Login
The article explores the implementation of our ICMP detection module, detailing the engineering process and how the ICMP Echo Stream (iStream) assembler played a key role in designing its core detection rules.
US courts have warned of delays as PACER, the system for accessing court documents, struggles to support users enrolling in its mandatory MFA program.β¦
Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz TP-Link are under active attack and need to be fixed β but there's another flaw being exploited as well.β¦
UK prime minister Sir Keir Starmer cleared out the officials in charge of tech and digital law in a dramatic cabinet reshuffle at the weekend.β¦
Hey r/netsec,
As a security researcher, I've been exploring ways to leverage AI for more effective code audits. In my latest Medium article, I dive into a complete end-to-end walkthrough using Hound, an open-source AI agent designed for code security analysis. Originally built for smart contracts, it generalizes well to other languages.
What's in the tutorial:
At the end of the article, we create a quick proof-of-concept for one of the tool's findings.
The full post Is here:
Use it responsibly for ethical auditing only.
Struggling to get an existing handle of a browser's process which already has tthe Cookies file open and can't dump the cookies?
Extreme situations require extreme measures!
Learn about the new critical CVE-2025-43300 vulnerability that allows RCE on iOS & macOS by clicking on the post link.
This class by Xeno Kovah (founder of OST2) teaches about the 30+ types of Bluetooth data that the Blue2thprinting software can collect and surface for when you're trying to determine what a device is, and whether it has any known vulnerabilities. New in v2.0+ is the BTIDALPOOL crowd-sourcing server for researchers to push & pull data about devices they've discovered.
Like all current #OST2 classes, the core content is made fully public, and you only need to register if you want to post to the discussion board or track your class progress. Based on beta testing this class takes an median of 8 hours to complete (and an average of 9 hours, with a min of 4h30m and max of 15h22m.)
The new Bluetooth learning path showing this class's relationship to others under development is available here: https://ost2.fyi/Bluetooth.html
I only just realised, as I prepared this accompanying blog post, that I didn't talk about one of the points in the overview: food. One of my fondest memories as a child living in Singapore and now as an adult visiting there is the food. It's one of those rare places where the food at every level is just exceptional, and even a basic outing is a treat. As a kid, the most common "fast food" I'd eat was from local "hawker centres", probably what many people would call street food, but never in the "I'm not sure what my night will look like after eating it" kind of way. Noodles, satay, BBQ pork, and all that sort of thing. Or on the pricier side, no visit back is complete without Singapore chilli crab, which served as our final meal on Thursday before we jumped on the plane home. And that's one of the great joys of travel - the ability to experience the differences that make these trips so much more enjoyable. The last time I remember thinking how exceptional the food was was in Reykjavik earlier this year. I think it's time to pay Stefan another visit π€€
Losing your phone or having it stolen can feel like a nightmare, especially when you consider the treasure trove of personal information stored on your device. From banking apps and email accounts to social media profiles and payment methods, smartphones contain virtually our entire digital lives. When a criminal or pickpocket gains access to your phone, they potentially have the keys to your identity, finances, and online presence. However, acting quickly and methodically can help minimize the risks and protect you from identity theft and financial fraud.
The reality is sobering, criminals with access to your phone can make unauthorized purchases, hack into your accounts, and even steal your identity to open new credit lines in your name. But by following these nine critical steps immediately after discovering your phone is missing, you can significantly reduce the potential damage and protect your most sensitive information.
Before taking any drastic measures, start with the obvious: try calling your phone from another device. You might hear it ring nearby, or someone who found it might answer and be willing to return it. If this doesnβt work, turn to your phoneβs built-in tracking capabilities.
For iPhone users, Appleβs Find My service allows you to see your deviceβs location on a map, play a sound to help locate it, and even view its last known location if the battery has died. Android users can access Googleβs Find My Device with similar functionality. Both services can be accessed from any computer or other device by logging into your Apple or Google account. These tracking tools not only help you locate your phone but also provide remote control options that become crucial if recovery seems unlikely.
