Privacy Praavu
@privacypraavu.bsky.social
Data privacy, cybersecurity, and IP attorney. Opinions my own and not legal counsel.
Who would have guessed a company named “Illusory” would make serious misrepresentations about its practices and capabilities?
📌 FTC Takes Action Against Illusory Systems for Lax Security Leading to $186 Million Breach https://www.cyberhub.blog/article/17057-ftc-takes-action-against-illusory-systems-for-lax-security-leading-to-186-million-breach
FTC Takes Action Against Illusory Systems for Lax Security Leading to $186 Million Breach
On December 17, 2025, the Federal Trade Commission (FTC) announced an enforcement action against Illusory Systems, Inc. for insufficient security measures that led to a major data breach. According to the FTC complaint, the company's negligence allowed threat actors to steal approximately $186 million from consumers. The complaint highlights the absence of adequate protections but does not specify the technical vulnerabilities exploited or the methods of attack used by the threat actors. Additionally, there is no mention of third-party subcontractors being involved, nor are there details on the specific systems affected or the security standards that were not met. This incident underscores the critical importance of robust cybersecurity measures and the potential financial impact of security failures. The lack of specific technical details in the complaint makes it challenging to draw precise conclusions about the nature of the vulnerabilities or the attack vector. However, the case serves as a stark reminder of the regulatory and financial risks associated with inadequate cybersecurity practices. For cybersecurity professionals, this incident highlights the need for comprehensive security assessments and the implementation of industry-standard protections. It also underscores the importance of transparency in breach disclosures, as detailed technical information can help the broader security community understand and mitigate similar risks. Given the lack of specific technical details in the available information, it is crucial for organizations to stay vigilant and ensure that their security measures are up-to-date and effective against a wide range of potential threats.
www.cyberhub.blog
January 2, 2026 at 5:04 PM
Who would have guessed a company named “Illusory” would make serious misrepresentations about its practices and capabilities?
Reposted by Privacy Praavu
The SEC just let SolarWinds off the hook for allegedly hiding vulnerabilities that were exploited in a major 2020 hack: www.reuters.com/legal/govern...
Read @kimzetter.bsky.social's deep dive for @wired.com on the SolarWinds breach here: www.wired.com/story/the-un...
Read @kimzetter.bsky.social's deep dive for @wired.com on the SolarWinds breach here: www.wired.com/story/the-un...
The Untold Story of the Boldest Supply-Chain Hack Ever
The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation.
www.wired.com
November 20, 2025 at 10:30 PM
The SEC just let SolarWinds off the hook for allegedly hiding vulnerabilities that were exploited in a major 2020 hack: www.reuters.com/legal/govern...
Read @kimzetter.bsky.social's deep dive for @wired.com on the SolarWinds breach here: www.wired.com/story/the-un...
Read @kimzetter.bsky.social's deep dive for @wired.com on the SolarWinds breach here: www.wired.com/story/the-un...
Reposted by Privacy Praavu
TRANSITION CO-CHAIR LINA KHAN!?!?!??!
November 5, 2025 at 4:38 PM
TRANSITION CO-CHAIR LINA KHAN!?!?!??!
US Army advises soldiers deployed in Germany to go to German food banks due to US gov’t shutdown
tinyurl.com/59rydpy4
tinyurl.com/59rydpy4
tinyurl.com
November 5, 2025 at 2:27 PM
US Army advises soldiers deployed in Germany to go to German food banks due to US gov’t shutdown
tinyurl.com/59rydpy4
tinyurl.com/59rydpy4
Reposted by Privacy Praavu
UPDATE: DOJ Ethic director Tirrell posts his termination letter on LinkedIn. Says his oath “did not come with the caveat that I need only support the Constitution when it is easy or convenient.”
July 14, 2025 at 12:43 PM
UPDATE: DOJ Ethic director Tirrell posts his termination letter on LinkedIn. Says his oath “did not come with the caveat that I need only support the Constitution when it is easy or convenient.”
Reposted by Privacy Praavu
Circa 2018, as the FBI was working on the El Chapo case, the Sinaloa cartel hired a hacker to track the movements of a senior FBI official around Mexico City, a newly released DOJ audit says. The cartel then user the info to kill potential FBI informants: www.cnn.com/2025/06/28/p...
