Pete Recommends – Weekly highlights on cyber security issues, August 3, 2025

Subject: Google Intensifies Crackdown on State-Linked Propaganda, Removes Nearly 34,000 YouTube Channels in 2025
Source: Cord Cutters News
https://cordcuttersnews.com/google-intensifies-crackdown-on-state-linked-propaganda-removes-nearly-34000-youtube-channels-in-2025/

In a significant escalation of its efforts to combat global disinformation, Google announced on Monday the removal of nearly 11,000 YouTube channels and other accounts tied to state-sponsored propaganda campaigns during the second quarter of 2025. This brings the total of channels removed for this to over 34,000. The takedown, detailed in a report by Google’s Threat Analysis Group, targeted coordinated influence operations originating from multiple countries, including China, Russia, Azerbaijan, Iran, Turkey, Israel, Romania, and Ghana. This move underscores the tech giant’s ongoing commitment to curbing manipulative content on its platforms amid rising geopolitical tensions. […]

Subject: You probably should not use link shorteners
Source: Mastodon Fedi.Tips
https://newsie.social/deck/@[email protected]/114930984142770540

You probably should not use link shorteners, here’s why:- All links on Mastodon count as 23 characters no matter how long they really are. There is no need to shorten links on Mastodon, it won’t save you any space.
– Link shorteners endanger privacy by allowing click tracking, and by hiding what is actually being clicked.
– Shortener providers will shut down, breaking all their links. e.g. Google’s shortened links will all show 404 errors from September: chaos.social/@root42/114929876

chaos.social

Subject: Citing potential for fraud, blue and red states pass new crypto ATM laws
Source: Pennsylvania Capital-Star
https://penncapital-star.com/technology-information/citing-potential-for-fraud-blue-and-red-states-pass-new-crypto-atm-laws/

Citing potential for fraud, blue and red states pass new crypto ATM laws.While the crypto machines can be used for legitimate reasons, they’ve become favored by scammers.

They may resemble other ATMs, but officials are increasingly warning about the potential for fraud with the expanding fleet of cryptocurrency ATMs popping up across the country.The National Consumers League says the largely unregulated machines have become favored by scammers for their anonymity and irreversibility — once a user transfers or deposits funds, that money is essentially gone.While officials say the machines can be used for legitimate purposes, red and blue states are increasingly imposing new regulations to protect consumers: AARP says 11 states have recently passed new laws or regulations of the machines.

“In state after state, AARP found lawmakers on both sides of the aisle and local law enforcement eager to work on commonsense rules that balance innovation and consumer safety,” Nancy LeaMond, AARP’s executive vice president and chief advocacy and engagement officer, said in a news release. Last year, the FBI reported nearly 11,000 complaints of cryptocurrency ATM fraud. Those cases disproportionately affected older Americans and cost victims $246.7 million.

At least 40 states have introduced legislation regarding cryptocurrency, digital or virtual currencies and other digital assets in the 2025 legislative session, according to the National Conference of State Legislatures (NCSL). Those measures include ATM regulations, prohibiting the use of digital currencies by governments and allowing state investment in digital assets. In Pennsylvania, six bills are pending in the legislature according the the NCSL.

Filed: https://penncapital-star.com/category/technology-information/

Subject: Cyberattack Wreaks Havoc in St. Paul
Source: Newser.AI contributed
https://www.newser.com/story/372691/cyberattack-wreaks-havoc-in-st-paul.html

The city of St. Paul, Minnesota, is reeling from a sweeping cyberattack that has forced officials to shut down numerous online services—everything from internet at the library to payment portals, reports the Minneapolis Star Tribune. The disruption began late Friday and prompted the city to disconnect systems as a precaution by Monday. Mayor Melvin Carter has declared a state of emergency.

Subject: Is Your Phone Call Really Private?
Source: PC Mag
https://www.bespacific.com/is-your-phone-call-really-private/

PC Mag – How to Tell if You’re Being Tapped: “We do everything on our phones. Whether it’s scrolling Instagram, shopping online, sending emails, or communicating our deepest secrets. This can make your phone a high-valued target for malware, but what if the nefarious actors are sticking around, capturing your data, and listening in on what you have to say? How can you tell if your phone is being tapped? While difficult to detect, […]
Filed: https://www.pcmag.com/categories/security

Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.
Subject: The food supply chain has a cybersecurity problem
Source: Help Net Security
https://www.helpnetsecurity.com/2025/07/30/agri-food-sector-cybersecurity/
It’s unsettling to think that our food supply chain could be targeted or that the safety of our food could be compromised. But this is exactly the challenge the agri-food sector is dealing with right now. Despite agriculture’s importance, cybersecurity in this field doesn’t get the attention it deserves. Farms, processing plants, and distribution systems are going digital, and that’s opening the door to cyber attacks.
A big problem is that a lot of the technology farms and food companies use was built long before cyberattacks became such a serious issue. That makes it tough to secure these systems or upgrade them to meet today’s threats.
Cyber threats to the agri-food sector – The FBI has identified four major threats to the United States’ agriculture sector: ransomware attacks, foreign malware, data and intellectual property theft, and bioterrorism.[…]
To protect America’s farmlands, food supply, and critical research from influence and control by U.S. adversaries, the USDA has launched the National Farm Security Action Plan. Alongside broader federal efforts, Congressman Don Bacon reintroduced two bills aimed at modernizing and securing America’s agricultural sector.Addressing these challenges requires a comprehensive approach, including the implementation of MFA, regular software updates, employee cybersecurity training, and public-private collaborations.
Subject: Why Smart People Fall for False Information and What to do About It
Source: UCSF
https://www.bespacific.com/why-smart-people-fall-for-false-information-and-what-to-do-about-it/

UCSF – “In a post-truth world, this false belief researcher offers a simple three-step recipe for building trust and finding common ground. Hint: It starts by recognizing you might be wrong. America has a misinformation problem. It’s in our news feeds, on our social media timelines, and at our kitchen tables. It’s driving wedges between friends and family — and sharp political divides. UC San Francisco Psychiatry Professor Joseph Pierre, MD, has spent decades working with patients with delusions and mental illness, while also writing about delusion-like beliefs held by otherwise healthy people. In his new book, False: How Mistrust, Disinformation, and Motivated Reasoning Make Us Believe Things that Aren’t True. Pierre reveals how many of us are more susceptible than we think to false beliefs. We wanted to find out why — and ask the million-dollar question: What should you do when a loved one falls for misinformation?”

