Patrick Beuth, Jörg Diehl, Roman Höfner, Roman Lehberger, Friederike Röhreke, and Fidelius Schmid at Der Spiegel:

Private contact details of the most important security advisers to U.S. President Donald Trump can be found on the internet. DER SPIEGEL reporters were able to find mobile phone numbers, email addresses and even some passwords belonging to the top officials. To do so, the reporters used commercial people search engines along with hacked customer data that has been published on the web. Those affected by the leaks include National Security Adviser Mike Waltz, Director of National Intelligence Tulsi Gabbard and Secretary of Defense Pete Hegseth. Most of these numbers and email addresses are apparently still in use, with some of them linked to profiles on social media platforms like Instagram and LinkedIn. They were used to create Dropbox accounts and profiles in apps that track running data. There are also WhatsApp profiles for the respective phone numbers and even Signal accounts in some cases. As such, the reporting has revealed an additional grave, previously unknown security breach at the highest levels in Washington. Hostile intelligence services could use this publicly available data to hack the communications of those affected by installing spyware on their devices. It is thus conceivable that foreign agents were privy to the Signal chat group in which Gabbard, Waltz and Hegseth discussed a military strike.

Numbers Linked to Signal Accounts

It remains unclear, however, whether this extremely problematic chat was conducted using Signal accounts linked to the private telephone numbers of the officials involved. Tulsi Gabbard has declined to comment. DER SPIEGEL reporting has demonstrated, though, that privately used and publicly accessible telephone numbers belonging to her and Waltz are, in fact, linked to Signal accounts. [...] The White House confirmed the scandal after the fact. Trump insisted that it did not include classified content, a question that is of particular relevance since members of the U.S. government are not permitted to share such information over Signal. The U.S. special envoy for Ukraine and the Middle East, Steve Witkoff, was even in Russia while participating in the chat group.

DER SPIEGEL was able to find some of the contact information for Gabbard, Hegseth and Waltz in commercial databases, while other information was in so-called password leaks, which are hardly a rarity on the internet. One example is the 2019 discovery by Troy Hunt, who found 773 million email addresses and more than 21 million passwords in a hacker forum. Since then, there have been numerous additional leaks. Criminals are constantly compiling new collections from hacks, usually to sell them on forums. [...] The mobile number provided, meanwhile, led to a WhatsApp account that Hegseth apparently only recently deleted. The profile photo showed a shirtless Hegseth in a baseball cap and necklace. Comparisons with other photos of the U.S. secretary of defense using facial recognition software were able to confirm that the photo on the WhatsApp profile was indeed Hegseth.

Several Passwords in Leaked Database

Waltz’s mobile number and email address could be found using the same service provider. The mobile phone number could even be found using a people search engine popular in the U.S. DER SPIEGEL reporters were also able to find several passwords for Waltz’s email address in leaked databases. The information also led to Waltz’s profiles for Microsoft Teams, LinkedIn, WhatsApp and Signal. National Intelligence Director Gabbard was seemingly more careful with her data than her two male colleagues. She apparently had her own data blocked in the commercial contact search engines that contained the data of Hegseth and Waltz. But her email address was to be found on WikiLeaks and Reddit. Gabbard’s email address is available in more than 10 leaks. One of those also contains a partial telephone number, which, when completed, leads to an active WhatsApp account and a Signal profile.

German publication Der Spiegel writes that several of the National Security Advisers for the Trump Administration, including Pete Hegseth, Tulsi Gabbard, and Michael Waltz, had their private data breached and the passwords found online.

Magic Darts as Viruses

Jean -Pierre Chaumeil

Shamens Through Time by Jeremy Narby

"In lowland Amazonia, Shamans attack one another's communities by sending illness and other misfortunes in the form of darts, which are invisible to non-shamens ."

This is called Bad medicine and maybe this where the idea of computer hacking comes from. Would make sense if this is a big ticket item for Ebay on Valentines Day, as it has the largest Market of "Magical Goods and Wares" on the internet.

Fortunately for affected customers though, it appears that only personal information was stolen during this attack and financial information wasn’t accessed.

Oh, nice. Apparently data breaches have become so commonplace that “only personal information was stolen” is regarded as A-OK now. 🙄

The darkside of the Social Media platforms

The Attention Economy

Attention is the most valuable currency in today's world.

Companies that can capture attention can make a lot of money.

Social media platforms are designed to be addictive and keep you engaged for as long as possible.

