TikTok is launched an ad-free service is in the UK, but would you pay £3.99 for it?

TikTok says it's pulling back a limited test of AI summary captions, after the feature kept making major mistakes.

Meta is enhancing its technology for detecting users under 13 who shouldn't be on Facebook or Instagram.

New Mexico is calling Meta products a public nuisance and no one is certain what com es next.

ON SECURITY By Susan Bradley One thing the World Wide Web has done in recent years is introduce new ways to scam, trick, entice, and generally be a drag on our time — and potentially a hit to our pocketbooks. Here are some threats I’ve seen in recent months. Read the full story in our […]

Here's what I learnt after trying to kick Reddit and YouTube cold turkey for a month.

Iranian government-connected groups are deploying malware via the Telegram messaging app, taking aim at dissidents and other opponents of Tehran around the world, the FBI said in an alert Friday.

The FBI said attackers linked to the Ministry of Intelligence and Security are behind the campaign, which stretches back to 2023. The bureau is escalating the alert now, though, because of the conflict between Iran and a U.S.-Israel alliance, it states.

“The observed victim profile included Iranian dissidents, journalists opposed to Iran, members of organizations with beliefs counter to Government of Iran narratives, and other individuals Iran perceives as a threat to the Iranian government, However, the malware could be used to target any individual of interest to Iran.” the alert reads. “This malware resulted in intelligence collection, data leaks, and reputational harm against the targeted parties.” 

Handala — an Iranian pro-Palestinian group that claimed credit for the hack on medical device maker Stryker this month — used information it gathered from hacking dissidents to carry out a hack-and-leak campaign in 2025, the FBI assesses. (Stryker sent a notice to the Securities and Exchange Commission Monday that provides an update on the incident.)

While U.S. officials say they haven’t seen any major increase in cyberattacks out of Iran since the conflict began, experts have noted it could be weeks before patterns emerge.

Telegram is a popular communications channel in Iran. Iranian hackers frequent Telegram to discuss planned attacks. On the other hand, the Islamic Revolutionary Guard Corps has also issued warnings to its populace that they could face prosecution if they’re members of Telegram-based opposition channels, IranWire reported last week.

The FBI said from the malware samples it examined, the scheme begins with hackers masquerading as apps like Pictory, KeePass and Telegram. The hackers configure command and control using a Telegram bot.

To gain initial access, the hackers seek to manipulate victims by posing as someone they know or as tech support for a social media platform. They then trick the victims into accepting a file transfer, which then launches the malware.

“Based on multiple observations, stage 1 of the malware appeared to be tailored to the victim’s pattern of life to increase likelihood of victim downloading the malware, which indicates the Iranian cyber actors likely performed target reconnaissance prior to engaging with the victim,” the FBI said.

The FBI alert is the latest in a series of government warnings about attackers using messaging apps to carry out their objectives.

Telegram spokesperson Remi Vaughn said in an emailed response: “Bad actors can and do use any available channel to control malware, including other messengers, email or even direct web connections. While there is nothing unique about the use of Telegram to control software, moderators routinely remove any accounts found to be involved with malware.”

The post FBI: Iranian hackers targeting opponents with Telegram malware appeared first on CyberScoop.

Professional NBA and NFL athletes were allegedly deceived and victimized by a 34-year-old Georgia man’s sneaky social-engineering scheme that he ran while impersonating a well-known adult film star, the Justice Department said Monday.

Kwamaine Jerell Ford allegedly initiated and committed some of the crimes while incarcerated in federal prison for a similar, widespread phishing scam that also targeted college and professional athletes and musical artists starting in 2015. 

“While serving time for stealing credit card numbers from athletes and celebrities to fund his lifestyle, Ford allegedly engaged in the same conduct again,” Theodore S. Hertzberg, U.S. attorney for the Northern District of Georgia, said in a statement.

The alleged repeat offender, while adopting the persona of an adult film model, tricked professional athletes into providing him their iCloud login credentials and multifactor authentication codes for those accounts to steal financial and personally identifiable information to pay for personal expenses.