If you canβt physically retrieve your phone or suspect itβs in the wrong hands, immediately lock it remotely. This creates an additional barrier between a potential thief and your personal information, preventing access to your apps, messages, emails, and saved payment methods.
Both iPhone and Android devices offer remote locking capabilities through their respective tracking services. You can also set a custom message to display on the lock screen with your contact information, which could help if someone honest finds your phone and wants to return it. For iPhone users, this means accessing iCloud.com or using the Find My app on another Apple device, selecting your lost phone, and choosing βMark as Lost.β Android users can visit android.com/find, select their device, and choose βSecure Deviceβ to lock it and display a custom message.
While law enforcement may not actively search for your stolen phone, filing a police report creates an official record that can prove invaluable if you need to dispute fraudulent charges or deal with insurance claims. When you visit your local police department, bring as much information as possible about when and where your phone was lost or stolen.
Having your phoneβs IMEI number (International Mobile Equipment Identity) or serial number available will strengthen your report. You can usually find these numbers in your phoneβs settings, on the original packaging, or through your carrierβs account portal. This documentation becomes particularly important if criminals use your phone to commit further crimes or if you need to prove to financial institutions that fraudulent activity resulted from theft.
Your next call should be to your mobile carrier to suspend service on your stolen or lost device. This prevents unauthorized calls, texts, or data usage that could result in unexpected charges on your bill. More importantly, it helps protect your account from being hijacked or used to access two-factor authentication codes sent to your number.
Most major carriers can also blacklist your stolen device, making it much harder for thieves to use even if they manage to bypass the screen lock. When you contact your carrier, ask about temporary suspension options if youβre still hoping to recover your phone, or proceed with permanent cancellation if youβre ready to move to a replacement device. Many carriers also offer insurance programs that may help cover the cost of a replacement phone.
Even with remote locking enabled, sophisticated criminals may find ways to access your stored information. This makes securing your online accounts one of the most critical steps in protecting yourself from identity theft. Your phone likely has saved passwords, active app sessions, and stored payment information that could be exploited.
Start by changing passwords for your most sensitive accounts, particularly email, banking, and financial services. Focus on creating strong, unique passwords that would be difficult for criminals to guess. McAfeeβs Password Manager can secure your accounts by generating and storing complex passwords and auto-filling your info for faster logins across devices. Next, remotely sign out of all apps and services that were logged in on your stolen device. Most major platforms, including Google, Apple, Microsoft, and social media sites, offer account security settings where you can view active sessions and log out of all devices remotely. This step is crucial because it prevents thieves from accessing your accounts even if they bypass your phoneβs lock screen.
Consider this an opportunity to enable two-factor authentication on accounts that support it, adding an extra layer of security for the future. While youβre at it, monitor your online and financial accounts closely for any suspicious activity, unauthorized transactions, or login attempts from unfamiliar locations.
Your stolen phone likely contains mobile payment apps like Apple Pay, Google Pay, or individual retailer apps with stored credit card information. Criminals can potentially use these payment methods to make unauthorized purchases, so removing them quickly is essential for protecting your finances.
For Apple Pay users, marking your device as lost through Find My iPhone will automatically suspend Apple Pay on that device. Alternatively, you can manually remove payment methods by signing into your Apple ID account at appleid.apple.com, selecting your lost device, and choosing to remove all cards. Google Pay users should visit payments.google.com, navigate to payment methods, and remove any cards linked to the compromised device.
Donβt stop there β contact your bank or credit card issuer directly to alert them about the potential for fraud. They can freeze or cancel the cards linked to your mobile payment apps and monitor for any suspicious transactions. Review your recent statements carefully and report any charges that werenβt made by you. Most financial institutions have straightforward fraud dispute processes and will work quickly to resolve unauthorized transactions.
