Notices by Metacurity (metacurity@infosec.exchange)

What could go wrong?

“The police no longer have to manually review footage. They can feed the system a text prompt, and it finds the footage,” said one executive from Hikvision.
https://www.ft.com/content/f8fa4739-4359-4720-af77-9be1e8370f82?sharetype=blocked

This is an incredible graphic from CrowdStrike.

As soon as users log into Perplexity’s home page, trackers are downloaded onto their devices, giving Meta and Google full access to the conversations between them and Perplexity’s AI Machine search engine.
https://www.bloomberg.com/news/articles/2026-04-01/perplexity-ai-machine-accused-of-sharing-data-with-meta-google

RE: https://infosec.exchange/@metacurity/116131026500216696

With great quotes from infosec.exchanges own @bert_hubert

This would affect about two-thirds of the already dwindled-down CISA workforce, and other valuable DHS components, and that’s not good.

Otherwise it will eventually make life harder for CBP and ICE and that’s great!

DHS shutdown imminent as Senate leaves town without deal

https://www.axios.com/2026/02/12/shutdown-homeland-security-senate-negotiations?stream=politics&utm_source=alert&utm_medium=email&utm_campaign=alerts_politics

Ahead of trade meetings with China, the US has suspended its bans on China Telecom's US operations, domestic sales of routers made by TP-Link, the US internet business of China Unicom and China Mobile, and the sales of Chinese electric trucks and buses in the US.

https://www.reuters.com/business/media-telecom/us-china-trade-detente-fuels-mothballing-key-china-tech-curbs-2026-02-12/

Those Nest cameras keep videos for three hours on their backend servers even if you're not a subscriber.

How Google played a key role in recovering the video from Nancy Guthrie’s cameras
https://www.cnn.com/2026/02/10/tech/google-video-nancy-guthrie

ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are
https://www.wired.com/story/cbp-ice-dhs-mobile-fortify-face-recognition-verify-identity/

It's downright weird that McDonald's is leading a campaign to advise us to use more secure passwords.

McDonald's is not lovin' your bigmac, happymeal, and mcnuggets passwords
https://www.theregister.com/2026/02/02/mcdonalds_password_advice/

App for Quitting Porn Leaked Users' Masturbation Habits
https://www.404media.co/app-for-quitting-porn-leaked-users-masturbation-habits/

CORPOELEC calls the munitions that took out power in the attack on Caracas "missiles." Says that it has been able to restore 80% of the lost power.

Resilience in the face of devastation: CORPOELEC restores electricity service after attack on substations
https://mppee.gob.ve/?p=103285

@GossiTheDog Confusing, right? But that video shows total obliteration of one of the substations -- why even bother with cyber if you're going to do that?

So Venezuela's energy ministry is saying the attack that brought down the power grid in Caracas was a physical assault on substations and not a cyber attack.
https://mppee.gob.ve/?p=103279

This contradicts Trump's statement about the US having "expertise" and also the NYT's reporting that the attack "began with a cyberoperation that cut power to large swaths of Caracas." 2/2
https://www.nytimes.com/2026/01/03/us/politics/trump-capture-maduro-venezuela.html

Corpoelec's website is not only down for maintenance, it's not accessible at all today. https://corpoelec.gob.ve/

Good god

“At least six career staffers at the Cybersecurity and Infrastructure Security Agency were suspended with pay this summer after organizing a polygraph test that the agency’s acting director, Madhu Gottumukkala, failed.”

https://www.politico.com/news/2025/12/21/cisa-acting-director-madhu-gottumukkala-polygraph-investigation-00701996?utm_source=dlvr.it&utm_medium=bluesky

https://www.koreatimes.co.kr/business/companies/20251209/police-raid-coupang-over-massive-data-breach
This is what happens when you do bad cybersecurity.

Police reportedly seek to check for possible lapses in Coupang's security, while tracking down the suspect behind the leak. cybersecurity.

https://www.clickondetroit.com/news/local/2025/11/22/campbell-soup-exec-caught-on-secret-recording-slamming-product-people-who-buy-it/
The exec caught on the recording was Campbell’s CISO.

https://www.theguardian.com/technology/2025/nov/24/civil-liberties-groups-call-for-inquiry-into-uk-data-protection-watchdog

Dozens of civil liberties campaigners and legal professionals are calling for an inquiry into the UK’s data protection watchdog, after what they describe as “a collapse in enforcement activity” after the scandal of the Afghan data breach.

The US and the UK are going after bulletproof hosting companies.

United States, Australia, and United Kingdom Sanction Russian Cybercrime Infrastructure Supporting Ransomware
https://home.treasury.gov/news/press-releases/sb0319

https://world.kbs.co.kr/service/news_view.htm?lang=e&Seq_Code=197518
Crazy times in South Korean cyber.

"The German government is set to get new powers to bar risky Chinese technology suppliers from its critical infrastructure."

https://www.politico.eu/article/germany-lines-up-new-powers-to-fend-off-chinese-tech/