New York is freezing more than $2.2 million in cryptocurrency that was stolen as the result of a remote job scam. It is an unprecedented move spearheaded by New York Attorney General Letitia James, who filed a lawsuit to seize and redistribute the stolen funds back to scam victims around New York.

The scammers sent out fake job offers via text, offering lucrative pay for a position as an online product reviewer. They’d have the victims create cryptocurrency reviews and explain that they were meant to generate market data.

“The victims were assured that they were not purchasing the products but that the account balances would help “legitimize” the data they were generating and that they would get their original payment back plus commission,” the New York State Attorney said in a recent press release.

The crooks created an enticing and realistic-looking job opportunity, with one catch.

In order to get paid, victims needed to create accounts on several legitimate cryptocurrency platforms, like Coinbase, and hold an amount equal to or greater than the value of the coin they were reviewing. In other words, it’s like saying in order to get paid for reviewing a car, you need to give your boss cash equal to the value of the car.

The scammers would claim that in return for sending them the crypto, they would receive their initial investment plus a commission.

Finally, they would require victims to give them their cryptocurrency wallets, so they could receive compensation.

The scheme preys on people looking for remote jobs. In one instance, a man lost $100,000 after scammers “hired” him onto a fake website and took time to train him, help him open cryptocurrency accounts, and then had him send money and create fake reviews for several crypto coins.

Fortunately, a lot of the stolen funds can be recovered.

“During the course of its investigation, OAG secured Tether Limited’s voluntary agreement and cooperation to freeze the stolen USDT, and the Queens County District Attorney’s Office secured a search warrant to freeze USDC stolen in the scam.

Because the cryptocurrency has been frozen, it is available to be recovered and returned to the scammers’ victims under court approval.

A European hotel chain faced a severe data breach that leaked the personal data of millions of customers. The personal records of more than 25 million hotel customers were found.

While it’s impossible to tell exactly which hotel this was, the stolen info indiciates that it was stolen from the French hospitality firm, Honotel Group. Honotel is a massive branch with 135 hotels spread across eight countries and a total valuation of over €1.2 billion.

While the company doesn’t have a history of data breaches, its position in the hotel market makes it a valuable target for hackers. It’s suspected that hackers cracked into a Honotel database, specifically the guest and booking management systems due to the leaked data specifically mentioning “SITE HONOTEL.”

Researchers with Cybernews discovered an “unprotected Elasticsearch server and Kibana interface,” which are tools designed for gathering and analyzing large amounts of data at once.

The stolen data includes full names, phone numbers, email addresses, country codes, date of birth, language codes, Property IDs, and loyalty points. It also included detailed records of the customer’s stay, such as check-in time, number of days spent, etc. The breach could severely impact users.

No threat actors have claimed responsibility for the attack, but that doesn’t mean the breach doesn’t pose a serious risk for the hotel customers. Threat actors could use victims’ personally identifiable information (PII) for phishing schemes, targeted scams, or other sophisticated attacks.

While the attack hasn’t disrupted Honotel’s business, it may face a hefty fine. The GDPR can fine a company 2-4% of its total global annual revenue for failing to implement proper security practices. If further investigations prove that Honotel was attacked due to lax security measures, it faces significant fines.

At this time, there is no concrete proof that the data belonged to Honotel.

The Supreme Court dealt a major setback to TikTok on Friday, upholding a law requiring China-based owner ByteDance to sell the platform by Sunday or face a potential ban in the US. The unsigned decision, with no dissents, rejected TikTok’s claim that the law violates free speech rights.

The law, passed over concerns about national security and Chinese government influence, allows penalties against companies like Apple and Google if they enable TikTok’s distribution. However, both the outgoing Biden administration and the incoming Trump administration have indicated they won’t immediately enforce the law.

“TikTok should remain available to Americans,” said White House Press Secretary Karine Jean-Pierre, while noting the need to address security issues.

TikTok CEO Shou Chew expressed optimism for a resolution, posting on the platform, “We hope for a solution that keeps TikTok available.”

The Justice Department argued the platform could allow China to manipulate content or collect sensitive user data. The court agreed.

“TikTok’s scale and susceptibility to foreign adversary control, together with the vast swaths of sensitive data the platform collects, justify differential treatment,” the Court said, and it found the law “unrelated to the suppression of free expression.”

Former President Trump, who previously sought to ban TikTok, has since changed his mind and hinted at potential action.