When all hope of recovering your phone is lost, remote data erasure becomes your final line of defense against identity theft. This nuclear option wipes all stored data, settings, media, and personal information from your device, ensuring that criminals canβt access your photos, contacts, passwords, financial information, or any other sensitive data.
Both iPhone and Android devices offer comprehensive remote wipe capabilities through their respective tracking services. For iPhone users, this means accessing Find My and selecting βErase iPhone,β which will restore the device to factory settings and remove all personal information. Android users can accomplish the same thing through Find My Device by selecting βErase Device.β
Keep in mind that once you erase your phone remotely, youβll lose the ability to track it further, so make sure youβve exhausted all other options first. However, the peace of mind that comes from knowing your personal information canβt be accessed often outweighs the slim chance of recovery.
Criminals with access to your phone may attempt to exploit your personal relationships by impersonating you in messages or calls to your contacts. They might send urgent requests for money, ask for sensitive information, or attempt to trick your friends and family into various scams using your trusted identity.
Reach out to your closest contacts through alternative communication methods to warn them that your phone has been compromised. Let them know to be suspicious of any unusual requests coming from your number and to verify your identity through a different channel if they receive anything questionable. This proactive step can prevent your loved ones from becoming secondary victims of the crime.
Once youβve accepted that your phone is truly gone, itβs time to focus on getting back online securely. Check with your mobile carrier about replacement options, as some plans include insurance coverage that can significantly reduce the cost of a new device. Even if you donβt have insurance, carriers often offer payment plans for replacement phones.
When you get your new device, youβll be able to restore your data from cloud backups like iCloud or Google Drive. This is why maintaining regular automatic backups is so important β they ensure you donβt lose photos, contacts, app data, and other important information permanently. During the setup process, take the opportunity to review and strengthen your security settings based on what youβve learned from this experience.
The theft of your phone represents just one potential pathway to identity theft, but itβs often one of the most impactful because of how much personal information our devices contain. While following the steps above can help minimize immediate damage, comprehensive protection requires ongoing vigilance and professional monitoring services.
McAfeeβs Identity Protection offers multiple layers of defense that can alert you to potential identity theft before it becomes a major problem. Through comprehensive identity monitoring, McAfee identifies your personal information across the dark web and various databases, providing early warnings when your data appears in places it shouldnβt. This includes monitoring of social security numbers, government IDs, credit card numbers, bank account details, email addresses, and phone numbers β often alerting users up to 10 months earlier than similar services.
The credit monitoring component keeps watch over changes to your credit score, reports, and accounts, sending timely notifications when new accounts are opened, credit inquiries are made, or suspicious activity is detected. This early warning system can help you catch identity thieves before they cause significant financial damage. Perhaps most importantly, if you do become a victim of identity theft in the U.S., McAfee provides up to $2 million in identity theft coverage and restoration support for select McAfee+ plans.
While no one plans to have their phone stolen, taking preventive measures can significantly reduce the potential impact if it happens to you. Enable device tracking features like Find My or Find My Device before you need them, and make sure you know how to access these services from other devices. Use a strong passcode or biometric authentication that would be difficult for thieves to guess or bypass quickly.
Consider adding a PIN to your SIM card to prevent thieves from removing it and using it in another device. Maintain regular automatic backups to cloud services so you wonβt lose important data permanently if your phone disappears. Most importantly, review and limit the amount of sensitive information you store directly on your device and consider using additional authentication methods for your most critical accounts.
Record your phoneβs IMEI number and serial number in a safe place where you can access them if needed for police reports or insurance claims. These small preparatory steps can save significant time and stress if the worst happens.
Phone theft is just one of many ways criminals can gain access to your personal information and identity. In our interconnected digital world, comprehensive protection requires a multi-layered approach that goes beyond device security. Data breaches at major companies, phishing attacks, social engineering scams, and various online threats all pose risks to your identity and financial well-being.