Mexican drug cartel used hacker to track FBI official, then killed potential FBI informants, government audit says | CNN Politics
The stunning new details offer a rare look at how technology can be exploited in the high-stakes battle between US law enforcement and the violent Mexican cartels that control illicit drug trade.
www.cnn.com
June 28, 2025 at 8:05 PM
Circa 2018, as the FBI was working on the El Chapo case, the Sinaloa cartel hired a hacker to track the movements of a senior FBI official around Mexico City, a newly released DOJ audit says. The cartel then user the info to kill potential FBI informants: www.cnn.com/2025/06/28/p...
Reposted by Privacy Praavu
Check Point discovered malware that embedded AI prompt injections in its code to evade detection by AI-based malware scanners.
The malware tried to order the AI scanner to "ignore all previous instructions" and return a "no malware detected" result.
research.checkpoint.com/2025/ai-evas...
The malware tried to order the AI scanner to "ignore all previous instructions" and return a "no malware detected" result.
research.checkpoint.com/2025/ai-evas...
New Malware Embeds Prompt Injection to Evade AI Detection - Check Point Research
Detected for the first time, malware attempts AI evasion by injecting a prompt to tell the LLM to label the file as benign
research.checkpoint.com
June 25, 2025 at 11:27 PM
Check Point discovered malware that embedded AI prompt injections in its code to evade detection by AI-based malware scanners.
The malware tried to order the AI scanner to "ignore all previous instructions" and return a "no malware detected" result.
research.checkpoint.com/2025/ai-evas...
The malware tried to order the AI scanner to "ignore all previous instructions" and return a "no malware detected" result.
research.checkpoint.com/2025/ai-evas...
Reposted by Privacy Praavu
The SEC has withdrawn its proposed Biden-era cybersecurity regulations for investment advisers and securities market participants: www.sec.gov/rules-regula... www.sec.gov/rules-regula...
June 13, 2025 at 9:00 PM
The SEC has withdrawn its proposed Biden-era cybersecurity regulations for investment advisers and securities market participants: www.sec.gov/rules-regula... www.sec.gov/rules-regula...
Reposted by Privacy Praavu
The #DHS won’t tell Congress how many employees at the #CISA it has fired or pushed to leave, a top congressional Democrat said Wednesday. via @timstarks.bsky.social cyberscoop.com/dhs-wont-tel...
DHS won’t tell Congress how many people it’s cut from CISA
Rep. Bennie Thompson, D-Miss., leveled that charge at DHS Secretary Kristi Noem at a hearing Wednesday.
cyberscoop.com
May 14, 2025 at 6:49 PM
The #DHS won’t tell Congress how many employees at the #CISA it has fired or pushed to leave, a top congressional Democrat said Wednesday. via @timstarks.bsky.social cyberscoop.com/dhs-wont-tel...
Reposted by Privacy Praavu
Whether it’s Barack Obama wearing a tan suit to a press conference or Donald Trump running a multi-billion dollar crypto scam from the White House, both men tested the limits of presidential propriety.
May 15, 2025 at 2:36 AM
Whether it’s Barack Obama wearing a tan suit to a press conference or Donald Trump running a multi-billion dollar crypto scam from the White House, both men tested the limits of presidential propriety.
So when is this Olivia car thing actually coming out?
May 15, 2025 at 2:52 AM
So when is this Olivia car thing actually coming out?
Ensuring her place as a cautionary tale in various CLEs and ‘Lunch and Learns’ for years to come
NEW: Tulsi Gabbard, now the US director of national intelligence, used the same easily cracked password for different online accounts including a personal Gmail account and Dropbox over a period of years, leaked records reviewed by WIRED reveal.
Tulsi Gabbard Reused the Same Weak Password on Multiple Accounts for Years
Tulsi Gabbard, now the US director of national intelligence, used the same easily cracked password for different online accounts including a personal Gmail account and Dropbox over a period of years, ...
www.wired.com
May 6, 2025 at 9:54 PM
Ensuring her place as a cautionary tale in various CLEs and ‘Lunch and Learns’ for years to come
Reposted by Privacy Praavu
Trump tariffs on an actual ship that just brought "fish, sneakers, forklifts, latex medical gloves, car windshields, pasta, wheelchairs and bras" are 74% of the cargo's value.
