News - IT and Cybersecurity Insights

Must-Read

Technology

News

Tips

AI is dangerous for teens

August 28, 2025

•

20 min read

AI is dangerous for teens

Teen Suicide Sparks Lawsuit Against OpenAI Over ChatGPT Conversations

The family of 16-year-old Adam Raine has filed a wrongful death lawsuit against OpenAI, alleging that its chatbot, ChatGPT, acted as a “suicide coach” in the days leading up to their son’s death in April 2025.

According to the suit, Adam used the AI tool to discuss his anxiety, express suicidal thoughts, and explore methods of self-harm. The chatbot reportedly failed to trigger any emergency protocol or escalate the conversation, despite Adam’s repeated mentions of suicidal intent. In some exchanges, the bot allegedly analyzed a suicide plan and even offered suggestions to “upgrade” it.

The 40-page suit, filed in California Superior Court, names OpenAI and its CEO, Sam Altman, as defendants. It claims negligence, design flaws, and lack of safety warnings.

OpenAI responded that it is “deeply saddened” by Adam’s death and said it has implemented new safeguards to prevent similar incidents, including discouraging harmful advice and improving access to emergency services.

This case joins broader debates about AI’s role in mental health and whether platforms like ChatGPT should be held liable for harm caused by AI-generated content. Section 230, which protects tech platforms from liability for user content, may be tested in court as legal experts explore how it applies to AI interactions.

The lawsuit follows a similar complaint involving Character.AI and highlights growing concerns about how generative AI handles mental health queries, especially from minors.

Technology

News

Cybersecurity

Tips

Small Targets, Big Payouts

August 28, 2025

•

20 min read

Small Targets, Big Payouts

Ransomware isn’t “an enterprise problem” — it’s an SMB crisis. Verizon’s 2025 DBIR SMB Snapshot shows ransomware is present in 88% of SMB breaches (vs. 39% in large orgs). Exploited vulnerabilities jumped as an initial access vector to 20%, driven by attacks on edge devices and VPNs; median patch time was 32 days with only 54% fully remediated. Third-party involvement in breaches doubled to 30%, and the human element still appears in ~60% of cases.

What this means for SMBs

Backups + RPO/RTO: Treat ransomware as inevitable, not hypothetical. Test restores quarterly.
Patch edge first: Prioritize firewalls, VPNs, WAFs, and file-sharing appliances. Aim for <7-day SLAs on critical CVEs.
MFA hardening: Stop prompt-bombing with number-matching, device-bound passkeys, and phishing-resistant FIDO2 keys.
3rd-party exposure: Vendor risk isn’t paperwork—enforce SSO, least privilege, and access termination timelines.
BYOD & infostealers: 46% of compromised systems with corporate logins were non-managed. Require MDM or deny access.

Quick wins we implement for clients

Edge patch sprint: 14-day remediation blitz on perimeter devices; continuous vuln scanning thereafter.
Ransomware kill-chain controls: Application allow-listing, EDR with isolation playbooks, immutable backups, and least-privilege admin.
Email/BEC guardrails: DMARC aligned, supplier-bank-change verification, and auto-quarantine of payment-related pretexts.
Vendor access hygiene: Just-in-time accounts, session recording for privileged work, and quarterly access attestations.
GenAI data-leak controls: Block unsanctioned AI tools; route approved use through SSO with DLP. (15% of employees accessed GenAI on corporate devices; many used non-corp identities.)

Why it matters to you (SMBs, healthcare, law firms, schools)

SMBs: Attackers scale demands to your size; downtime hurts revenue immediately.
Healthcare: Availability is patient safety—DDoS and ransomware directly impact care delivery.
Law firms: Client trust + privilege hinge on email integrity and vendor access hygiene.
Schools: Shared devices and BYOD widen the infostealer blast radius; protect staff and student data.

Our offer

Gigabit Systems will run a DBIR-aligned security tune-up: perimeter scan, backup resilience test, vendor-access review, and a 30-day hardening plan with clear, budget-fit priorities.

70% of all cyber attacks target small businesses, I can help protect yours.

