Open source runs on passion and a little help from you.
We're raising $400 to keep SecBSD project alive.
That covers 1 month of power, internet, and food for 2 devs.
If you believe in open source, please consider donating.

Paypal: project@secbsd.org
Bitcoin: bc1q08d6vh93h43m9gpleu8kn9l6kuk3jrnxwrth2x
Solana: 7W3LDYfz8xehd6jAnjVhTMXWPUyXeaFE9ukpYnMs2jXH
Ethereum: 0xAe621c93985e199e7FA3CEE6D4F8CC956D2c933

DATE: May 02, 2025 at 11:55PM
SOURCE: HIPAA Watch from JD Supra

Direct article link at end of text block below.

PIH Health Settles HIPAA Violations for $600,000 https://t.co/2nm64jjhyq

Here are any URLs found in the article text:

https://t.co/2nm64jjhyq

Articles can be found by scrolling down the page at https://www.jdsupra.com/ under the title "Latest Updates".

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

In case you missed it, here's yesterday's live stream. Best enjoyed at 2x speed :) #security #sbom https://www.youtube.com/playlist?list=PL4LF17QFqXYZsXvQUL8PWwSN0ZnthPRMm&playnext=1&index=1

I just had a weird experience at Target—my girlfriend and I were bra shopping and this fucking sketchy crew-cut white guy in jeans and a kinda well-worn—not quite clean—white undershirt is keeping an eye on us and another woman. Then he speaks into a hidden collar mic. I couldn't quite hear him, but it sounded like he was talking about a woman.

Then, as we were checking out, he was over by the restrooms—still looking sketchy as fuck—and watching people (including us). Then I caught him following us out, but he turned around and went back in after a few feet.

We got back to the car and I told my partner my observations. I thought he might be private security...or some conservative transvestigator fucker—it really could have been either (or both) with the way he was acting.

We decided to go back in to make sure he wasn't hassling anyone. Sure enough, he was still looking sketchy AF and following people around the women's section and towards the exit. So we reported him. The lady who worked there told us he's their security, and that she'd let him know we said he should be less fucking sketchy.

China's National Computer Network Emergency Response Technical Team/Coordination Center disclosed malicious foreign websites and IP addresses.

The identified sources were mainly from the US, Sweden, and India. The attacks involved botnet creation, backdoor exploitation, and data theft.

Seven of the nine malicious IP addresses were traced to locations in the US. The cyberattacks posed a significant threat to institutions and internet users in China.

https://www.globaltimes.cn/page/202505/1333262.shtml

China's cybersecurity center discloses malicious foreign websites and IP addresses, mainly from US, Sweden and India

https://lemmy.ml/post/29515224

Hush Line is more than just a secure messenger - we're a network of organizations and individuals who are ready to help whistleblowers stay safe and find success.

In that spirit, you can now access Hush Line using:

tips.hushline.app
whistleblower.network

Microsoft Appoints Deputy CISO For Europe To Reassure European IT leaders - Microsoft has appointed a Deputy CISO for Europe to address growing regulatory pre... - https://it.slashdot.org/story/25/05/02/2251200/microsoft-appoints-deputy-ciso-for-europe-to-reassure-european-it-leaders?utm_source=rss1.0mainlinkanon&utm_medium=feed #security

Want to influence the direction of Grype? Tell us how you use it and what improvements you'd like to see! Your feedback matters! Survey here: https://forms.gle/hvgpNeZadLfFhCf69
#Grype #Security #OpenSource

#Phishing attacks that defeat #MFA are easier than ever. So what are we to do?
#privacy #2fa #security

https://arstechnica.com/security/2025/05/phishing-attacks-that-defeat-mfa-are-easier-than-ever-so-what-are-we-to-do/

(30 Apr) UN Gives the Encrypted Open-Source Office Suite CryptPad a Try

The United Nations became the latest large organization to embrace CryptPad when it used it to replace Google Forms.

https://s.faithcollapsing.com/0qx8p
Archive: ais: https://archive.md/wip/Xg8Nf ia: https://s.faithcollapsing.com/549ln

#TikTok Fined $600 Million for Sending #European User Data to #China

#Irish investigators said TikTok did not protect the data of users in the #EuropeanUnion , improperly transferring some of it to China. TikTok said it would appeal.
#eu #privacy #security

https://www.nytimes.com/2025/05/02/business/tiktok-eu-data-china.html

(30 Apr) UN Drops Google for CryptPad, an Encrypted Open-Source Office Suite

The United Nations became the latest large organization to embrace CryptPad when it used it to replace Google Forms.

https://s.faithcollapsing.com/0qx8p
Archive: ais: https://archive.md/wip/Tuwd7 ia: https://s.faithcollapsing.com/549ln

In de Verenigde Staten is een 36-jarige Jemenitische man aangeklaagd, die wordt gezien als de brein achter de 'Black Kingdom' ransomware. Hij zou verantwoordelijk zijn voor 1.500 aanvallen op Microsoft Exchange-servers.

De verdachte, Rami Khaled Ahm...

Lees verder op: https://koelman.it/project/vs-klaagt-beheerder-van-black-kingdom-ransomware-aan-voor-aanvallen-op-microsoft-exchange/

Absolute beginner needs advice #softwareinstallation #security

https://askubuntu.com/q/1546997/612

#MikeWaltz Has Somehow Gotten Even Worse at Using #Signal

A photo taken this week showed Mike #Waltz using an app that looks like—but is not—Signal to communicate with top officials. "I don't even know where to start with this," says one expert.
#security #privacy

https://www.wired.com/story/mike-waltz-has-somehow-gotten-even-worse-at-using-signal/