It's okay. Nobody really needs a forklift or wheelchair. Lift from the knees.
Gift link:
www.bloomberg.com/graphics/202...
It's okay. Nobody really needs a forklift or wheelchair. Lift from the knees.
Gift link:
www.bloomberg.com/graphics/202...
May 6, 2025 at 4:37 PM
Trump tariffs on an actual ship that just brought "fish, sneakers, forklifts, latex medical gloves, car windshields, pasta, wheelchairs and bras" are 74% of the cargo's value.
It's okay. Nobody really needs a forklift or wheelchair. Lift from the knees.
Gift link:
www.bloomberg.com/graphics/202...
It's okay. Nobody really needs a forklift or wheelchair. Lift from the knees.
Gift link:
www.bloomberg.com/graphics/202...
The Latin phrase of the day is ‘ultra vires’
From foreign policy and tariffs to immigration changes and targeting of DEI, here's a look back at some of the major moves made in the past 100 days of President Trump's second administration.
In first 100 days, Trump tests limits, creates chaos and turns from allies
From foreign policy and tariffs to immigration changes and targeting of DEI, here's a look back at some of the major moves made in the past 100 days of President Trump's second administration.
www.npr.org
April 30, 2025 at 12:56 PM
The Latin phrase of the day is ‘ultra vires’
Reposted by Privacy Praavu
1. Clay Jackson, a Texas lawyer, provided basic legal advice to an immigrant family fearing deportation
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Fortune 500 company abruptly fires lawyer who helped immigrant family
On March 4, Clay Jackson, an attorney in the Dallas area, was at a gas station near his home when the attendant asked if he would help a local immigrant family.
popular.info
April 29, 2025 at 12:59 PM
1. Clay Jackson, a Texas lawyer, provided basic legal advice to an immigrant family fearing deportation
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Reposted by Privacy Praavu
Take a minute from your day and read this chilling story about how quickly we've gotten to where we are.
1. Clay Jackson, a Texas lawyer, provided basic legal advice to an immigrant family fearing deportation
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Then, two officers visited him at his home, accusing him of "obstructing an ongoing immigration investigation"
Then, after speaking publicly, he was fired from his job at a Fortune 500 company
Fortune 500 company abruptly fires lawyer who helped immigrant family
On March 4, Clay Jackson, an attorney in the Dallas area, was at a gas station near his home when the attendant asked if he would help a local immigrant family.
popular.info
April 29, 2025 at 2:32 PM
Take a minute from your day and read this chilling story about how quickly we've gotten to where we are.
Reposted by Privacy Praavu
"Make CISA great again."
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
Krebs: People should be ‘outraged’ at efforts to shrink federal cyber efforts
At the RSA Conference, former CISA chief Chris Krebs said recent efforts by China-linked hacking groups makes it more important than ever to grow the federal cyber workforce.
therecord.media
April 29, 2025 at 12:22 AM
"Make CISA great again."
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
@thekrebscycle.bsky.social uncorks at #RSAC
On @therecordmedia.bsky.social
therecord.media/krebs-outrag...
Reposted by Privacy Praavu
Jen Easterly speaks out on the cybersecurity industry’s silence as Trump goes after Krebs et al:
“If we allow the quiet dismissal of dedicated public servants in our community to pass without comment — we’re not defending national security; we’re compromising it.”
www.reuters.com/world/us/ex-...
“If we allow the quiet dismissal of dedicated public servants in our community to pass without comment — we’re not defending national security; we’re compromising it.”
www.reuters.com/world/us/ex-...
Ex-CISA boss says Trump actions risk 'dangerously degrading' US cyber defenses
U.S. President Donald Trump's purges and apparent acts of retribution aimed at top cyber officials put the nation's digital defenses at risk, the former head of the Cybersecurity and Infrastructure Security Agency (CISA) said in a post on Friday.
www.reuters.com
April 25, 2025 at 5:37 PM
Jen Easterly speaks out on the cybersecurity industry’s silence as Trump goes after Krebs et al:
“If we allow the quiet dismissal of dedicated public servants in our community to pass without comment — we’re not defending national security; we’re compromising it.”
www.reuters.com/world/us/ex-...