#MSP #cybersecurity #managedIT #SMB #ransomware

Cybersecurity

Technology

Must-Read

Unsolicited Packages, Hidden Threats

August 27, 2025

•

20 min read

Unsolicited Packages, Hidden Threats: Brushing Scams Evolve Into Weaponized Attacks

An increasingly disturbing form of cybercrime is gaining traction across the U.S., merging the old-world tactic of unsolicited “brushing” packages with modern digital deception.

Once considered a quirky annoyance, brushing scams involved merchants sending low-value items—rubber chickens, novelty toys, knock-off electronics—to strangers in order to falsely inflate online reviews. The packages often arrived with the recipient’s name, address, and even phone number, despite no order being placed. While strange, these incidents were generally considered harmless.

That’s no longer the case.

Recent reports from the FBI and the U.S. Postal Service now warn of a darker evolution of the tactic. A growing number of these packages include QR codes—innocuous on the surface but weaponized beneath.

How It Works:

Recipients receive an unexpected package with their correct contact information.
A QR code is included—printed on an insert, stickered to the item, or part of a fake warranty or survey offer.
Once scanned, the QR code leads to:
- Phishing sites designed to harvest personal credentials and banking data
- Malware payloads that infect mobile devices and exfiltrate data silently
- Surveys or contests that act as social engineering traps to gather sensitive information

Security experts say this marks a significant evolution in hybrid attacks—where physical social engineering intersects with digital exploitation. It also raises deeper concerns about how easily threat actors can access or purchase consumer information from data brokers, enabling them to create extremely believable delivery scams.

What You Should Do:

Never scan QR codes from unknown or unsolicited packages.
Report suspicious deliveries to the USPS Inspector General or your local law enforcement.
Monitor your credit and bank accounts if you believe your information may have been compromised.
Consider placing a freeze on your credit file with major bureaus if strange deliveries continue.

Law enforcement officials are still investigating the origin of these campaigns, with some believed to be linked to state-sponsored or international cybercrime rings.

This is no longer about free merchandise. It’s about infiltration, exploitation, and deception—delivered in an Amazon-sized box.

The real question is:

When that next package arrives… will you scan it?

Science

Cybersecurity

First AI-Powered Ransomware “PromptLock” Discovered Using Local Large Language Model

August 27, 2025

•

20 min read

First AI-Powered Ransomware “PromptLock” Discovered Using Local Large Language Model

researchers have identified what they describe as the first known ransomware to incorporate generative AI technology. The malware, named PromptLock, utilizes a local instance of a large language model (LLM) to generate scripts that change behavior dynamically—making detection and mitigation significantly more difficult.

How It Works:

Local AI Execution: PromptLock uses the gpt-oss:20b model from OpenAI, running locally via the Ollama API, which prevents detection through external API tracking.
Dynamic Script Generation: The ransomware employs Lua scripts, generated in real-time based on hard-coded prompts. These scripts perform a variety of tasks across Windows, macOS, and Linux environments.
Ransomware Capabilities:
- Scans and enumerates the local file system
- Exfiltrates selected files
- Encrypts files based on specific criteria
- (Destructive functionality is mentioned but not yet implemented)

Why Lua?

Although Lua is commonly associated with gaming platforms and lightweight plugins, its general-purpose capabilities make it useful for cross-platform ransomware operations. It also allows for “non-deterministic” script behavior—meaning scripts can differ each time they are generated, even with the same input. This makes heuristic-based detection more challenging.

Evasion Tactics:

By generating scripts on the fly using a local LLM, PromptLock avoids leaving behind consistent signatures. Traditional endpoint protection tools like Microsoft Defender may have difficulty recognizing it due to the unique code variation in each instance.

Implications:

The use of local AI for malicious code generation marks a new phase in cyber threats. It may complicate conventional defense strategies that rely on pattern recognition and centralized threat intelligence.

Technology

Cybersecurity

Must-Read

U.S. Treasury Proposes Built-In ID Checks for DeFi Smart Contracts

August 25, 2025

•

20 min read

🚨 U.S. Treasury Proposes Built-In ID Checks for DeFi Smart Contracts

As part of the recently passed GENIUS Act, the U.S. Treasury is evaluating whether identity verification tools should be embedded directly into decentralized finance (DeFi) protocols.