How Social Media Tracks Your Data

Social media platforms collect a lot of data about you, including your likes, dislikes, and browsing habits.

This data is used to target you with advertising.

Social media platforms may also listen to your conversations through your device's microphone (although this is not confirmed).

The Impact of Social Media on Society

Social media can create echo chambers and filter bubbles, where you are only exposed to information that confirms your existing beliefs.

This can lead to polarization and a decline in civil discourse.

Social media can also be addictive and lead to decreased productivity and attention spans.

What You Can Do

Be mindful of how much time you spend on social media.

Be critical of the information you see on social media.

Consider adjusting your privacy settings on social media platforms.

There are extensions and apps available to help you limit your social media usage.

Note-To check if your email address has been compromised, you can visit the website Have I Been Pwned: https://haveibeenpwned.com/

What is Zero Trust Architecture?

Zero Trust Architecture (ZTA) is a security model that operates on the principle "never trust, always verify." Unlike traditional security models that assume everything within a network is trustworthy, ZTA requires verification for every access request, regardless of whether it originates inside or outside the network.  

Why is it Important?  

In today's digital landscape, cyber threats are becoming increasingly sophisticated. Zero Trust Architecture helps mitigate risks by continuously verifying every user and device, ensuring that only authorized entities can access sensitive information.  

How Does It Protect You?  

1. Enhanced Security: By requiring strict verification, ZTA minimizes the risk of unauthorized access and data breaches.  

2. Reduced Attack Surface: Limiting access to only what is necessary decreases potential entry points for attackers.  

3. Real-time Monitoring: Continuous monitoring and verification help detect and respond to threats promptly.  

Adopt Zero Trust Architecture with Century Solutions Group to fortify your cybersecurity defenses and protect your business from evolving cyber threats! #ZeroTrust #CyberSecurity #CenturySolutionsGroup 

Learn More:https://centurygroup.net/cloud-computing/cyber-security/

Reminder to everyone that 23andMe filed for bankruptcy recently, and right now the genetic data of millions of its users is up for sale. We do not know who will buy it or what they will do with it. If:

1) you have ever used one of their DNA tests, and

2) you haven't deleted your 23andMe data yet, then Delete it now! https://www.eff.org/deeplinks/2025/03/how-delete-your-23andme-data

If you yourself have not used 23andMe, but a close relative of yours has, that genetic data on your family member can potentially be used to make inferences about your own data, or to identify you (especially when combined with other data).

So, if you have a close relative who has used 23andMe, ask them to delete their data ASAP!

imagine getting doxxed but its your full dna sequence

Clean it up hiro….

10 Common Cyber Threats and How to Avoid Them

In our increasingly connected world, cybersecurity is no longer just a concern for large corporations; it’s a fundamental aspect of daily life for individuals, families, and small businesses alike. The convenience of online banking, shopping, and social networking comes with the inherent risk of cyber threats, which are constantly evolving in sophistication and frequency. Cybercriminals are…

Reminder to set up 2FA

Change your Tumblr password now.

Humongous data breach just happened, with loads upon loads of sites being affected. Tumblr's among those. Also on the list is Wattpad for you fanfic people out there- among many, many other places.

There's a searchable list at the bottom of the article. Highly recommend scrolling or searching through, seeing what places you may be on that have been affected, and securing all your accounts. This thing's kind of big.

If you know people on any of the sites affected, let them know about this too, and spread the article around.

Real-Time Cyber Threat Intelligence: How EDSPL Detects and Neutralizes Breaches Before They Happen

Introduction: Why Real-Time Cyber Threat Intelligence Is No Longer Optional

In today’s hyperconnected world, cybersecurity has shifted from a passive necessity to an active business differentiator. Every second, organizations face a barrage of threats—from phishing emails and malware to ransomware and zero-day exploits. The question is no longer if a business will be targeted, but when. That’s where Real-Time Cyber Threat Intelligence (RTCTI) becomes the ultimate game-changer.

For modern enterprises, simply having network security or firewalls is no longer enough. You need an intelligence-driven, always-on, proactive system that can detect, analyze, and stop threats before they even get close to your data.

At EDSPL, we don’t just respond to cyber threats—we anticipate them. We predict attacks before they unfold, using real-time threat intelligence to shield your enterprise against both known and emerging risks.

What Is Real-Time Cyber Threat Intelligence (RTCTI)?