“If we allow the quiet dismissal of dedicated public servants in our community to pass without comment — we’re not defending national security; we’re compromising it.”
www.reuters.com/world/us/ex-...
Reposted by Privacy Praavu
Arresting Judge Dugan is a dangerous attack on our courts and a blatant abuse of power.
Trump is weaponizing the federal government and attacking the rule of law.
This is straight out of the authoritarian playbook.
Trump is weaponizing the federal government and attacking the rule of law.
This is straight out of the authoritarian playbook.
April 25, 2025 at 7:27 PM
Arresting Judge Dugan is a dangerous attack on our courts and a blatant abuse of power.
Trump is weaponizing the federal government and attacking the rule of law.
This is straight out of the authoritarian playbook.
Trump is weaponizing the federal government and attacking the rule of law.
This is straight out of the authoritarian playbook.
Reposted by Privacy Praavu
SAP zero-day vulnerability under widespread active exploitation: "“This isn’t a theoretical threat — it’s happening right now... If you thought you had time, you don’t.” cyberscoop.com/sap-netweave...
SAP zero-day vulnerability under widespread active exploitation
Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.
cyberscoop.com
April 25, 2025 at 5:52 PM
SAP zero-day vulnerability under widespread active exploitation: "“This isn’t a theoretical threat — it’s happening right now... If you thought you had time, you don’t.” cyberscoop.com/sap-netweave...
Reposted by Privacy Praavu
"It is a proposition too plain to be contested, that the constitution controls any legislative act repugnant to it." Marbury v. Madison, 5 U.S. 137, 176 (1803).
The Justice Dept. has authorized law enforcement officers to GO INTO PEOPLE'S HOMES WITHOUT SEARCH WARRANTS if they suspect that someone is an "alien enemy"
I talked to @usatoday.com about Attorney General Bondi's "Guidance for Implementing the Alien Enemies Act," links below
I talked to @usatoday.com about Attorney General Bondi's "Guidance for Implementing the Alien Enemies Act," links below
April 25, 2025 at 2:07 PM
"It is a proposition too plain to be contested, that the constitution controls any legislative act repugnant to it." Marbury v. Madison, 5 U.S. 137, 176 (1803).
Reposted by Privacy Praavu
The top three cyber crimes, by number of complaints reported by victims in 2024, were phishing/spoofing, extortion, and personal data breaches. Victims of investment fraud, specifically those involving cryptocurrency, reported the most losses—totaling over $6.5 billion.
www.fbi.gov/news/press-r...
www.fbi.gov/news/press-r...
FBI Releases Annual Internet Crime Report | Federal Bureau of Investigation
The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has released its latest annual report. The 2024 Internet Crime Report combines information from 859,532 complaints of suspec...
www.fbi.gov
April 23, 2025 at 6:53 PM
The top three cyber crimes, by number of complaints reported by victims in 2024, were phishing/spoofing, extortion, and personal data breaches. Victims of investment fraud, specifically those involving cryptocurrency, reported the most losses—totaling over $6.5 billion.
www.fbi.gov/news/press-r...
www.fbi.gov/news/press-r...
Reposted by Privacy Praavu
New: Two top CISA officials, Bob Lord and Lauren Zabierek, are leaving the agency as it prepares for mass layoffs.
Lord and Zabierek led CISA's Secure by Design initiative and other key projects.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
Lord and Zabierek led CISA's Secure by Design initiative and other key projects.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
April 21, 2025 at 3:55 PM
New: Two top CISA officials, Bob Lord and Lauren Zabierek, are leaving the agency as it prepares for mass layoffs.
Lord and Zabierek led CISA's Secure by Design initiative and other key projects.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
Lord and Zabierek led CISA's Secure by Design initiative and other key projects.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
If you have not seen yesterday’s internal CFPB memo yet, it is grim:
April 17, 2025 at 7:55 PM
If you have not seen yesterday’s internal CFPB memo yet, it is grim: