The subject line of the email that Nicole Micheroni received Friday from the Department of Homeland Security read “Notification of Termination of Parole,” with one other line standing out most to her: “It is time for you to leave the United States.” It was a surprising directive for Micheroni to receive—considering she’s a 40-year-old Boston attorney who was born in Massachusetts, was raised and went to college there, and is and always has been a US citizen, reports the Boston Globe. Micheroni initially thought the email may have been meant for one of her clients, but there was no one else’s name or ID number on the message, meaning the note to “self-deport” was apparently intended for her….

Last week Immigration and Customs Enforcement (ICE) paid contracting giant Palantir tens of millions of dollars to make modifications to a powerful ICE database and search tool to allow “complete target analysis of known populations” and to update the tool’s targeting and enforcement priorities, according to procurement records reviewed by 404 Media. The records show that Palantir is actively working on, and making updates to, the technical infrastructure underpinning the Trump administration’s mass deportation efforts. The news comes after ICE agents arrested a green card holding student at his interview to become a U.S. citizen; plainclothes officers picked up a student on the street for deportation despite the State Department finding no evidence she was linked to antisemitism or Hamas as claimed; […]

Palantir’s engagement with ICE is facilitating and enabling abuses and violation of rights—rights like due process which, I want to note, extend to all in the US, regardless of citizenship status,” Calli Schroeder, senior counsel and global privacy counsel at the Electronic Privacy Information Center (EPIC), told 404 Media in an email after reviewing screenshots of the records.

Summary: The Trump administration is thinking about banning China’s DeepSeek AI from being used in the US. It is also trying to hamper the company’s efforts by restricting it from buying NVIDIA’s AI chips.According to a report from The New York Times, the Trump administration is considering placing a ban on DeepSeek in the US. It also seeks to hinder the company’s AI development efforts by limiting its buying of NVIDIA’s AI chips.

DeepSeek has exploded in popularity over the past few months. The company burst onto the scene with its own AI model that boasted capabilities similar to those of other mainstream models, such as OpenAI’s ChatGPT. It even claimed to have trained it using just $6 million, a fraction of what other AI companies are spending. This resulted in the AI market temporarily crashing as many started to wonder if all this spending was truly necessary.

A potential ban – However, it looks like DeepSeek’s stay in the US and its future as a whole could be in jeopardy.

[…]

Text message scams surged to a staggering $470 million in consumer losses in 2024, a fivefold increase from $94 million in 2020, according to new data from the Federal Trade Commission (FTC). Despite a drop in the number of reports, the financial toll highlights the growing sophistication of scammers targeting Americans, including 59.6 million cord-cutting households streaming on platforms like Fire TV, per Evoca.tv. The FTC’s findings, released today, spotlight fake delivery alerts, bogus job offers, and other deceptive texts, urging consumers to stay vigilant and report fraud.The most prevalent scam involved fake package delivery messages, where fraudsters send alerts about “issues” with a shipment, tricking users into clicking malicious links or sharing personal details. Bogus job opportunities, particularly “task scams,” ranked high, luring victims with promises of easy online work—often apps like Amazon’s Mechanical Turk—only to demand personal investments, with 30% of reports citing losses over $1,000, per FTC data. Other common ruses included fake bank fraud alerts about suspicious purchases, unpaid toll scams with payment links, and “wrong number” texts that morph into romantic ploys, leading to investment fraud.

These days, hackers don’t break in — they log in. Using valid credentials, cybercriminals bypass security systems while appearing legitimate to monitoring tools.And the problem is widespread; Google Cloud reports that weak or nonexistent credential protection facilitates 47% of cloud breaches, while IBM X-Force attributes nearly one-third of global cyberattacks to account compromises.

So what does this mean for your organization’s defenses? Here’s what you need to know about how to protect your systems from credential-based attacks, what to do when prevention fails, and why scanning your Active Directory for compromised passwords should be a part of your security strategy.

Why credential-based attacks are hackers’ preferred method. If your organization has been the target of a credential-based attack, you know how devastating the aftermath can be. But if you’re one of the lucky few that has so far escaped the sights of hackers, here’s what it’s like: It’s 2:37 AM when your phone rings. Your security team has detected unusual login patterns from IP addresses in Eastern Europe — during your company’s off-hours. By the time you’ve logged in remotely, the attacker has accessed multiple sensitive customer files and moved laterally through your network, compromising additional systems.

…

Subject: Trump is shifting cybersecurity to the states, but many aren’t prepared
Source: Route Fifty
https://www.route-fifty.com/cybersecurity/2025/04/trump-shifting-cybersecurity-states-many-arent-prepared/404676/