Real-Time Cyber Threat Intelligence refers to the collection, processing, and analysis of cyber threat data as it happens, enabling immediate threat detection and faster response. RTCTI goes far beyond traditional threat feeds. It uses automation, machine learning, and deep analytics to identify patterns, uncover malicious intent, and neutralize attacks in progress.

The High Stakes: What Happens Without Real-Time Intelligence

Imagine a scenario where a phishing email slips through filters. Within minutes, credentials are stolen, malware is planted, and lateral movement begins within your network. If you're relying on weekly scans or daily logs, by the time you catch it—your data is already gone.

Now contrast that with EDSPL's real-time approach:

A suspicious login pattern is detected in milliseconds. Threat intelligence confirms correlation with known malicious IPs. Automated response isolates the endpoint, cuts off access, and alerts the SOC team. Breach attempt thwarted—before any data is touched.

This is the power of EDSPL’s Real-Time Cyber Threat Intelligence.

How EDSPL Powers RTCTI: A Behind-the-Scenes Look

1. Global Threat Intelligence Feeds

At EDSPL, we integrate real-time threat feeds from:

Industry-leading platforms (FireEye, IBM X-Force, AlienVault, etc.)

Open-source intelligence (OSINT)

Government and ISAC advisories

Proprietary honeypots and decoys deployed worldwide

These sources constantly update our threat intelligence database, ensuring we stay ahead of even the most advanced threat actors.

2. Security Operations Center (SOC) 24x7x365

Our in-house SOC is the nerve center of our RTCTI system. With round-the-clock vigilance, our analysts monitor anomalies, respond to alerts, and hunt threats proactively. Every activity, from system logs to endpoint behavior, is streamed live into our monitoring environment, enabling real-time decision-making.

Explore our full range of services

3. SIEM + SOAR Integration

We use top-tier Security Information and Event Management (SIEM) tools to correlate data across endpoints, cloud security, application security, and on-prem systems.

But we don’t stop there. Our Security Orchestration, Automation, and Response (SOAR) tools automate the playbooks. This ensures:

Faster incident triage

Reduced Mean Time to Detect (MTTD)

Reduced Mean Time to Respond (MTTR)

4. AI-Powered Anomaly Detection

Static rules and signatures aren’t enough. Our AI/ML models learn and adapt continuously, identifying deviations from “normal” behavior. Whether it's an employee logging in from an unusual location or a file being downloaded at an odd time, our system catches the smallest red flags.

5. Endpoint Detection & Response (EDR)

Our RTCTI stack includes next-gen EDR, which monitors every action on your devices in real time. From USB connections to command-line activity, EDR ensures no breach goes unnoticed.

Real-Life Use Case: How EDSPL Prevented a Ransomware Attack

In early 2025, a client’s internal user unknowingly downloaded a malicious attachment disguised as an invoice. The malware silently tried to encrypt files and escalate privileges. Within 4 seconds:

EDSPL's SIEM flagged anomalous activity.

Our SOAR platform triggered an auto-isolation of the device.

The malware was quarantined, and logs were sent for forensic analysis.

No data was lost. No operations were disrupted.

That’s what real-time threat intelligence looks like in action.

RTCTI Is Not Just for Enterprises—SMEs Need It Too

It’s a myth that only large corporations need advanced threat intelligence. In fact, small and mid-sized enterprises are often prime targets—because they have weaker defenses.

At EDSPL, we’ve designed scalable RTCTI packages to suit organizations of all sizes, backed by our expertise in mobility, compute, storage, and backup.

Key Benefits of EDSPL’s Real-Time Threat Intelligence

Proactive Threat Detection

Stop threats before they reach critical systems.

Rapid Incident Response

Our automation ensures no time is wasted during an attack.

Intelligent Insights

Go beyond alerts—understand the context behind every threat.

AI-Driven Accuracy

Eliminate false positives. Focus only on real threats.

Customizable for Your Industry

From finance and healthcare to retail and manufacturing—we tailor defenses to your risk landscape, including switching, routing, and data center switching infrastructure security.