This is where integrated protection services like McAfee+ become invaluable. Rather than trying to manage multiple security concerns separately, comprehensive identity and device protection provides peace of mind through continuous monitoring, early warning systems, and professional restoration support when things go wrong. The goal isnβt just to react to problems after they occur, but to prevent them from happening in the first place and to minimize their impact when prevention isnβt enough.
Having your phone stolen is stressful enough without worrying about the long-term consequences for your identity and finances. By following these nine essential steps quickly and methodically, you can significantly reduce the potential damage and protect yourself from becoming a victim of identity theft. Remember, the key is acting fast β every minute counts when it comes to protecting your digital life from criminals who might have gained access to your most personal information.
The post What to Do if Your Phone is Stolen or Lost: 10 Steps to Protect Your Identity appeared first on McAfee Blog.
As another school year begins, the digital landscape our children navigate has become increasingly complex. With artificial intelligence tools now readily available and social media platforms evolving rapidly, considering creating a family technology pledge has never been more crucial, or more challenging.
Gone are the days when we simply worried about screen time limits. Todayβs parents must address everything from AI-assisted homework to the growing threat of deepfake cyberbullying. The technology shaping our kidsβ lives isnβt just about phones and social media anymoreβitβs about preparing them for a world where artificial intelligence is reshaping how they learn, communicate, and express themselves.
Recent research from the Pew Research Center shows that 26% of students aged 13-17 are using ChatGPT to help with their assignments, double the number from 2023. Meanwhile, surveys reveal that between 40 and 50 percent of students are aware of deepfakes being circulated at school. These statistics underscore a reality many parents arenβt prepared for: our children are already immersed in an AI-powered world, whether weβve given them permission or not.
The key to successful digital parenting in 2025 isnβt necessarily about banning technologyβitβs about having intentional, educational conversations that prepare our children to use these powerful tools responsibly. We need to acknowledge that technology is here to stay, so the best thing we can do is accept itβs here, educate our kids on how to use it safely, and introduce boundaries and rules to help keep them protected.
For any pledge to be effective, lasting, and conflict-free, we need to shift the focus from simply setting rules to creating an open, constructive dialogue that helps all family members use technology in healthy ways. The most successful technology pledges are created collaboratively, not decided without collaboration. This ensures everyone feels included and that the guidelines reflect your familyβs unique needs and values.
The most important consideration in tailoring a pledge to your kidsβ ages and maturity levels, and to your familyβs schedule. Thereβs no point making pledges that donβt reflect your childrenβs actual technology use or your familyβs realistic expectations. Remember, this is about starting conversations and creating a framework for ongoing dialogue, not a rigid set of rules thatβs destined to fail.
One of the biggest changes in recent years is the need to address AI tools like ChatGPT, Claude, and other learning platforms. Rather than trying to catch assignments written by AI, many schools are now launching programs that include AI Learning Modes, recognizing that these tools can be valuable when used appropriately.
The benefits of AI assistance in education are significant and shouldnβt be ignored. AI can serve as a personalized tutor, explaining complex concepts in multiple ways until a student understands. It can help students with learning differences access the curriculum more effectively, and students working in a second language can use these tools to level the playing field. When used properly, AI can enhance critical thinking by helping students explore different perspectives on topics and organizing their thoughts more clearly.
However, the risks of over-reliance on AI are equally real and concerning. New research has shown that overreliance on AI might erode our ability to think critically, and critical thinking skills are essential for success in the real world. Students may become dependent on AI for basic problem-solving, missing opportunities to develop their own analytical skills and unique voice. Academic integrity concerns arise when AI does the work instead of supporting learning, potentially undermining the entire educational process.
Your family technology pledge should address these nuances.. Children should understand that they will use AI tools to enhance their learning, not replace it. This means always disclosing when theyβve used AI assistance on assignments, using AI to explain concepts they donβt understand while still working through problems themselves, and never submitting AI-generated work as their own original thinking. They should learn to ask AI to help with organizing thoughts, not creating them, and use AI to check their work for errors while ensuring the ideas and solutions remain their own.