“My decision on TikTok will be made in the not too distant future,” he posted on Truth Social. ByteDance, however, has resisted selling, and speculation about potential buyers remains unresolved.

Legal experts have highlighted that even if enforcement is delayed, the law’s penalties could discourage companies like Apple and Google from continuing to host TikTok in their app stores. The risk of civil penalties for aiding TikTok’s distribution, which can be pursued up to five years after violations, creates uncertainty for the platform’s future in the US.

If TikTok goes offline, the decision could disrupt millions of creators and businesses relying on the platform. Many are already exploring alternatives, including Instagram Reels and YouTube Shorts, which have implemented features similar to TikTok to attract its user base. The broader implications of the ruling could reshape the landscape of social media and digital privacy in the United States.

The European non-profit, noyb, filed six complaints against a range of Chinese companies, accusing them of misusing customer data. These companies, TikTok, Temu, SHEIN, Aliexpress, WeChat, and Xiaomi are being accused of transfering user data back to China or other countries, which is strictly prohibited by GDPR law outside of specific circumstances.

Four of these companies admitted to sending customer’s personal data back to China, while the other two said they sent data to undisclosed third-party countries.

“As none of the companies responded adequately to the complainants’ access requests, we have to assume that this includes China,” noyb explains in a recent post. “But EU law is clear: data transfers outside the EU are only allowed if the destination country doesn’t undermine the protection of data.”

“Given that China is an authoritarian surveillance state, companies can’t realistically shield EU users’ data from access by the Chinese government,” noyb explains.

One example pertains to Xiaomi, a Chinese smartphone company. According to noyb, Chinese officials have requested a large amount of Xaomi’s customer data in a short amount of time. In their example, they underline that Xiaomi has to comply and turn over any data that the government asks for.

“On top of that, it is almost impossible for foreign users to exercise their rights under Chinese data protection law,” noyb said.

Following Article 15 of GDPR law, noyb filed access requests for the six companies, asking which countries their data was being sent to. Every request was denied.

“We still know that, according to their privacy policy, AliExpress, SHEIN, TikTok, and Xiaomi transfer data to China. Temu and WeChat mention transfers to third countries. According to Temu and WeChat’s corporate structure, this most likely includes China.”

The complaint also requests the DPAs to impose an administration fine. Should that happen, each business could be fined up to 4 percent of its global revenue.

The UK government is considering a total ban on ransomware payments across the public sector as part of a new consultation to tackle the growing trend of hackers motivated by financial gain.

The consultation will explore expanding the current ransom payment ban from central government departments to include all public services, such as hospitals, schools, local authorities, and state-run transport networks.

The main goal is to discourage financially motivated criminals from targeting these sectors. The plan also includes mandatory incident reporting to assist law enforcement and intelligence agencies.

“Driving down cybercrime is central to this government’s missions to reduce crime, deliver growth, and keep the British people safe,” said security minister Dan Jarvis in a statement. “With an estimated $1 billion flowing to ransomware criminals globally in 2023, it is vital we act to protect national security as a key foundation upon which this Government’s Plan for Change is built.

“These proposals help us meet the scale of the ransomware threat, hitting these criminal networks in their wallets and cutting off the key financial pipeline they rely upon to operate. Today marks the beginning of a vital step forward to protect the UK economy and keep businesses and jobs safe.”

The 12-week consultation will run from Jan. 14 to April 8 and examine 3 proposals. The first is a complete ban on ransom payments by public sector organizations and critical national infrastructure (CNI) entities.

The second proposal builds on the first by extending requirements to organizations not covered by the ban. Private entities legally allowed to pay ransoms would be required to report their intention to do so before proceeding. This measure aims to improve ransomware intelligence gathering while also applying subtle pressure on these organizations to reconsider making payments.

The third, less aggressive proposal suggests introducing a mandatory reporting law for ransomware incidents without imposing a payment ban. This would provide UK cybercrime teams with valuable data to enhance investigations and disrupt operations.

The Cybersecurity and Infrastructure Security Agency (CISA) announced on Monday that it has identified a serious security flaw, known as a command injection vulnerability, in BeyondTrust’s Remote Support and Privileged Access products.

This type of vulnerability can allow hackers to execute unauthorized commands on a system, potentially giving them control. CISA has added this issue to its catalog of known exploited vulnerabilities, a list used to alert organizations to actively targeted weaknesses.

