Amazon is pulling the plug on a key privacy feature for its Echo and Fire TV devices, ensuring that every command spoken to Alexa will soon be transmitted to the company’s cloud servers. The change, detailed in an email sent to customers on March 14, eliminates the “Do Not Send Voice Recordings” option, which allowed some Echo devices to process requests locally without uploading audio to Amazon. Starting March 28, this shift will affect all Echo speakers, smart displays, and Fire TV units, aligning with the rollout of Alexa+, a generative AI-powered subscription assistant—and sparking fresh concerns over user privacy.
its email, according to ARS Technica, the company explained: “As we continue to expand Alexa’s capabilities with generative AI features, we have decided to no longer support this feature.” The move extends to Fire TV devices with Alexa integration, meaning casual commands like “play my show” will also head to the cloud.
In 2023, the Amazon paid a $25 million penalty after the Federal Trade Commission (FTC) found it indefinitely stored children’s voice interactions, violating privacy laws. That same year, Amazon settled allegations that Ring camera footage—accessible to thousands of employees and contractors—compromised customers’ private spaces. Add to that 2019 reports from Bloomberg revealing employees listened to up to 1,000 Alexa clips per shift for training purposes, and the decision to mandate cloud uploads feels like salt in the wound.
For users, the stakes are high. Amazon insists recordings will be encrypted in transit and deleted after processing by default—unless users opt to save them for Voice ID functionality, which personalizes reminders, calendars, and music. But choosing “Don’t save recordings” will brick Voice ID on existing devices, a feature Amazon warns “may not work” without stored audio. “It’s a forced choice,” Kim noted. “Share everything with Amazon or lose what you paid for.” Criminal trials leveraging Alexa data and past breaches only deepen the distrust.
The Black Basta ransomware operation created an automated brute-forcing framework dubbed ‘BRUTED’ to breach edge networking devices like firewalls and VPNs.The framework has enabled BlackBasta to streamline initial network access and scale ransomware attacks on vulnerable internet-exposed endpoints.The discovery of BRUTED comes from EclecticIQ researcher Arda Büyükkaya following an in-depth examination of the ransomware gang’s leaked internal chat logs.Several reports of large-scale brute-forcing and password spray attacks against those devices throughout 2024, some of which might be linked to BRUTED or similar-origin operations. Automating brute-forcing…
The framework searches for publicly accessible edge networking devices matching the targets list by enumerating subdomains, resolving IP addresses, and appending prefixes like ‘.vpn’ or ‘remote.’ Matches are reported back to the command-and-control (C2) server.
Once potential targets are identified, BRUTED retrieves password candidates from a remote server and combines them with locally generated guesses to execute many authentication requests via multiple CPU processes.
Analysis of the source code indicates that the framework was specifically designed to brute-force credentials on the following VPN and remote-access products: SonicWall NetExtender, Palo Alto GlobalProtect, Cisco AnyConnect, Fortinet SSL VPN, Citrix NetScaler (Citrix Gateway), Microsoft RDWeb (Remote Desktop Web Access), and WatchGuard SSL VPN.
The biggest change contemplated by Diaz’s memo is to require “internet identity proofing” for “benefit claims… made over the phone.” When an SSA customer is “unable to utilize the internet ID proofing, customers will be required to visit a field office to provide in-person identity documentation.”
Currently customers can make claims and verify their identity without using the internet or visiting a SSA office. Fraud is extremely rare because there are many safeguards in place. After initiating a call, customers must provide their social security number, date of birth, parents’ names, mother’s maiden name, and date of birth. After the initial teleapplication is completed, the information provided is checked against tax returns, pay stubs, bank statements, and medical information, depending on the nature of the claim. If there are any discrepancies, a customer may need to mail a copy of their birth certificate to the SSA. About 40% of all claims are currently processed over the phone.
Because the SSA serves a large population that is either older or physically disabled, many cannot access the internet. Under the new system, this would force these populations to visit an office to have their claim processed. The Diaz memo estimates it would require 75,000 to 85,000 in-person visitors per week to SSA’s offices to implement the policy.
The artificial intelligence revolution is here to make our lives easier. Over time, access to AI has become increasingly democratized. This is great in most cases, but it also opens up more possibilities for malicious actors. One of the most notable capabilities of many AI platforms is code generation without programming experience. But can AI be used to generate malware? It seems it’s not as difficult as you might think.Jailbreaking: Tricking AI to Generate Harmful Outputs
The major AI platforms typically integrate multiple security barriers to block harmful outputs. If we apply this to the digital realm, this means that companies are seeking to prevent their services from generating potentially dangerous information that could be used for some type of attack. The practice of designing prompts to bypass these security barriers is known as “jailbreaking.”
“Immersive World” technique allows big AI platforms to generate malware – To achieve this, Cato Networks implemented a technique they called “Immersive World.” The technique involves creating a fictional scenario or world, as if you were writing a story, assigning clear roles to different “characters.” This approach, which seems to resemble writing a story, apparently helps the LLM normalize boring prompts. Basically, it’s like applying social engineering to a chatbot.
The “Immersive World” technique forces the LLM to work in a controlled environment where it “perceives” that the context is not to generate malware with questionable goals but rather a story.
If you’re looking for a specific solution to something, these are the hardware and software tools we recommend in a variety of categories. Our recommended privacy tools are primarily chosen based on security features, with additional emphasis on decentralized and open-source tools. They are applicable to a variety of threat models ranging from protection against global mass surveillance programs and avoiding big tech companies to mitigating attacks, but only you can determine what will work best for your needs.
Europol’s EU Serious and Organised Crime Threat Assessment (EU-SOCTA) 2025, published today, reveals how the very DNA of crime is shifting – reshaping the tactics, tools and structures employed by criminal networks. The EU-SOCTA offers one of the most thorough analyses conducted on the threats posed by serious organised crime to the EU’s internal security. Based on intelligence from EU Member States and international law enforcement partners, this report not only analyses the state of organised crime today – it anticipates threats of tomorrow, providing a roadmap for Europe’s law enforcement and policymakers to stay ahead of ever-evolving organised crime.
And evolve it has. The latest EU-SOCTA reveals that the DNA of organised crime is fundamentally changing, making it more entrenched and more destabilising than ever before.
A changing DNA: how organised crime is mutating. Just as DNA shapes the blueprint of life, the blueprint of organised crime is being rewritten. No longer bound by traditional structures, organised crime has adapted to a world shaped by global instability, digitalisation and emerging technologies.
The EU-SOCTA identifies three defining characteristics of today’s serious and organised crime landscape…
Federal law enforcement agencies have turned to a variety of techniques and surveillance capabilities to identify people who have allegedly set fire to Tesla vehicles and property, including automatic license plate readers and social media crawling, according to newly unsealed court records obtained by 404 Media….
In a biting ruling on Thursday, a federal judge in Maryland issued a temporary restraining order blocking Elon Musk’s Department of Government Efficiency team from having access to personally identifiable information on Americans stored by the Social Security Administration. Judge Ellen Lipton Hollander said anyone on Musk’s team who already has any of the data must delete it, the New York Times reports. “The DOGE Team is essentially engaged in a fishing expedition at SSA, in search of a fraud epidemic, based on little more than suspicion,” Hollander wrote. “It has launched a search for the proverbial needle in the haystack, without any concrete knowledge that the needle is actually in the haystack.”… (More Department of Government Efficiency stories.)