The rise of AI-generated content has created unprecedented risks for students, particularly regarding deepfake technology. Research shows that girls are most often targeted by deepfake images, and for victims, the emotional and psychological impact can be severe and long-lasting. Whatβs particularly alarming is that one photo posted online is all thatβs needed to create a deepfake, making this a potential risk for every student.
Parents should help their children become mindful of what photos they share on social media, understanding that any image could potentially be misused. Children must understand that they should never participate in group chats or conversations where deepfakes are being shared, even passively. They need to recognize that creating deepfakes of others, even as a βjoke,β can cause serious psychological harm and that possession of manipulated sexual imagery involving minors is illegal.
Creating a family technology pledge isnβt about limiting your childβs potentialβitβs about empowering them to navigate an increasingly complex digital world safely and ethically. The emergence of AI tools and deepfakes is forcing families to have important conversations about ethics, empathy, and responsibility that previous generations never had to consider.
The goal isnβt to create a perfect document that anticipates every possible scenario. Instead, itβs to establish a foundation for ongoing dialogue about how technology can enhance rather than detract from your familyβs values and your childβs growth into a thoughtful, responsible digital citizen. To help parents and guardians start discussions, weβve created a first draft Technology Pledge that you can use to start a discussion with your family. Click here to download McAfeeβs Technology Pledge
The digital landscape will continue to evolve, but the fundamental principles of kindness, honesty, and critical thinking remain constant. By creating a thoughtful technology pledge and maintaining open dialogue about digital challenges, youβre giving your child the tools they need to thrive in whatever technological environment they encounter. Start the conversation today. Your childβs digital future depends on it.
The post How to Create a Family Technology Pledge appeared first on McAfee Blog.
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Googleβs CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to experts who track daily spam volumes worldwide, WinRedβs messages are getting blocked more because its methods of blasting email are increasingly way more spammy than that of ActBlue, the fundraising platform for Democrats.
Image: nypost.com
On Aug. 13, The New York Post ran an βexclusiveβ story titled, βGoogle caught flagging GOP fundraiser emails as βsuspiciousβ β sending them directly to spam.β The story cited a memo from Targeted Victory β whose clients include the National Republican Senatorial Committee (NRSC), Rep. Steve Scalise and Sen. Marsha Blackburn β which said it observed that the βserious and troublingβ trend was still going on as recently as June and July of this year.
βIf Gmail is allowed to quietly suppress WinRed links while giving ActBlue a free pass, it will continue to tilt the playing field in ways that voters never see, but campaigns will feel every single day,β the memo reportedly said.
In an August 28 letter to Google CEO Sundar Pichai, FTC Chairman Andrew Ferguson cited the New York Post story and warned that Gmailβs parent Alphabet may be engaging in unfair or deceptive practices.
βAlphabetβs alleged partisan treatment of comparable messages or messengers in Gmail to achieve political objectives may violate both of these prohibitions under the FTC Act,β Ferguson wrote. βAnd the partisan treatment may cause harm to consumers.β
However, the situation looks very different when you ask spam experts whatβs going on with WinRedβs recent messaging campaigns. Atro Tossavainen and Pekka Jalonen are co-founders at Koli-LΓ΅ks OΓ, an email intelligence company in Estonia. Koli-LΓ΅ks taps into real-time intelligence about daily spam volumes by monitoring large numbers of βspamtrapsβ β email addresses that are intentionally set up to catch unsolicited emails.
Spamtraps are generally not used for communication or account creation, but instead are created to identify senders exhibiting spammy behavior, such as scraping the Internet for email addresses or buying unmanaged distribution lists. As an email sender, blasting these spamtraps over and over with unsolicited email is the fastest way to ruin your domainβs reputation online. Such activity also virtually ensures that more of your messages are going to start getting listed on spam blocklists that are broadly shared within the global anti-abuse community.