BeyondTrust resolved the issue by releasing a patch for supported versions of Remote Support (RS) and Privileged Remote Access (PRA), specifically for versions 22.1 and above.

The medium-severity flaw, identified as CVE-2024-12686, allows attackers with administrative access to inject commands into a network and execute them as if they were legitimate site users, CISA explains.

“CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice,” CISA noted in its latest alert.

This vulnerability is rated 6.6 on the Common Vulnerability Scoring System (CVSS) — a score that indicates a notable risk that requires attention, particularly if attackers have already gained administrative privileges.

This CVE marks the second vulnerability disclosed by BeyondTrust during its investigation into a series of attacks in December. In those incidents, attackers exploited a compromised Remote Support SaaS API key to reset the passwords of multiple accounts.

The attacks affected a limited number of BeyondTrust’s Remote Support SaaS customers, highlighting the potential risks of exposed API keys and the need for security measures.

The first vulnerability was made public back In December when CISA added CVE-2024-12356 to its KEV catalog. BeyondTrust identified this critical command injection flaw, rated 9.8 on the CVSS scale.

It remains unclear how the medium-severity CVE-2024-12686 is being used in attacks, whether it is exploited independently or combined with the critical CVE-2024-12356 vulnerability.

A sophisticated investment scam, dubbed the “Elon Musk Golden Badges” scheme, is preying on individuals with false promises of astronomical returns and fake endorsements from high-profile figures.

Victims are lured into purchasing “golden badges,” marketed as rare collectible coins, claiming that an initial $290 investment could yield $2 million. Fraudsters falsely attribute endorsements to Tesla CEO Elon Musk and Bank of America CEO Brian Moynihan to lend credibility to the scam.

The operation relies heavily on Telegram, where scammers impersonate public figures like Donald Trump and his family to spread promotional messages. These posts often use patriotic appeals and create a false sense of urgency to pressure victims into acting quickly. The messaging is inconsistent, sometimes advertising “Trump Coins” or “Golden Eagles” instead of “Elon Musk Golden Badges”.

A professional-looking website is the scam’s hub, mimicking legitimate e-commerce platforms. While the site prominently displays fake endorsements, it buries disclaimers stating it is not affiliated with Elon Musk or any related entities. These disclaimers claim the badges are novelty items with no monetary value, yet the site and Telegram messages contradict this by promising massive returns.

The website also features a “secure checkout” page and a purported “60-day money-back guarantee,” though vague terms and conditions allow the scammers to easily deny refunds.

The terms of service further protect the fraudsters by limiting liability and requiring arbitration, making it difficult for victims to pursue legal action. These tactics are part of a long-running strategy employed in previous scams promoting items like “Trump Coin” and “Trump Golden Sticker,” all using fake endorsements and high-pressure sales to exploit trending topics and prominent figures.

Victims risk significant financial loss and potential theft of personal data. This is just one more example of the growing trend in fraud operations leveraging advanced technologies, including AI and deepfakes, to create convincing false narratives. Experts warn the public to remain skeptical of unsolicited investment opportunities promising unrealistic returns and to verify claims through trusted sources.

The US government is introducing a new program to label internet-connected devices like baby monitors, fitness trackers, and security cameras that meet a basic cybersecurity standard. Known as the US Cyber Trust Mark, the initiative aims to help consumers identify safer products and encourage manufacturers to prioritize security.

Anne Neuberger, U.S. Deputy National Security Advisor for Cyber, emphasized the risks associated with internet-connected devices, stating, “Each one of these devices presents a digital door that motivated cyber attackers are eager to enter.”

Key details about the program include:

• Similar to Energy Star: The Cyber Trust Mark is comparable to the Energy Star label, but for cybersecurity. Products passing a US cybersecurity audit can display the mark on their packaging and advertising.
• Voluntary Participation: Unlike cybersecurity regulations that have faced pushback, this program is voluntary, offering incentives for companies to prioritize security in their products.
• Scope: The program applies to “Internet of Things” (IoT) devices like televisions, refrigerators, baby monitors, and security cameras, but excludes computers and smartphones.
• Implementation Timeline: Products bearing the Cyber Trust Mark are expected to hit shelves in 2025, according to Anne Neuberger, the White House’s deputy national security adviser for cybersecurity.
• Retailer Support: Major retailers, including Best Buy and Amazon, have backed the program, signaling broad industry support.
• Consumer Confidence: The program seeks to address a growing need for secure devices, empowering consumers to make safer choices.

