If you know anyone in the Iranian-Canadian community, you know how hard the loss of Flight PS752 affected them. Entire families were lost, and some communities, like the Persian community in Richmond Hill, were especially devastated.

In recent days, these communities have had to deal with not only remembering the 6th anniversary of this tragedy, but have also had to watch as the same perpetrators of this crime, the IRGC and the rest of the regime, have slaughtered Iranian protestors without the world paying any attention. And now that Iran is past the 132nd hour of a complete internet shutdown, and at the same time reports of thousands of casualties are emerging, they need to worry about whether their loved ones are safe.

I encourage all Canadians to read the statement by the Association of Families of Flight PS752 Victims about what is happening now: https://www.ps752justice.com/statement-of-the-association-of-families-of-flight-ps752-victims-regarding-the-internet-shutdown-and-killings-in-iran/

I have made a donation to the Association as well, for their continued work in remembering the victims, supporting the families, and calling for justice in Iran.

You can read about the victims here as well: https://www.cbc.ca/news2/interactives/flightps752/

#canada #iran #iranprotests #ps752

Remember that time Mozilla said it was going to stop working with the personal data removal service Onerep after I published a story showing Onerep's CEO was actually running several people search sites at the same time?

https://krebsonsecurity.com/2024/03/mozilla-drops-onerep-after-ceo-admits-to-running-people-search-networks/

https://krebsonsecurity.com/2024/03/ceo-of-data-privacy-company-onerep-com-founded-dozens-of-people-search-firms/

Yeah, that was in mid-March 2024. In February I wrote about how it had been almost a year since Mozilla said it was going to kick Onerep to the curb and stop offering it as part of their Mozilla Monitor Plus service.

https://krebsonsecurity.com/2025/02/nearly-a-year-later-mozilla-is-still-promoting-onerep/

Well today Mozilla announced that it is finally "winding down" its partnership with Onerep by winding down Monitor Plus.

"After careful consideration, we’ve made the decision to discontinue Monitor Plus, which offered data broker site scans and automated personal data removal."

"We will continue to offer our free Monitor, data breach service, which is integrated into Firefox’s credential manager, and we are focused on integrating more of our privacy and security experiences in Firefox, including our VPN, for free."

"We explored several options to keep Monitor Plus going, but our high standards for vendors, and the realities of the data broker ecosystem made it challenging to consistently deliver the level of value and reliability we expect for our users."

"Current subscribers will retain full access through the wind-down period."

I asked how long this wind-down period would extend, and they said it ends Dec. 17.

https://support.mozilla.org/en-US/kb/monitor-plus-shutting-down

Google has filed a lawsuit to dismantle the "Lighthouse" phishing-as-a-service platform used by cybercriminals worldwide to steal credit card information through SMS phishing attacks impersonating the U.S. Postal Service and E-ZPass toll systems.

https://www.bleepingcomputer.com/news/security/google-sues-to-dismantle-chinese-platform-behind-global-toll-scams/

We deployed MCP honeypots to understand how threat actors engage with AI middleware exposed to the internet. What we observed was unexpected. Full analysis: https://www.greynoise.io/blog/deploying-mcp-honeypots

#GreyNoise #AI #AISecurity #MCP #MCPSecurity #Cybersecurity #ThreatIntel

SCOOP: A man who worked on developing hacking and surveillance tools for Western defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.

The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.

This may be one of the first documented cases of a zero-day maker being targeted with spyware.

https://techcrunch.com/2025/10/21/apple-alerts-exploit-developer-that-his-iphone-was-targeted-with-government-spyware/

PSA: A malicious download for Comet browser by Perplexity is currently being advertised via Google Ads.

At DataDome we are seeing more and more traffic coming from AI agents and browsers. Criminals are taking notice and buying ads related to Agentic browsers (another malicious campaign for Arc browser is also running).

Malicious ad ➡️ cometswift[.]com ➡️ perplexity[.]page ➡️ GitHub

Payload: hxxps[://]github[.]com/richardsuperman/musical-engine/releases/download/beta/comet_latest[.]msi
Command and Control (C2) server: icantseeyou[.]icu
VirusTotal: https://www.virustotal.com/gui/file/64562a0f1eabfcfb754426020021da69fe31bb551a653d143d75649252c61050

#malvertising #cometbrowser

Trump, given an excuse to do what he's wanted to do ever since he got mad and fired my brother from another mother. Per the NY Post:

WASHINGTON — The Cybersecurity and Infrastructure Security Agency (CISA) is among the offices being permanently downsized as a result of the ongoing partial government shutdown, The Post has learned.

The RIFs (reductions in force), which started Friday, will fire some of CISA’s 2,540 employees as well as thousands more within the federal bureaucracy — after President Trump repeatedly threatened to target offices cherished by Democrats if the party’s senators refused to reopen the government.

In an indication of the possible scale of the RIF, CISA had planned to keep just 889 employees on duty during a shutdown while furloughing 65% of its workforce.

https://nypost.com/2025/10/10/us-news/cybersecurity-agency-that-clashed-with-trump-one-of-the-first-hit-with-federal-firings-due-to-shutdown/

Scoop, by @lorenzofb: A federal contract shows ICE spent $825,000 on vans equipped with fake cellphone towers known as cell-site simulators, which can be used to spy on nearby phones.

The Maryland-based company that integrates the cell-site simulators into their vans is called TechOps Specialty Vehicles.

https://techcrunch.com/2025/10/07/ice-bought-vehicles-equipped-with-fake-cell-towers-to-spy-on-phones/