The Equifax data breach was one of the worst cases of identity theft across North America and the UK. It exposed credit card numbers, loan and mortgage information, credit scores, job history, and real addresses, making the victims extremely vulnerable targets. Here's what we've learnt from it.

#dataBreach #identityTheft #dataPrivacy #dataTheft

https://negativepid.blog/the-equifax-data-breach/
https://negativepid.blog/the-equifax-data-breach/

Preventing AI Chat Data Theft: Enhancing Security Against Malicious Chrome Extensions & How to Protect Your Privacy

A recent exposé by PCMag, based on research from cybersecurity firm Koi, revealed that several popular Chrome and Edge browser extensions were secretly collecting entire conversation logs from users' interactions with major AI chatbots..

This case of malicious extensions powerfully underscores the critical importance of transparency, informed consent, robust regulatory oversight, and continuous user education in protecting sensitive AI chat data.

#AIChat #AIChatData #ChromeExtensions #Browser #GoogleChrome #BrowserExtensions #ChromeExtensionsPrivacyRisk #Tech #Technology #TechNews #DigitalPrivacy #TheGeekline #DataTheft

https://maniainc.com/technology/preventing-ai-chat-data-theft-enhancing-security-against-malicious-chrome-extensions-how-to-protect-your-privacy/

I left FB 15yrs ago. Never regretted it. I don't use LinkedIn or Insta or TikTok.

95% of my friends message through Signal rather than Meta ie Messenger (FB) or WApp

One of my dearest friends refuses to get a Signal account and leave Meta/WApp bc she says "it's another app to download and they're all the same".  Im in Aus. She's in UK. I don't want to lose touch but I want to close WApp.

Give me sthg WATERTIGHT, people, to convince her Meta/WApp is fucked. Bc it is.

I've told her about Meta's anti LGBTQI stance, the data theft, the lack of privacy. Her son is gay but so far nothing has got through to her...

#lgbtqiaplus #datatheft #meta #signalapp #onlineprivacyconcerns #onlineprivacy #facebooksucks #tiktoksucks #instagramsucks

2025 Holiday Scams: Docusign Phishing Meets Loan Spam

During the holiday season, threat actors exploit overloaded inboxes and financial stress through two main patterns: Docusign-themed phishing for corporate credential harvesting and loan offer spam for personal data theft. The Docusign campaign uses spoofed emails with authentic-looking branding, redirecting through disposable hosting platforms to a credential harvesting page. The loan scams range from obvious 'Xmas loan' offers to sophisticated marketing-style emails, ultimately leading victims to a detailed identity theft questionnaire on christmasscheercash.com. Both scams utilize seasonal themes and mimic normal end-of-year workflows to increase effectiveness. Defensive measures include verifying sender domains, validating link destinations, and treating unsolicited loan offers as high risk.

Pulse ID: 694ab098b6e9cfd598b40867
Pulse Link: https://otx.alienvault.com/pulse/694ab098b6e9cfd598b40867
Pulse Author: AlienVault
Created: 2025-12-23 15:09:12

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CredentialHarvesting #CyberSecurity #DataTheft #Email #Holiday #InfoSec #Mimic #OTX #OpenThreatExchange #Phishing #RAT #Spam #bot #AlienVault

Sharpening the knife: strategic evolution of GOLD BLADE

GOLD BLADE, a threat group previously focused on cyberespionage, has evolved into a hybrid operation combining data theft with selective ransomware deployment. The group has refined its intrusion methods, shifting from traditional phishing to abusing recruitment platforms for delivering weaponized resumes. Their operations follow cycles of dormancy and sudden activity bursts, introducing new tradecraft in each wave. GOLD BLADE has modified its RedLoader infection chain multiple times, implemented a Bring Your Own Vulnerable Driver approach, and developed a custom ransomware called QWCrypt. The group's targeting has narrowed to focus primarily on Canadian organizations across various sectors. Their sophisticated tactics and continual refinement demonstrate a level of operational maturity uncommon among financially motivated actors.

Pulse ID: 6933dbed9899a12d1dd9ae53
Pulse Link: https://otx.alienvault.com/pulse/6933dbed9899a12d1dd9ae53
Pulse Author: AlienVault
Created: 2025-12-06 07:31:57

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Canadian #CyberSecurity #Cyberespionage #DataTheft #Espionage #ICS #InfoSec #OTX #OpenThreatExchange #Phishing #RAT #RansomWare #bot #AlienVault

The Equifax data breach was one of the worst cases of identity theft across North America and the UK. It exposed credit card numbers, loan and mortgage information, credit scores, job history, and real addresses, making the victims extremely vulnerable targets. Here's what we've learnt from it.

#dataBreach #identityTheft #dataPrivacy #dataTheft

https://negativepid.blog/the-equifax-data-breach/
https://negativepid.blog/the-equifax-data-breach/

ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading

A ValleyRAT campaign is targeting job seekers through email, disguising itself as a Foxit PDF reader and using DLL side-loading for initial system access. The campaign exploits job seekers' eagerness by using recruitment-related lures in archive files. The attack employs sophisticated techniques, including obfuscation through nested directories and execution via DLL sideloading. Once activated, ValleyRAT can lead to system control, activity monitoring, and data theft. The campaign's success is evident from a spike in ValleyRAT detections. It demonstrates the integration of social engineering, legitimate software abuse, and advanced malware techniques to exploit vulnerabilities in both systems and human psychology.

Pulse ID: 693003144213e15e12b947d5
Pulse Link: https://otx.alienvault.com/pulse/693003144213e15e12b947d5
Pulse Author: AlienVault
Created: 2025-12-03 09:29:56

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #DataTheft #ELF #Email #InfoSec #Malware #OTX #OpenThreatExchange #PDF #RAT #SideLoading #SocialEngineering #bot #AlienVault

Perth hacker Michael Clapsis jailed after setting up fake Qantas Wi-Fi, stealing sex videos

A Perth hacker who stole intimate videos from women and set up a fake Qantas Wi-Fi network to…
#NewsBeep #News #Headlines #afp #Airportsecurity #AU #Australia #datasecurity #DataTheft #fakewifi #michaelclapsis #perthairport #perthcourts #perthmagistratescourt #perthnews #Qantas #socialmediasecurity #wacourts #wadatatheft #wanews #WAPolice #wifi
https://www.newsbeep.com/277013/