The proposal under review would allow DeFi platforms to automatically verify a user’s government ID, biometric credential, or digital wallet certificate before processing a transaction.

Supporters say this approach could:

✔️ Help prevent illicit activity

✔️ Streamline regulatory compliance

✔️ Provide real-time monitoring to detect suspicious behavior

Critics raise concerns about:

⚠️ User privacy and surveillance

⚠️ Potential exclusion of unbanked or undocumented individuals

⚠️ Centralized control in traditionally permissionless systems

Alternative solutions under discussion include:

🔹 Zero-knowledge proofs (ZKPs)

🔹 Decentralized identity (DID) frameworks

These tools aim to verify user eligibility without revealing full identity.

The Treasury’s consultation is ongoing, and final guidance is still pending.

What would built-in ID checks mean for DeFi platforms, users, and innovation in the space?

How should privacy, compliance, and inclusion be balanced in a decentralized ecosystem?

Cybersecurity

Must-Read

Technology

When Your Password Manager Becomes a Backdoor.

August 25, 2025

•

20 min read

🛑 When Your Password Manager Becomes a Backdoor

40 Million Users Exposed by a Single Click

Password managers are supposed to be your digital vault. But what happens when that vault has an invisible backdoor?

Security researchers just uncovered a critical DOM-based vulnerability affecting 11 major password managers — and an estimated 40 million users are currently at risk.

The Password Managers Affected:

1Password
Bitwarden
Dashlane
Enpass
iCloud Passwords
Keeper
LastPass
LogMeOnce
NordPass
ProtonPass
RoboForm

These aren’t fringe products. These are industry leaders, and most of them haven’t patched the flaw yet.

How the Attack Works

The vulnerability stems from a clickjacking exploit using invisible elements on fake websites. It works like this:

You visit a realistic-looking site (spoofed login page, news article, etc.)
A hidden login form triggers your password manager
The manager auto-fills credentials without you knowing
The attacker captures the data and walks away with your passwords, credit cards, and sensitive info

No warnings. No alerts. Just one fake click—and your vault is compromised.

What SMBs, Law Firms, Healthcare, and Schools Should Do

Your organization probably relies on one of these tools. If you’re not proactively managing risk, you may already be exposed.

✅ Disable auto-fill by default; switch to “on-click” mode in browser extensions

✅ Train users to avoid clicking unknown links, even if they look real

✅ Audit browser extensions across your entire organization

✅ Use browser isolation tools to contain risky sites

✅ Monitor for unusual access attempts to password managers and shared credentials

Bottom Line

Password managers are still essential. But they’re not set-it-and-forget-it tools. Like any piece of software, they require ongoing vigilance and smart usage.

The attackers didn’t crack your vault—they just tricked the butler into opening it.

70% of all cyber attacks target small businesses, I can help protect yours.

Technology

Cybersecurity

Tips

Must-Read

Who’s On Your Wi-Fi? You Might Be Surprised.

August 24, 2025

•

20 min read

Who’s On Your Wi-Fi? You Might Be Surprised.

You can’t secure what you can’t see.

And right now, your Wi-Fi might be hosting more than just your devices.

Why This Matters:

Whether at home or in the office, most people have no idea how many devices are actually connected to their network. Smart TVs, printers, phones, tablets, cameras, Alexa speakers—and then maybe a rogue device from next door.

But here’s the problem:

📡 Not every device is friendly.

👀 Some might be spying on you.

💳 Some could be stealing data—banking logins, personal messages, even business files.

Wi-Fi Is the Front Door to Your Digital Life

And too many people are leaving it unlocked:

No device inventory or monitoring
Weak or default router passwords
No network segmentation
No intrusion alerts or blocking capabilities

Whether you’re managing a family of 5 or an office of 50, knowing who’s on your network is non-negotiable.

