90,000 Screenshots of One Celebrity's Phone Were Exposed Online

Spyware appears to have captured everything from intimate photos to private messages from the smartphone of European celebrity. They were publicly accessible until a researcher flagged the exposure...

Meta rolls out anti-scam tools across WhatsApp, Facebook, and Messenger

Meta has rolled out more anti-scam protections across WhatsApp, Facebook, and Messenger to fight sophisticated fraud tactics. The features will help stop celebrity impersonators and brand spoofers from defrauding its users, the company said. Meta is also targeting attackers who exploit legitimate...

Regulators around the world are scrutinizing Grok over sexual deepfakes

Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...

Weight loss scams, or why ‘Jodie Foster’ wants me to lose weight

It seems like it's hard to move on social media without some kind of mention of weight-loss injections these days. And, sure, these drugs can have a positive affect for many people, but not all these cases of weight loss are real, nor are the people promoting them who they say they are. Weight-lo...

Corpse-eating selfies, and other ways to trick scammers (Lock and Code S06E14)

This week on the Lock and Code podcast … There’s a unique counter response to romance scammers. Her name is Becky Holmes. Holmes, an expert and author on romance scams, has spent years responding to nearly every romance scammer who lands a message in her inbox. She told one scammer pretending to ...

Fake Crypto Exchange Ads on Facebook Spread Malware

Bitdefender exposes Facebook ad scams using fake crypto sites and celebrity lures to spread malware via malicious desktop…...

New Investment Scams Use Facebook Ads, RDGA Domains, and IP Checks to Filter Victims

Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems TDSes. The activity clusters have been codenamed Reckless Rabbit and Ruthless Rabbit by DNS...

Erased but Not Forgotten: How Backdoors Compromise Concept Erasure

The expansion of large-scale text-to-image diffusion models has raised growing concerns about their potential to generate undesirable or harmful content, ranging from fabricated depictions of public figures to sexually explicit images. To mitigate these risks, prior work has devised machine...

Ticketmaster Breach: Hackers Leak 10M ‘Unrefreshable’ Ticket Barcodes

The latest Ticketmaster leak impacts top celebrities and events including Taylor Swift, Jennifer Lopez, and Justin Timberlake concerts.…...

Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs

Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows...

Safer Internet Day, or why Brad Pitt needed an internet bodyguard

February 6, 2024 is Safer Internet Day. When I was asked to write about the topic, I misunderstood the question and heard: “can you cover save the internet” and we all agreed that it might be too late for that. While we laughed about it, it made me think. The internet has been around for quite so...

A week in security (September 25 - October 1)

Last week on Malwarebytes Labs: Dependabot impersonators cause trouble on GitHub Update Chrome now! Google patches another actively exploited vulnerability Googles Bard conversations turn up in search results Malicious ad served inside Bing's AI chatbot Pegasus spyware and how it exploited a WebP...

Actors, Threats and Vulnerabilities 12 June to 18 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of twenty different vulnerabilities in...

celebritytalent.net Cross Site Scripting vulnerability OBB-3384128

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Big changes to Twitter verification: How to spot a verified account

Twitter has made some fairly major changes to how its verified checkmark status works, and its already causing some confusion. If you rely on the checkmark symbol for confirmation that the individual or business tweeting is actually the real deal, your regular process is now different. How...

Kim Kardashian gets huge fine for crypto ad

The Securities and Exchange Commission SEC announced in a recent press release that it's charging celebrity influencer Kim Kardashian for violating Section 17b of the Securities Act of 1933, or the anti-touting provision. Kardashian was paid to promote EthereumMax or EMAX, a crypto asset security...

celebritychefsmagazine.com Cross Site Scripting vulnerability OBB-2965306

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exceptional Brand Experiences Go Far Beyond the 30-Second Super Bowl Ad

Super Bowl LVI is almost here, and with that comes one of my favorite pastimes: watching the commercials! And you know I’m not alone — 30% of viewers tune in to the big game primarily to see the commercials, upping the pressure on CMOs to “get it right.” But winning the hearts and minds of the mo...

Celebrity jewelry house Graff falls victim to ransomware

Data on countless celebrities, including politicians, is apparently now in the hands of ransomware attackers after a group using the Conti variant compromised systems of one of the world’s most exclusive jewelry houses, Graff. Despite what mathematicians like to think, there is an exception to...

RedTorch Formed from Ashes of Norse Corp.

Remember Norse Corp., the company behind the interactive "pew-pew" cyber attack map shown in the image below? Norse imploded rather suddenly in 2016 following a series of managerial missteps and funding debacles. Now, the founders of Norse have launched a new company with a somewhat different...