Tossavainen told KrebsOnSecurity that WinRedβs emails hit its spamtraps in the .com, .net, and .org space far more frequently than do fundraising emails sent by ActBlue. Koli-LΓ΅ks published a graph of the stark disparity in spamtrap activity for WinRed versus ActBlue, showing a nearly fourfold increase in spamtrap hits from WinRed emails in the final week of July 2025.
Image: Koliloks.eu
βMany of our spamtraps are in repurposed legacy-TLD domains (.com, .org, .net) and therefore could be understood to have been involved with a U.S. entity in their pre-zombie life,β Tossavainen explained in the LinkedIn post.
Raymond Dijkxhoorn is the CEO and a founding member of SURBL, a widely-used blocklist that flags domains and IP addresses known to be used in unsolicited messages, phishing and malware distribution. Dijkxhoorn said their spamtrap data mirrors that of Koli-LΓ΅ks, and shows that WinRed has consistently been far more aggressive in sending email than ActBlue.
Dijkxhoorn said the fact that WinRedβs emails so often end up dinging the organizationβs sender reputation is not a content issue but rather a technical one.
βOn our end we donβt really care if the content is political or trying to sell viagra or penis enlargements,β Dijkxhoorn said. βItβs the mechanics, they should not end up in spamtraps. And thatβs the reason the domain reputation is tempered. Not βbecause domain reputation firms have a political agenda.β We really donβt care about the political situation anywhere. The same as we donβt mind people buying penis enlargements. But when either of those land in spamtraps it will impact sending experience.β
The FTC letter to Googleβs CEO also referenced a debunked 2022 study (PDF) by political consultants who found Google caught more Republican emails in spam filters. Techdirt editor Mike Masnick notes that while the 2022 study also found that other email providers caught more Democratic emails as spam, βRepublicans laser-focused on Gmail because it fit their victimization narrative better.β
Masnick said GOP lawmakers then filed both lawsuits and complaints with the Federal Election Commission (both of which failed easily), claiming this was somehow an βin-kind contributionβ to Democrats.
βThis is political posturing designed to keep the White House happy by appearing to βdo somethingβ about conservative claims of βcensorship,'β Masnick wrote of the FTC letter. βThe FTC has never policed βpolitical biasβ in private companiesβ editorial decisions, and for good reasonβthe First Amendment prohibits exactly this kind of government interference.β
WinRed did not respond to a request for comment.
The WinRed website says it is an online fundraising platform supported by a united front of the Trump campaign, the Republican National Committee (RNC), the NRSC,Β and the National Republican Congressional Committee (NRCC).
WinRed has recently come under fire for aggressive fundraising via text message as well. In June, 404 Media reported on a lawsuit filed by a family in Utah against the RNC for allegedly bombarding their mobile phones with text messages seeking donations after theyβd tried to unsubscribe from the missives dozens of times.
One of the family members said they received 27 such messages from 25 numbers, even after sending 20 stop requests. The plaintiffs in that case allege the texts from WinRed and the RNC βknowingly disregard stop requests and purposefully use different phone numbers to make it impossible to block new messages.β
Dijkxhoorn said WinRed did inquire recently about why some of its assets had been marked as a risk by SURBL, but he said they appeared to have zero interest in investigating the likely causes he offered in reply.
βThey only replied with, βYou are interfering with U.S. elections,'β Dijkxhoorn said, noting that many of SURBLβs spamtrap domains are only publicly listed in the registration records for random domain names.
βTheyβre at best harvested by themselves but more likely [they] just went and bought lists,β he said. βItβs not like βOh Google is filtering this and not the other,β the reason isnβt the provider. The reason is the fundraising spammers and the lists they send to.β
Article tags
interview It all started as an idea for a research paper.Β β¦
A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions spread by tricking users into pasting malicious commands through a technique called ClickFix, which uses fake fixes and login prompts.β¦
A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.β¦
Bypassing TLS certificate verification in 5 major TLS libraries with a LD_PRELOAD lib.
FreshRSS