Ford is accused of executing more than 2,000 unauthorized transactions on professional athletes’ debit and credit cards from November 2020 to September 2024, according to an unsealed indictment. He was in federal custody for the first 14 months of the conspiracy and released on probation for prior crimes in January 2022.

Prosecutors did not name victims, divulge how many athletes Ford allegedly victimized during his latest scheme, or how much money he obtained through the conspiracy. 

He pleaded not guilty Friday to 22 charges for crimes including wire fraud, obtaining information by computer from a protected computer, access device fraud, aggravated identity theft and sex trafficking. Ford is being held without bail pending a trial. 

Using the adult film model’s identity, Ford allegedly enticed his high-profile victims to communicate with him on social media by falsely claiming he would send them adult film content through iCloud.

When a professional athlete responded, Ford allegedly sent phishing messages to the victim designed to look like legitimate Apple customer service text messages. Officials said Ford spoofed legitimate Apple customer service accounts and posed as an Apple customer support representative to request victims’ login details via text messages.

Prosecutors said Ford told his victims the messages contained a video file shared through an iCloud link that required them to reply with an MFA code. Ford allegedly attempted to access his victims’ iCloud accounts at the same time, triggering an MFA code delivery to the victim’s device.

Professional athletes who provided their iCloud MFA codes to Ford were ultimately tricked into giving him complete access to their iCloud accounts, officials said. Ford allegedly used that access to steal sensitive data, driver’s licenses and credit card information that he used for personal spending.

Ford also, while impersonating the adult film star, allegedly victimized an OnlyFans model by claiming he would advance their career. Prosecutors said Ford enticed the OnlyFans model to engage in and record commercial sex acts with professional athletes without their consent. 

“Ford clearly did not learn from his prior conviction for a similar scheme. This time, he allegedly escalated his criminal activity — stealing identities and money while also moving into coercion and sex trafficking,” Peter Ellis, acting special agent in charge at the FBI Atlanta office, said in a statement. 

Ford allegedly advertised the victim to targeted athletes, coordinated their travel to coincide with athletes’ known locations, and negotiated payments from the athletes for sex with the victim. Prosecutors said Ford took a financial cut from those commercial sex acts, many of which the victim was coerced into filming without the athletes’ knowledge. 

Ford is also accused of using these videos from the OnlyFans model to engage with additional athletes under false pretenses. When the OnlyFans model resisted filming the sex acts, Ford allegedly coerced them to send him money in lieu of the videos.

In 2019, Ford was sentenced to three years in prison and ordered to pay restitution of almost $700,000 after he pleaded guilty to computer fraud and aggravated identity theft. That scheme, which also ran for about four years, allowed Ford to hack into more than 100 Apple accounts belonging to high-profile professional athletes and rappers. 

Ford was still in prison for those crimes when he allegedly established a new scheme targeting similar victims on some of the same technology platforms.

You can read the indictment below.

The post Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison appeared first on CyberScoop.

A class of individuals who say they were victimized by nude or undressed deepfakes generated by Grok have filed a lawsuit against parent company xAI, calling the tool “a generative artificial intelligence chatbot that humiliates and sexually exploits women and girls by undressing them and posing them in sexual positions in deepfake images publicly posted on X.”

The lawsuit, filed Jan. 23 in the U.S. District Court of Northern California, alleges  that xAI executives knew Grok could generate explicit, nonconsensual images from real photos of victims, failed  to implement industry standard safeguards, and instead moved to “capitalize on the internet’s seemingly insatiable appetite for humiliating non-consensual sexual images.”

“xAI’s conduct is despicable and has harmed thousands of women who were digitally stripped and forced into sexual situations that they never consented to and who now face the very real risk that those public images will surface in their lives where viewers may not be able to distinguish whether they are real or fake,” the lawsuit stated.

There are at least 100 individuals involved in the lawsuit. The plaintiffs, who are suing under the anonymous name “Jane Doe, on behalf of herself and all others similarly situated,” cited data compiled by the New York Times showing that over a nine-day period between the end of December and the beginning of January, Grok generated 4.4 million images, of which at least 1.8 million were estimated to be sexualized deepfakes of women. Another analysis from the Center for Countering Digital Hate estimated that as many as three million of the images contained sexualized depictions of women, men and children.