Industries That Trust EDSPL for RTCTI

We serve organizations across sectors, including:

BFSI (Banking, Financial Services, Insurance)

Healthcare

E-commerce

EdTech

Manufacturing

Government and Public Sector

How EDSPL Stays Ahead of Cyber Criminals

Cyber criminals evolve every day—but so do we. Here’s how EDSPL maintains a competitive edge:StrategyHow It HelpsThreat Hunting TeamsActively search for hidden threats before they strike.Red Team SimulationsSimulate real attacks to test & improve defenses.Zero-Day Threat MitigationHeuristic detection + rapid signature updates.Dark Web MonitoringTrack stolen credentials and brand mentions.Incident Drill PlaybooksBe ready with tested, automated response plans.

Why EDSPL Is the Right RTCTI Partner for You

Choosing a cyber partner is about trust. With EDSPL, you get:

✅ Experienced Cybersecurity Professionals ✅ Real-Time Visibility Across All Layers ✅ Custom Playbooks and Reporting Dashboards ✅ Compliance-Ready Solutions ✅ Managed and maintenance services that ensure long-term protection

Conclusion: Stop Attacks Before They Even Begin

The threats are getting smarter, faster, and more dangerous. If you’re waiting to react to a breach, you’re already too late.

With Real-Time Cyber Threat Intelligence from EDSPL, you gain an unfair advantage. You move from being a passive target to a proactive defender.

Don’t wait for the breach—predict it, detect it, and neutralize it with EDSPL.

Want to Get Started?

Reach Us or Get In Touch to future-proof your cybersecurity infrastructure. Understand our background vision and commitment to enterprise security excellence.

Ready to secure your business? Contact our experts today and get a free consultation tailored to your organization’s needs.

📧 Email: [email protected] 🌐 Website: www.edspl.net

Follow us on social media for the latest updates and insights:

🔗 Facebook | LinkedIn

How to check if your password was leaked in a data breach: Top 4 ways

How Disrespect in Business—Like Ignoring Emails and Turning Down Networking—Can Lead to Cyber Attacks

Let’s get something straight right now: your crappy communication habits aren’t just annoying—they’re dangerous. That ignored email chain? It might be the reason your company gets ransomwared next month. That networking event you blew off because you were “too busy”? Could’ve been where you learned about the security vulnerability currently festering in your system. Disrespect in business isn’t…

Cybersecurity Considerations in Cloud-Based Estimating Service Platforms

Introduction The rapid adoption of cloud-based tools in industries like construction, manufacturing, and engineering has revolutionized how businesses handle estimating services. Cloud-based estimating service platforms provide immense benefits, such as accessibility, collaboration, and real-time updates, which help companies improve efficiency and reduce costs. However, the increased use of these platforms also raises significant cybersecurity concerns. Protecting sensitive data, ensuring platform reliability, and maintaining secure access are all critical components of ensuring the success of cloud-based estimating services.

This article will explore the cybersecurity considerations that organizations must take into account when utilizing cloud-based estimating services. We will highlight the importance of robust security measures, best practices for mitigating risks, and the role of the cloud service provider in safeguarding data.

Understanding the Cybersecurity Risks in Cloud-Based Estimating Services Cloud-based estimating services store vast amounts of sensitive information, including cost estimates, project budgets, pricing data, and contract details. This data is crucial for project planning, and its loss or theft could result in financial, legal, or reputational damage. The cybersecurity risks in cloud platforms include data breaches, unauthorized access, data manipulation, and service outages that can disrupt operations.

Hackers and cybercriminals may target cloud-based estimating services to access proprietary cost data, sensitive client information, or intellectual property. This makes cloud security a critical concern for businesses that rely on these services. Additionally, the remote nature of cloud access increases the potential for data exposure, especially if users access the platform from unsecured devices or networks.

Choosing a Secure Cloud Service Provider One of the first steps in ensuring cybersecurity for cloud-based estimating services is selecting a reliable cloud service provider (CSP) that prioritizes security. Reputable CSPs offer advanced security features, including end-to-end encryption, multi-factor authentication (MFA), and continuous monitoring of their networks. They should also comply with industry standards and regulations, such as the General Data Protection Regulation (GDPR) or the Health Insurance Portability and Accountability Act (HIPAA), depending on the industry.

Before selecting a CSP, organizations should thoroughly evaluate the provider’s security protocols, certifications, and track record. It’s also important to assess the provider’s ability to scale security measures as your business grows. A strong partnership with a reputable provider ensures that security is embedded into the platform from the ground up.

Data Encryption and Secure Storage Data encryption is one of the most effective measures for securing sensitive information in cloud-based estimating platforms. By encrypting data both during transmission and at rest, companies can ensure that even if hackers intercept the data, they cannot access or misuse it.

