DOGE is hacking America
In a post on Foreign Policy, security technologists Bruce Schneier and Davi Ottenheimer warn that The Department of Government Efficiency (DOGE), which accessed critical U.S. government systems, including the Treasury and personnel databases, compromising sensitive data and dismantling security protocols, may be the most consequential security breach in US history. Despite a block from a federal judge on Feb. 8th against the DOGE team from accessing the Treasury Department systems any further, questions remain about what damage has been done in various government departments, like introducing severe national security risks and potential vulnerabilities to foreign adversaries. Schneier warns immediate actions are needed to revoke access, restore monitoring, and audit all changes to secure the compromised systems.
Report claims ad-tech company is powering surveillance of US military personnel
WIRED and 404 Media jointly report Lithuanian ad-tech company Eskimi allegedly was the source of sensitive location data on U.S. military personnel overseas, which was sold by Florida-based data broker Datastream Group. Eskimi denies the allegations. The data included precise coordinates from devices at U.S. military sites in Germany and was collected through SDKs in mobile apps. U.S. Senator Ron Wyden’s office raised national security concerns, contacting Eskimi, Lithuania’s Data Protection Authority, and Google, which listed Eskimi as an Authorized Buyer. The Lithuanian DPA is assessing the situation, and Eskimi could face penalties under GDPR if found in violation.
Update: WIRED updated their coverage with the following clarification: In an email following publication, Eskimi denied that it engages in data broker activity and refuted Datastream’s claim to Wyden’s office that it was the source of the data obtained by the reporting collective. We have updated the article, including the headline, to account for Eskimi’s claims.
(Wired)
Apple and Google take down malicious mobile apps from their app stores
In a followup from our reporting last week, Apple and Google both removed 20 apps from their app stores after security researchers at Kaspersky discovered they contained malware called SparkCat since March 2024. The malware has been downloaded over 242,000 times, used optical character recognition to scan image galleries for cryptocurrency wallet recovery phrases and other personal information. Google banned the developers and confirmed that its Play Protect feature safeguarded users from known malware versions. Apple did not comment.
U.S. adversaries increasingly turning to cybercriminals and their malware for help
According to a Google Threat Intelligence Group report, adversarial governments are increasingly leveraging cybercriminals and their tools to advance cyber-espionage goals, fueled by resource constraints and the operational demands of conflicts like the war in Ukraine. This trend is also observed in China, Iran, and North Korea, where state-sponsored hackers utilize malware and techniques commonly associated with cybercriminals to enhance deniability and cost-efficiency. Google and other cybersecurity firms warn that this growing overlap between state actors and cybercriminals poses a significant national security threat worldwide.
Huge thanks to our sponsor, Vanta
We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks.
But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI.
Now that’s…a new way to GRC. Get started at Vanta.com/headlines
New LiDAR system can ID a face a kilometer away
Scientists from Heriot-Watt University, NASA’s Jet Propulsion Lab, MIT, and the University of Glasgow have created a superconducting LiDAR system that captures ultra-detailed 3D data from up to one kilometer away. Using a superconducting nanowire single-photon detector (SNSPD), it traces single photons with 13-picosecond accuracy and sees through fog and smoke. It’s at least ten times better at image resolution than existing systems, even in daylight. There is a catch- it needs to be cooled to minus 272°C, though the team says they developed a compact cryocooler to solve that.
Trump taps RNC executive as national cyber director
Trump is nominating Sean Cairncross, the RNC’s chief operating officer, as his national cyber director. If confirmed, Cairncross would play a key role in shaping the administration’s cyber policy. This would be the first major cybersecurity nomination of Trump’s administration. The Office of the National Cyber Director was established right before former president Biden took office and advises the president on cybersecurity matters. Cairncross has no known cybersecurity experience but has held various roles in the first Trump administration. His nomination requires Senate confirmation.
(Axios)
Romance Scams Cost Americans $697.3M Last Year
A new report from Comparitech reveals that nearly 59,000 Americans lost about $697.3 million to romance scams in 2024. Although cases dropped by 6% from 2023, financial losses remain high. Arizona had the highest rate of scams per capita, while California led in total losses with $104.8 million from 6,687 cases. Scammers are increasingly using cryptocurrency and “double-barreled” scams—posing as romantic partners before pushing fake crypto investments. Comparitech estimates total financial damage from romance scams could exceed $535 billion.
Nametag secure onboarding and ID verification bars entry to IT plants
Seattle-based Nametag has launched VerifiedHire, an identity verification and deepfake defense tool to combat North Korean espionage in U.S. and global enterprises. The company says North Korean operatives have infiltrated remote IT jobs through front companies, generating over $88 million to fund the regime. VerifiedHire uses automated identity verification to secure employee onboarding and prevent contractor fraud. It integrates with IAM providers like Okta and Microsoft Entra, offering customizable workflows that save time and costs for IT and HR departments.
Google fixes flaw that could unmask YouTube users’ email addresses
Google fixed two vulnerabilities that could expose YouTube users’ email addresses, posing a big privacy risk for creators who wish to remain anonymous. The flaws were discovered by security researchers Brutecat and Nathan, and involved leaking Gaia IDs through YouTube’s live chat API and converting them into email addresses using Pixel Recorder’s sharing feature. The issues impacted multiple Google services were first disclosed last September, and patched on February 9. Google awarded the researchers a $10,633 bounty and confirmed no evidence of exploitation.