Subject: The Best Satellite Messengers of 2025
Source: New York Times via Wirecutter
https://www.nytimes.com/wirecutter/reviews/best-satellite-messengers/
Source: SSA News
https://www.ssa.gov/news/press/releases/2025/#2025-04-25-a
Press Release
For Immediate Release
[email protected]
Social Security Administration Introduces Secure Digital Access to Social Security Numbers
The Social Security Administration (SSA) is taking steps to provide a significant enhancement for my Social Security account holders, by introducing secure digital access to their Social Security number (SSN). This innovative feature is designed to provide the American public with a modernized, secure, and accessible alternative to the traditional physical SSN card.
SSA is committed to improving service delivery while safeguarding Personal Identifiable Information (PII).
The digital SSN feature will allow account holders to conveniently display their SSN, when needed, for reasons other than handling Social Security matters. This enhancement will provide individuals who have forgotten their SSN or misplaced their SSN cards a simple solution allowing them to securely view their SSN online through the my Social Security portal. This will reduce their need for an in-person visit and/or having to wait to receive their SSN card through the mail. They will be able to access it via my Social Security on their mobile devices. This digital feature not only streamlines the process for those who need their SSN but also reinforces our dedication to protecting sensitive information. By providing a secure digital option, SSA aims to reduce the risk of lost or stolen cards and enhance the overall user experience.
SSA encourages all account holders to take advantage of this new feature, which will be available starting early this summer. For more information on how to create a my Social Security account, please visit https://www.ssa.gov/myaccount/.
[NB so, you will need to remember the SSA / Login.Gov or ID.me userid/password Or perhaps the original SSA website userid/password in order to learn of your SSN most like assigned when you were a teen and may appear on your 1099s? Likewise if you don’t have a SSA website account, you’ll need your SSN to establish it! /pmw1]
Source: FedScoop
https://fedscoop.com/small-business-administration-it-security-risks/
The Small Business Administration’s watchdog has issued a warning to the agency about possible IT security threats due to a lack of multifactor authentication on personal devices.In a management advisory sent to SBA Administrator Kelly Loeffler that was made public this week, the Office of Inspector General found via Federal Information Security Modernization Act assessments in fiscal years 2023 and 2024 that the agency didn’t have MFA enabled for users accessing secure SBA networks.
The watchdog also discovered that personally owned devices could access those agency networks from foreign locations, a violation of SBA IT policy.
“SBA’s information systems are more vulnerable to unauthorized access that could exploit sensitive agency information,” the advisory stated.
[…]
Source: ZDNET
https://www.zdnet.com/article/7-password-rules-security-experts-live-by-in-2025-the-last-one-might-surprise-you/
Looking for advice on how to protect your home and office from cyberattacks? A good place to start is with the people who do this work every day on behalf of the US government.
The folks at the National Institute of Standards and Technology (NIST) have created a simple Cybersecurity Basics page that boils down the technical information in its four-volume Digital Identity Guidelines to a set of clear guidelines for small business owners and managers. The most recent guidelines were published in August 2024, and the agency is currently sifting through thousands of comments from security-minded professionals offering suggestions for the next edition.
For a simpler, more practical collection of guidelines, try the Secure Our World website, run by the Cybersecurity & Infrastructure Security Agency (CISA). It’s targeted at an audience of consumers without a technical background, which makes it a solid source of information you can share with friends and family to help them deal with common threats.
[… a list of seven rules to follow when it comes to passwords …]
Source: Gizmodo
https://gizmodo.com/lawyer-for-mypillow-founder-filed-ai-generated-brief-with-nearly-30-bogus-citations-2000594743
For Mike Lindell’s legal defense, his attorney sought help from an unusual (and unreliable) source: a chatbot.
This week it was reported that Lindell’s lawyer was in hot water for having filed a legal brief that was written with generative AI.
U.S. District Court Judge Nina Wang is trying to get to the bottom of how and why Lindell’s lawyer, Christopher Kachouroff, decided to file a court brief that included a large number of fabricated legal citations.
In a filing made this week, Wang sought to clarify why Kachouroff and Lindell’s other lawyer, Jennifer DeMaster, had allowed such a disastrously unprofessional thing to happen.
The brief that Kachouroff previously submitted was stuffed full of “nearly thirty” glaring errors, including, among other things, “citation of cases that do not exist,” court papers show. “Despite having every opportunity to do so, Mr. Kachouroff declined to explain to the Court how the Opposition became replete with such fundamental errors,” the filing made by Wang states. “Time and time again, when Mr. Kachouroff was asked for an explanation of why citations to legal authorities were inaccurate, he declined to offer any explanation.”
[…]
Source: Homeland Preparedness News
https://homelandprepnews.com/stories/82910-internet-crimes-increased-33-percent-in-2024/
In 2024, there were 859,532 complaints of suspected internet crime and reported losses exceeding $16 billion, a 33 percent increase in losses from 2023, according to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center’s (IC3) annual internet crime report.Other report findings include:
- The top three cyber crimes were phishing/spoofing, extortion, and personal data breaches.
- Victims of investment fraud reported the most losses, totaling more than $6.5 billion.
