https://www.crowdstrike.com/en-us/blog/crowdstrike-researchers-identify-hidden-vulnerabilities-ai-coded-software/

I guess we've moved from ... this might happen, to this has happend? Or we thought they could do this, to... they have done this.

"CrowdStrike Counter Adversary Operations research discovered that DeepSeek-R1, a Chinese open-source LLM, generates significantly less secure code when system prompts contain specific geopolitical trigger words related to sensitive CCP topics. Testing 30,250 prompts across multiple LLMs revealed DeepSeek-R1 produced code scoring 16% less secure for Uyghur-related contexts and 8% less secure for Taiwan references compared to baseline. The research identified an 'intrinsic kill switch' behavior where the model generates detailed plans during reasoning but refuses output at the final stage, suggesting embedded content controls aligned with Chinese regulatory requirements."

#Cybersecurity #Infosec

https://www.crowdstrike.com/en-us/blog/crowdstrike-researchers-identify-hidden-vulnerabilities-ai-coded-software/

I guess we've moved from ... this might happen, to this has happend? Or we thought they could do this, to... they have done this.

"CrowdStrike Counter Adversary Operations research discovered that DeepSeek-R1, a Chinese open-source LLM, generates significantly less secure code when system prompts contain specific geopolitical trigger words related to sensitive CCP topics. Testing 30,250 prompts across multiple LLMs revealed DeepSeek-R1 produced code scoring 16% less secure for Uyghur-related contexts and 8% less secure for Taiwan references compared to baseline. The research identified an 'intrinsic kill switch' behavior where the model generates detailed plans during reasoning but refuses output at the final stage, suggesting embedded content controls aligned with Chinese regulatory requirements."

#Cybersecurity #Infosec

FWIW, folks I follow used these hashtags today: #law (23) #legaltech (19) #autosum (18) #tech (18) #uspolitics (9) #uspol (9) #cryptocurrency (7) #crypto (7) #citationneedednewsletter (7) #hashtaggames (6) #hallmarkmoviesforheadlines (5) #trump (4) #satire (3) #dailystats (3) #canada (2) #ai (2) #health (2) #contracts (2) #infosec (2) #cop30 (2) #gaza (2) #lawfedi (2) [ #DailyStats]

Grab a coffee.

TP-Link is now suing Netgear, claiming Netgear "orchestrated a smear by planting false claims with journalists and internet influencers with the goal of scaring off customers."

TP-Link says "it may take a sales hit of more than $1 billion because of erroneous reports that the networking company’s technology has been 'infiltrated' by Beijing" https://www.msn.com/en-us/money/other/netgear-accused-by-rival-of-china-smear-to-fan-security-fear/ar-AA1QHgJN #TPLink #Netgear #infosec #espionage

My dad just called to ask for his computer's admin password. He fell for yet another fraudulent #Paypal charge #scam and gave the scammer access to his computer. The scammer was stopped by the fact that I've revoked Dad's admin rights for just this reason.
He has fallen repeatedly for this scam and others like it. We keep telling him it's a scam. We keep telling him to call us before calling any number he gets in an email. He keeps falling for it. It's infuriating.
#infosec #elderAbuse
1/2

Title: The Line Between National Security and Personal Freedom: A Cautionary Tale in the James Comey Case

As the trial of former FBI Director James Comey approaches, a recent development has shed light on the delicate balance between national security, cybersecurity, and individual privacy rights.

Read more: https://steelefamlaw.com/adxqtQ

#LegalTech #FamilyLaw #InfoSec #Cybersecurity

Title: The Line Between National Security and Personal Freedom: A Cautionary Tale in the James Comey Case

As the trial of former FBI Director James Comey approaches, a recent development has shed light on the delicate balance between national security, cybersecurity, and individual privacy rights.

Read more: https://steelefamlaw.com/adxqtQ

#LegalTech #FamilyLaw #InfoSec #Cybersecurity

𝙏𝙝𝙧𝙚𝙖𝙩 𝙈𝙤𝙙𝙚𝙡: 𝘾𝙮𝙗𝙚𝙧𝙨𝙚𝙘𝙪𝙧𝙞𝙩𝙮
𝘧𝘰𝘳 Nov. 18th, 2025
𝘣𝘺 𝘫𝘰𝘶𝘳𝘯𝘢𝘭𝘪𝘴𝘵 @violetblue

- Meta’s business model of massive profits from scam ads revealed by Reuters

- that sensationalist China AI hacking campaign actually had humans guiding it every step of the way

- AI toys tell kids about the glory of dying in battle

- queer threat database GAYINT launches

- RIP Delchi

- ShinyHunters hit Checkout but Checkout gave the ransom to cyber research centers instead

- Pandemic updates, and a bird flu early warning signal to watch

...and much more.

https://www.patreon.com/posts/cybersecurity-18-143829908

#ThreatModel #ThreatModelCybersecurity #ThreatModelNewsletters #VioletBlue #infosec #cybersec #COVIDnews #CovidIsNotOver #H5N1 #birdflu

Chrome now wants to store and autofill your driver’s license and other ID info.

From a cybersecurity perspective, that is a hard no from me. Info-stealer malware already targets browser autofill, and you cannot rotate a driver’s license number like a password. Putting high value IDs in the most targeted consumer app on the planet is a bad trade for a little convenience.

I wrote up why this feature is such a risky idea and what I recommend instead:

🔗 https://www.kylereddoch.me/blog/chromes-new-drivers-license-autofill-is-a-terrible-idea/

#Infosec #Privacy #Chrome #Cybersecurity

Chrome now wants to store and autofill your driver’s license and other ID info.

From a cybersecurity perspective, that is a hard no from me. Info-stealer malware already targets browser autofill, and you cannot rotate a driver’s license number like a password. Putting high value IDs in the most targeted consumer app on the planet is a bad trade for a little convenience.

I wrote up why this feature is such a risky idea and what I recommend instead:

🔗 https://www.kylereddoch.me/blog/chromes-new-drivers-license-autofill-is-a-terrible-idea/

#Infosec #Privacy #Chrome #Cybersecurity

Chrome now wants to store and autofill your driver’s license and other ID info.

From a cybersecurity perspective, that is a hard no from me. Info-stealer malware already targets browser autofill, and you cannot rotate a driver’s license number like a password. Putting high value IDs in the most targeted consumer app on the planet is a bad trade for a little convenience.

I wrote up why this feature is such a risky idea and what I recommend instead:

🔗 https://www.kylereddoch.me/blog/chromes-new-drivers-license-autofill-is-a-terrible-idea/

#Infosec #Privacy #Chrome #Cybersecurity

I'm not thrilled, as some are, that #Flock images have been ruled public records.
As the article says, that means anybody can #FOIA Flock records ABOUT ANYONE.
So we're going from "the police can use Flock to spy on you" to "ANYONE can use Flock to spy on you."
The article says this will make people reconsider whether we want these cameras operating. (1) I doubt that'll come to anything, and (2) what about in the meantime?
This is quite dangerous.
#privacy #infosec
Ref: https://www.404media.co/judge-rules-flock-surveillance-images-are-public-records-that-can-be-requested-by-anyone/