“X users flooded Grok with these requests, and Grok obliged,” the lawsuit stated.

The suit claims that xAI took a number of actions to encourage users to create “nudified” content, including a feature that would allow other users to prompt Grok to manipulate photos on X simply by tagging a person’s handle, providing Grok with a “spicy” option where a user could click on a photo and generate controversial content, including sexualized deepfakes, and failing to implement any prompt filtering that would have prevented sexualized deepfake requests.

XAI owner Elon Musk fueled the controversy by asking Grok on X to generate a photo of himself in a bikini. As backlash grew, Musk announced the feature would be limited to paying subscribers, sparking more criticism that the company was  profiting off the tool’s abusive capability.

Musk has since put forth several different defenses, at one point denying that Grok was even generating illegal sexualized content. On Jan. 14, he posted on X that he was “not aware of any naked underage images generated by Grok. Literally zero.”

As CyberScoop has reported, legal experts believe Grok’s undressing capability – which researchers say goes beyond generating bikini or lingerie images and included images of fully nude women, men and children, or victims covered in bodily fluids – may expose xAI and Musk to a broad range of U.S. and international laws against sexualized deepfakes, digital fraud, and the distribution of child sexual abuse material.

In addition to X’s embedded Grok tool, researchers have said that they were also able to easily generate even more graphic  nonconsensual pornographic content through Grok’s main website.

The class action suit is the latest legal development  to hit xAI and Musk over the episode. The European Union, the UK, South Korea, Canada, Brazil and others have opened formal investigations into whether xAI violated domestic laws. Leaders in the UK, India, Malaysia, Indonesia have all threatened to restrict or ban X unless more is done.

Meanwhile, the U.S. federal government, including the Federal Trade Commission and the Department of Justice, have remained silent.

But even in the United States, Musk is likely to face increasing pressure from states. On the same day the suit was filed, 35 State Attorneys General wrote to Musk following a meeting with xAI officials expressing “deep concern” over the company’s actions.

The state officials said they were “committed” to investigations and prosecutions in this area and pressed xAI to do more to curb the Grok-enabled abuse.

“As several of us conveyed to you in our recent discussion, halting this kind of abusive and illegal behavior is an utmost priority for the undersigned Attorneys General,” they wrote. “The creation and dissemination of child sexual abuse material is a crime. In many states, this is true even where the material has been manipulated or is synthetic. Various state and federal civil and criminal laws also forbid the creation of nonconsensual intimate images and provide remedies to victims.”

While there are numerous AI nudifying tools, they wrote that “Grok merits special attention given evidence that it both promoted and facilitated the production and public dissemination of such images, and made it all as easy as the click of a button.”

The post Undressed victims file class action lawsuit against xAI for Grok deepfakes appeared first on CyberScoop.

ON SECURITY By Susan Bradley The end of one year and the beginning of the next is a celebrated milestone, which is why some of us pundits recommend using some of that festive time to review your tech and tame it. Privacy is always top of mind, and it’s tempting to lock things down as […]

Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField

Previously exclusive to Trend Vision One customers, select Trend Cybertron models, datasets and agents are now available via open-source. Build advanced security solutions and join us in developing the next generation of AI security technology.

In this edition of AI Pulse, let's look back at top AI trends from 2024 in the rear view so we can more clearly predicts AI trends for 2025 and beyond.

It is no surprise that growing your social network can help get your name out there and provide opportunities to advance your career. LinkedIn, one of the original career-focused networking […]

The post How to Put Yourself Out There – Networking on Social Media appeared first on Black Hills Information Security, Inc..

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

The post Podcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security, Inc..

💾

Beau Bullock & Mike Felch// Strategically targeting a corporation requires deep knowledge of their technologies and employees. Successfully compromising an organization can depend on the quality of reconnaissance a tester […]

The post Webcast: Weaponizing Corporate Intel. This Time, It’s Personal! appeared first on Black Hills Information Security, Inc..