In addition to encryption, secure storage practices are crucial for protecting estimating data. Cloud service providers should store data in secure data centers equipped with physical security measures, such as biometric access controls, surveillance, and disaster recovery plans. These physical and digital safeguards help protect against both cyber threats and natural disasters.

User Access Control and Authentication Controlling user access is another essential aspect of cybersecurity in cloud-based estimating services. Businesses must establish strict user access protocols to ensure that only authorized personnel can access sensitive project data and cost estimates. This includes defining user roles, limiting permissions, and requiring strong authentication methods.

Multi-factor authentication (MFA) is a powerful tool for enhancing access security. By requiring users to provide additional verification, such as a code sent to their mobile device, alongside their username and password, MFA ensures that only legitimate users can access the platform.

Organizations should also regularly review and update user access permissions to ensure that former employees or contractors do not retain access to sensitive information after their engagement ends.

Data Backup and Disaster Recovery Plans Data loss is a major risk for businesses relying on cloud-based estimating services. Whether due to a cyber attack, natural disaster, or technical failure, losing critical estimating data can severely disrupt project timelines and budget management. Therefore, having a solid data backup and disaster recovery plan is crucial.

Cloud-based platforms should offer automated data backups to prevent loss of estimates and other project information. It is important for businesses to regularly test their backup systems and ensure that data can be quickly recovered in the event of an incident. The disaster recovery plan should also outline clear steps for restoring access to the platform, rebuilding project estimates, and ensuring continuity of operations.

Monitoring and Incident Response Continuous monitoring of the cloud environment is essential for detecting potential security threats. Cloud service providers should implement real-time threat detection systems to identify unusual activities, such as unauthorized access attempts or unusual data transfers. Monitoring tools can also track user behaviors, alert administrators about security anomalies, and provide insights into potential vulnerabilities.

In addition to monitoring, businesses should have a clear incident response plan in place. This plan outlines the steps to take in the event of a cyberattack, such as isolating affected systems, notifying affected parties, and coordinating with cybersecurity experts. A well-defined response plan helps minimize the impact of a security breach and ensures that the organization can recover quickly.

Employee Training and Security Awareness Even with the best technology in place, human error remains one of the largest cybersecurity risks. Employees who are unaware of security best practices may inadvertently compromise data by clicking on phishing emails, using weak passwords, or accessing the platform from unsecured devices.

To mitigate this risk, organizations should provide regular cybersecurity training to all employees who use cloud-based estimating services. Training should cover topics such as identifying phishing attempts, using strong and unique passwords, and securing devices. A culture of cybersecurity awareness helps reduce the chances of a successful attack and empowers employees to play an active role in protecting company data.

Compliance and Regulatory Requirements Depending on the industry, businesses using cloud-based estimating services must comply with various regulations related to data security and privacy. For instance, the construction industry may need to adhere to data protection laws, while healthcare-related estimating services might be subject to HIPAA regulations.

Cloud service providers should be transparent about their compliance with these regulations, and businesses should ensure that they understand their obligations when using cloud-based platforms. By partnering with a provider that meets the required compliance standards, companies can avoid legal and financial penalties while safeguarding their data.

Conclusion As cloud-based estimating services become increasingly integral to project planning and execution, securing sensitive data and protecting against cybersecurity threats are paramount concerns. Organizations must take proactive measures, such as selecting reputable service providers, implementing data encryption, controlling user access, and creating robust backup and disaster recovery plans. With a focus on cybersecurity, companies can confidently leverage cloud-based estimating services while minimizing the risk of data breaches and service disruptions.

By investing in the right security tools, maintaining ongoing monitoring, and ensuring employee awareness, businesses can strengthen the cybersecurity of their cloud-based estimating platforms and protect the valuable data that drives their projects forward.

Data breaches, digital IDs, and mass surveillance—are we trading privacy for convenience? Plus, a song about your screen watching you back.

STEP-BY-STEP GUIDE TO ENCRYPTING EMAILS IN OUTLOOK, GMAIL, AND OTHER SERVICES

Email encryption is essential for safeguarding sensitive information from unauthorized access. This article provides step-by-step instructions to encrypt emails across various platforms, including Outlook, Gmail, iOS, and Android. Encrypting Emails in Microsoft Outlook To encrypt emails in Outlook, a Digital ID, also known as an email certificate, is required. This certificate can be obtained…