Manufacturers that want their products certified will undergo audits by the National Institute of Standards and Technology (NIST). These evaluations will assess cybersecurity features like requiring strong passwords or avoiding default settings vulnerable to attack.

The Federal Communications Commission (FCC), which started designing the program in 2023, will oversee its rollout. Additionally, the Biden administration is working on an executive order requiring federal agencies to exclusively use Cyber Trust Mark-certified devices by 2027.

As cybersecurity challenges continue to rise, the Cyber Trust Mark could provide a much-needed safeguard for consumers navigating an increasingly connected world.

President Joe Biden is preparing to sign a second cybersecurity executive order, aiming to strengthen federal defenses following a term marked by significant cyberattacks. High-profile incidents, including the SolarWinds breach and ransomware attacks on critical infrastructure, have highlighted vulnerabilities across federal systems. This order aims to modernize the government’s cybersecurity practices and address emerging threats.

Central to the order is an update to the Office of Management and Budget’s (OMB) Circular A-130, which governs federal information resource management. Changes will reflect advancements in technology, including the need for post-quantum cryptography and AI security standards. The order also reinforces prior mandates on zero trust architecture, cloud security, and phishing-resistant multi-factor authentication. Federal agencies will be required to meet enhanced endpoint detection and encryption standards.

The Cybersecurity and Infrastructure Security Agency (CISA) is poised to take on a larger role in agency threat detection, a provision that has sparked both support and concern. Advocates argue that CISA’s expanded authority will improve coordination and response times during attacks, creating a unified defense strategy across government systems. Critics, however, caution that centralizing such oversight could introduce risks, such as system-wide disruptions if a failure occurs at the core.

Additionally, the order emphasizes software security, building on previous efforts to implement secure-by-design principles. Vendors providing software to the federal government will face stricter requirements, aimed at preventing supply chain vulnerabilities like those exploited in the SolarWinds attack. Federal agencies will also be tasked with strengthening security measures for cloud services and ensuring compliance with zero-trust principles.

Although the new measures are ambitious, they face challenges in implementation, particularly given the late timing of the administration. Critics question whether agencies can meet the updated requirements within a compressed timeline. However, supporters view the order as a necessary step to protect critical systems and address the growing complexity of cyber threats.

As Biden prepares to leave office, this order could serve as a cornerstone for future cybersecurity policies, setting a precedent for more robust defenses. While its full impact remains to be seen, the focus on modernization and enhanced coordination signals a commitment to improving the resilience of federal networks.

ESET has rolled out significant updates to its HOME Security suite, introducing advanced security tools aimed at tackling the growing threat of online dangers. These enhancements are designed to combat identity theft, ransomware, phishing, and data breaches, offering users more comprehensive protection against cyber threats.

“Our team of experts created a powerful digital life protection solution that blends more than 30 years of human expertise with artificial intelligence, multilayered security technology, and live cloud protection,” said Viktória Ivanová, Vice President of Consumer and IoT Segment at ESET.

One of the key upgrades is the integration of ESET Identity Protection, now enhanced with Dark Web Monitoring. This feature scans underground websites, blogs, and forums to detect illegal activity involving personal information. Users are immediately alerted if their details are found on the dark web, enabling them to take swift action to prevent misuse.

The security suite also benefits from ESET Folder Guard, which offers added protection for Windows devices. This new feature allows users to designate specific folders as “protected,” preventing unauthorized applications from modifying or deleting critical files. It is a vital tool for safeguarding against ransomware and destructive malware attacks.

For users with multi-core Windows devices, the introduction of Multithread Scanning improves scan efficiency. The system now takes advantage of multiple CPU cores to perform scans faster without causing slowdowns, making it a more efficient option for busy devices.

Android users are also catered to with the upgraded Link Scanner, a tool in ESET Mobile Security that now provides enhanced anti-phishing protection. Unlike traditional anti-phishing tools, this updated scanner examines links across all apps, including games and messaging platforms, to provide comprehensive coverage.

ESET’s Password Manager has also seen major improvements. Users can now remotely log out of active sessions and check their stored passwords against breach databases. The addition of a third-party two-factor authentication app further strengthens password security.

Mac users will benefit from a redesigned firewall that integrates seamlessly into the ESET HOME Security interface, ensuring a smoother experience while maintaining robust protection.