What You Can Do Today:

✅ Use a firewall or enterprise-grade router with real-time monitoring

✅ Regularly audit all connected devices

✅ Block unfamiliar devices immediately

✅ Use WPA3 encryption and a strong, unique password

✅ Segment guest devices from your core network

✅ Hire a cybersecurity pro to monitor and respond to threats

Wi-Fi security isn’t optional anymore.

It’s your first—and often only—line of defense.

70% of all cyber attacks target small businesses, I can help protect yours.

#WiFiSecurity #CyberAwareness #SmallBusinessIT #ManagedServices #NetworkSecurity

Mobile-Arena

Tips

Cybersecurity

Technology

YOU NEED TO UPDATE ALL OF YOUR DEVICES RIGHT NOW

August 23, 2025

•

20 min read

YOU NEED TO UPDATE ALL OF YOUR DEVICES RIGHT NOW

🍎 An Apple a Day… Doesn’t Fix Zero-Day Bugs

The latest iOS 18.6.2 update addresses a serious vulnerability in ImageIO, Apple’s image processing framework. This means a simple image—yes, just a picture—could be the entry point for a full-scale attack on your device.

Why this matters for SMBs, law firms, healthcare, and schools:

This isn’t some theoretical cybercrime. It’s real, it’s targeted, and it’s effective.

Attackers have used this exploit against:

Government officials
Journalists
Human rights advocates
And potentially… your organization next

If your business handles sensitive data—like patient records, legal files, or student information—this exploit could compromise it all through a single image.

What should you do now?

Update all Apple devices immediately (iPhones, iPads, Macs)
Enable automatic updates organization-wide
Review endpoint protection to detect image-based exploits
Consider MDM (Mobile Device Management) for visibility and control

Even if you’re using Android, don’t relax—turn on auto-updates and ensure you’re on the latest software version. This isn’t about Apple vs. Android. It’s about staying vigilant.

What this means going forward:

Cybersecurity isn’t just about blocking phishing links and malware anymore. Threat actors are getting more creative, exploiting features we take for granted—like how a phone processes images.

Staying safe requires layered defenses, regular updates, and a zero-trust mindset. In 2025, patching isn’t optional—it’s operational survival.

70% of all cyber attacks target small businesses, I can help protect yours.

Science

Technology

Cybersecurity

Tips

News

The New Key Fob Exploit Every Driver Should Know

August 22, 2025

•

20 min read

🔓 One Click, Many Break-Ins: The New Key Fob Exploit Every Driver Should Know

Flipper Zero just made car hacking modular—and millions of vehicles are now vulnerable

Car manufacturers once thought rolling code encryption was unbreakable.

Not anymore.

A new exploit using the Flipper Zero has shattered that illusion—capturing just one key fob signal is now enough to unlock and control a car repeatedly.

How the Attack Works

🚗 Rolling codes are supposed to protect keyless entry by generating a new one-time-use code with each press.

📡 But with a custom Flipper Zero mod, attackers can:

Capture a single unlock signal
Reverse-engineer future rolling codes
Unlock, relock, and pop the trunk—on demand

This is a modern twist on the 2022 RollBack attack, except now it’s:

💻 Easier to use
🔁 Repeatable
💰 Being sold online for $1,000 or less

And yes—that price is dropping fast.

Why This Is a Game-Changer

This isn’t just about high-end vehicles anymore.

🚘 Everyday cars with remote keyless entry are now targets.
📉 Car owners and dealerships may not even know they’ve been compromised.
🔐 Security through obscurity no longer works—if it ever did.

Modern vehicles now face signal replay attacks from pocket-sized devices.

This isn’t science fiction. It’s a product listing.

What You Can Do

Whether you’re an auto dealer, fleet manager, security firm, or just a cautious driver, here are a few smart moves:

Store key fobs in Faraday pouches to block passive signal capture.
Update firmware—some manufacturers may issue patches (if their systems support it).
Harden physical access policies—especially in valet, rental, and fleet settings.
Stay informed—threat actors evolve fast, and so must your defenses.

Bigger Picture

As wireless convenience spreads, so does wireless risk.

The commoditization of exploits like this will reshape how we think about trust in physical security—not just for cars, but for everything with a signal.

70% of all cyber attacks target small businesses. I can help protect yours.