Article Topics form UCSF:

Subject: Malicious extensions can use ChatGPT to steal your personal data – here’s how
Source: ZDNET
https://www.zdnet.com/article/malicious-extensions-can-use-chatgpt-to-steal-your-personal-data-heres-how/

Browser extensions can access the prompts of commercial and internal AIs to snag your sensitive data, says LayerX. But there are ways you can protect yourself.

ZDNET’s key takeaways:

  • Browser extensions can use AI prompts to steal your data.
  • All AI LLMs can be exploited, both commercial and internal.
  • LayerX’s technology now works with Chrome for Enterprise to protect you.

That browser extension you just installed in Chrome may seem harmless enough. If created by a savvy cybercriminal, it could take advantage of AI to steal personal or business data without your knowledge.

Also: Is that extension safe? This free tool lets you know before you install

A new report from browser security provider LayerX describes how any browser extension can access the prompts of AI-powered LLMs (large language models) to inject them with the necessary instructions designed to steal data. Without even requiring special permissions, such an extension could prove especially dangerous in a business environment where it’s capable of capturing internal or proprietary information.

How the exploit works – All types of LLMs are vulnerable to this exploit, according to LayerX. This includes third-party web-based services like ChatGPT, Claude, Google Gemini, and Microsoft Copilot, as well as internal LLMs and similar tools. (Disclosure: Ziff Davis, ZDNET’s parent company, filed an April 2025 lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.)

The researchers proved their concept As part of its research, LayerX said that it successfully tested this exploit on all the top commercial LLMs, with attention focused on ChatGPT and Google Gemini. With both of those AIs, the researchers were able to prove their concept that a malicious extension could manipulate AI to stage data exfiltration attacks. Aside from the LayerX protection for Chrome Enterprise, IT and security admins can take a couple of other steps to combat these malicious extensions.

[…]

Filed: https://www.zdnet.com/topic/security/

Subject: Online Scams and Attacks in America Today
Source: Pew Research Center
https://www.bespacific.com/online-scams-and-attacks-in-america-today/

“73% of U.S. adults have experienced some kind of online scam or attack, and these are common across age groups. Most get scam calls, texts and emails at least weekly. Online scams and other internet crimes are skyrocketing, with a record $16.6 billion in losses reported to the FBI in 2024. The federal government, banks and companies are all sounding alarms. And the public is also wary, with many having firsthand experience:

  • Nearly all Americans view online scams and attacks as a national problem. More than nine-in-ten say online scams and attacks are a problem in the country, including 79% who describe them as a major problem.
  • Most U.S. adults have been a victim of an online scam or attack. We find that 73% of U.S. adults have ever experienced things like credit card fraud, ransomware or online shopping scams.

While Americans see older adults as more vulnerable to these crimes, significant portions of both older and younger adults have been scammed and targeted online.

[…]

These are some of the key findings from a Pew Research Center survey [PDF is 41 pages] of 9,397 U.S. adults conducted from April 14 to 20, 2025.

[…]

Abstracted from beSpacific
Copyright © 2025 beSpacific, All rights reserved.

Subject: ChatGPT removes feature that let shared chats to be indexed by search engines
Source: gHacks Tech News
https://www.ghacks.net/2025/08/01/chatgpt-removes-feature-that-let-shared-chats-to-be-indexed-by-search-engines/

OpenAI has removed a feature from ChatGPT that allowed shared chats to be discovered by search engines. The option in question only applied to chats that were shared by users. According to a report by TechCrunch, some ChatGPT conversations were discoverable on Google, Bing, and other search services, when filters were used to include results from “https://chatgpt.com/share“. The report quotes various examples of data that could be visible on search engines. One person’s LinkedIn profile was apparently easy to find based on the information in the chat. It is unclear whether other sensitive data was leaked.

Topics

Subject: ‘I am afraid of what’s next,’ ex-ransomware negotiator says
Source: The Register
https://www.theregister.com/2025/07/31/ransomware_physical_harm_threats/

As ransomware gangs threaten physical harm, ‘I am afraid of what’s next,’ ex-negotiator says

Crims warned 40% of respondents that they and their families would sufferRansomware gangs now frequently threaten physical violence against employees and their families as a way to force victim organizations into paying their demands.

According to a survey of 1,500 security and IT professionals conducted by Censuswide on behalf of security firm Semperis, digital intruders are still holding more traditional threats of system lockouts (52 percent) and data destruction (63 percent) over their victims’ heads.

However, almost half (47 percent) of those surveyed across industries and geographies also reported that attackers have threatened to file regulatory complaints against them along the lines of ALPHV’s SEC complaint against fintech firm MeridianLink for failing to notify the American financial regulator of a significant security breach.

More worrisome, however, is that 40 percent of respondents reported receiving physical threats from the miscreants.

Tagged:

Filed: https://www.theregister.com/security/cyber_crime/

LinkedIn
Posted in: AI, Cryptocurrency, Cybercrime, Cybersecurity, Education, Health, Legal Research, Privacy, Search Engines, Social Media