- Americans 60 years old and older submitted the greatest number of complaints and suffered nearly $5 billion in losses.
- California, Texas, and Florida residents submitted the most complaints.
[…]
Source: Android Central
https://www.androidcentral.com/phones/ask-jerry-how-can-i-securely-wipe-a-phone
T asks: Every year I get a new phone for work and the IT department says they “securely wipe” the data from my old one before they turn it over to the purchasing department. Are they serious? If you can do that, can you tell me how? Thanks
A: Whenever there’s a clear answer, I like to give it right up front because I know a lot of people don’t want to read the whole article, so yes. You can do that a few different ways, though some of them are going to destroy the phone. I’m going to assume they are doing it without trashing everything since they are turning it over when they are done.
Another thing to think about is why anyone would need to do this, and that’s where we will start.
What is a “secure wipe” and why would you need to do it?
Source: WIRED
https://www.bespacific.com/car-subscription-features-raise-your-risk-of-government-surveillance-police-records-show/
“Records reviewed by WIRED [no paywall] show law enforcement agencies are eager to take advantage of the data trails generated by a flood of new internet-connected vehicle features. Automakers are increasingly pushing consumers to accept monthly and annual fees to unlock pre-installed safety and performance features, from hands-free driving systems and heated seats to cameras that can automatically record accident situations. But the additional levels of internet connectivity this subscription model requires can increase drivers’ exposure to government surveillance and the likelihood of being caught up in police investigations.A cache of more than two dozen police records recently reviewed by WIRED show US law enforcement agencies
Source: Consumer Reports
https://www.consumerreports.org/money/digital-payments/using-contactless-payments-on-phone-take-these-smart-steps-a1152343770/
Source: The International Association of Privacy Professionals
https://iapp.org/resources/article/us-state-privacy-legislation-tracker/#state-privacy-law-chart
US State Privacy Legislation TrackerThis tool tracks comprehensive US state privacy bills to help our members stay informed of the changing state privacy landscape. The tracker only includes bills intended to be comprehensive approaches to governing the use of personal information.
Navigate Tracker
State-level momentum for comprehensive privacy bills is at an all-time high. The IAPP Westin Research Center actively tracks the proposed and enacted comprehensive privacy bills from across the U.S. to help our members stay informed of the changing state privacy landscape. This information is compiled into a chart, map and a directory with information specific to states with enacted laws. The IAPP additionally hosts a US State Privacy topic page, which regularly updates with the latest state privacy news and resources, and a US State AI Governance Legislation Tracker, which tracks US state cross-sectoral laws with direct application to the use of AI systems in the private sector.
If you are aware of a comprehensive bill absent from the tracker, please share it with us at [email protected].
For more information on the IAPP’s stance concerning which state privacy laws are considered comprehensive, view the text in the below dropdown.
…
Source: Gizmodo
https://www.bespacific.com/an-employee-surveillance-company-leaked-over-21-million-screenshots-online/
Gizmodo: “With the refinement of digital tools, companies are subjecting their employees to increasing levels of surveillance — and increasing risks. Now, the security of thousands of employees and their parent companies is at risk after real-time images of their computers were leaked by an employee surveillance app. On Thursday, researchers at Cybernews reported that over 21 million screenshots from WorkComposer, which works with over 200,000 companies worldwide, were discovered in an unsecured Amazon S3 bucket. As part of its services, WorkComposer captures screenshots of an employee’s computer every 3 to 5 minutes. So, the leaked images potentially include sensitive content like…
Following its discovery, Cybernews, who also uncovered a leak by similar company WebWork earlier this year, contacted WorkComposer, who secured the information. WorkComposer did not respond to Gizmodo’s request for comment.
Source: Business Insider
https://www.businessinsider.com/tiktok-slapped-600m-fine-illegal-data-transfers-to-china-2025-5
- EU regulators hit TikTok with a $600 million fine for unlawful data transfers to China.
- They said TikTok failed to ensure EU-level data protection under Chinese law.
- The social media giant said on Friday that it disagreed with the fine and planned to appeal.
Source: Business Insider
https://www.businessinsider.com/bank-account-scam-deepfakes-ai-voice-generator-crime-fraud-2025-5
I may be a tech reporter, but I am not tech savvy. Something breaks, I turn it off and back on, and then I give up. But even I was able to deepfake my own bank with relative ease. Generative AI has made it way easier to impersonate people’s voices. For years, there have been deepfakes of politicians, celebrities, and the late pope made to sow disinformation on social media. Lately, hackers have been able to deepfake people like you and me. All they need is a few seconds of your voice, which they might find in video posts on Instagram or TikTok, and maybe some information like your phone or debit card number, which they might be able to find in data leaks on the dark web.
In my case — for the purposes of this story — I downloaded the audio of a radio interview I sat for a few weeks ago, trained a voice generator on it after subscribing to a service for a few dollars, and then used a text-to-voice function to chat with my bank in a voice that sounded a bit robotic but eerily similar to my own. Over the course of a five-minute call, first with the automated system and then a human representative, my deepfake seemingly triggered little to no suspicion.