger or a piece of ransomware, DeepSeek refuses to do so, arguing that it cannot assist users with anything that could be harmful or illegal.
‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge
Mass layoffs and weak leadership are taking a severe toll on the US government’s cyber defense agency, undermining its ability to protect America from foreign adversaries bent on crippling infrastructure and ransomware gangs that are bleeding small businesses dry. Inside the Cybersecurity and Infrastructure Security Agency, vital support staff are gone, international partnerships have been strained, and workers are afraid to discuss threats to democracy that they’re now prohibited from countering. Employees are even more overworked than usual, and new assignments from the administration are interfering with important tasks. Meanwhile, CISA’s temporary leader is doing everything she can to appease President Donald Trump, infuriating employees who say she’s out of touch and refusing to protect them.
