DOGE to Fired CISA Staff: Email Us Your Personal Data

from Krebs on Security [alt+shift+b] in technology

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration's continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment -- presumably with the password needed to view the file included in the body of the email.

a week ago

Remove from reading list Add to reading list [alt+a] Read now [→]

Improve your reading experience

Logged in users get linked directly to articles resulting in a better reading experience. Please login for free, it takes less than 1 minute.

More from Krebs on Security

When Getting Phished Puts You in Mortal Danger

Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life.

7 hours ago • 1 votes

Arrests in Tap-to-Pay Scheme Powered by Phishing

Authorities in at least two U.S. states last week independently announced arrests of Chinese nationals accused of perpetrating a novel form of tap-to-pay fraud using mobile devices. Details released by authorities so far indicate the mobile wallets being used by the scammers were created through online phishing scams, and that the accused were relying on a custom Android app to relay tap-to-pay transactions from mobile devices located in China.

a week ago • 7 votes

ClickFix: How to Infect Your PC in Three Easy Steps

A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.

a week ago • 3 votes

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation.

2 weeks ago • 3 votes

More in technology

Ghetto soldering tweezers

[Misc] And other 3D printed accessories

8 hours ago • 2 votes

Listen: How the YIMBYs won

My event with Anya Martin (with a brief cameo from Chris Curtis MP!)

17 hours ago • 1 votes

My job doesn't need to exist?

Rands: The Product Engineer You don’t need Product Managers. There. I said it. As someone who just moved into a product management role, you had best believe this line caught my eye. 👀 The post makes some reasonable arguments, although I think a lot of it is an

12 hours ago • 1 votes

How AI Is Built Podcast

Nicolay Gerold interviewed me for his How AI is Built podcast. Our conversation focused on information architecture – with an interesting angle: Nicolay’s audience consists primarily of engineers developing AI products. What can these folks learn from IA to create better AI products? Conversely, what can IAs learn from engineers? And does information architecture matter at all in a world where these technologies exist? Tune in to find out: Spotify Apple Podcasts YouTube

17 hours ago • 1 votes

Should we do a Conclave?

Niléane insists she's not bringing another task manager, Chris has a new e-ink toy he loves, and the whole crew finds interesting ways to add some more text expansion to their lives. We want to hear from you! How would you have done our challenges? How

an hour ago • 1 votes

New here?