IT News

Rabbit, the manufacturer of the Artificial Intelligence (AI) assistant r1 has issued a security advisory telling users it’s found a potential security risk. If a user loses or sells their device, a person in possession of the r1 could potentially jailbreak the device and gain access to files that contain logging information, chats, and photos.

To tackle the potential problem with sensitive data being left behind on the r1, Rabbit has taken the following measures:

• A factory reset option is now available in the settings menu that lets you erase all data from the r1 prior to transferring ownership.
• Pairing data is no longer logged to the device.
• The amount of log data that gets stored on the device has been reduced.
• Pairing data can no longer be used to read from the user’s Rabbithole journal section. It can only trigger actions.

Rabbit also says it is performing a full review of device logging practices to check whether additional technical controls are needed.

If you have an r1, you don’t need to do anything as the fix will be downloaded and installed automatically. While most updates to the r1 do not require any action of the user, updates that require you to accept them, including new features and more supported apps, will happen via over-the-air updates. For these, follow the prompt on your r1, make sure you’re connected to WiFi and a power source, and wait for it to update.

For those not familiar with the concept, the Rabbit r1 is an AI-powered gadget that can manage the use of your apps for you. It’s a standalone gadget with a 2.88-inch touchscreen, a rotating camera for taking photos and videos, and a scroll wheel/button designed to navigate the menu or allow you to talk to the built-in AI.

The Rabbithole mentioned earlier is an all-in-one web portal to manage the relationship with rabbit OS, and the device that you pair the r1 to. The Rabbit r1 uses a Large Action Model (LAM) to translate the user’s voice into actions on the device it’s paired with, whether that’s a handheld device, like a phone, or a desktop computer.

It’s still pretty much a project under development. Right now, the Rabbit r1 can answer questions, call an Uber, order DoorDash, play music on Spotify, translate speech, generate images on Midjourney, identify nearby objects with its camera and record voice memos. Nothing your phone can’t do, but Rabbit promises more options on the horizon and claims that all these actions are easier to accomplish when you’re using the r1.

The journal section of the Rabbithole web portal shows any visual searches you’ve conducted using the r1’s camera and voice memos you’ve recorded.

Rabbit says there’s no indication that pairing data has been abused to retrieve Rabbithole journal data belonging to a former device owner. Yet the possibility exists, and it’s good that users now have the ability to erase all data before selling the device. However, this doesn’t solve the issue if the r1 is stolen or lost.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

This week on the Lock and Code podcast…

Full-time software engineer and part-time Twitch streamer Ali Diamond is used to seeing herself on screen, probably because she’s the one who turns the camera on.

But when Diamond received a Direct Message (DM) on Twitter earlier this year, she learned that her likeness had been recreated across a sample of AI-generated images, entirely without her consent.

On the AI art sharing platform Civitai, Diamond discovered that a stranger had created an “AI image model” that was fashioned after her. The model was available for download so that, conceivably, other members of the community could generate their own images of Diamond—or, at least, the AI version of her. To show just what the AI model was capable of, its creator shared a few examples of what he’d made: There was AI Diamond standing what looked at a music festival, AI Diamond with her head tilted up and smiling, and AI Diamond wearing, what the real Diamond would later describe, as an “ugly ass ****ing hat.”

AI image generation is seemingly lawless right now.

Popular AI image generators, like Stable Diffusion, Dall-E, and Midjourney, have faced valid criticisms from human artists that these generators are copying their labor to output derivative works, a sort of AI plagiarism. AI image moderation, on the other hand, has posed a problem not only for AI art communities, but for major social media networks, too, as anyone can seemingly create AI-generated images of someone else—without that person’s consent—and distribute those images online. It happened earlier this year when AI-generated, sexually explicit images of Taylor Swift were seen by millions of people on Twitter before the company took those images down.

In that instance, Swift had the support of countless fans who reported each post they found on Twitter that shared the images.

But what happens when someone has to defend themselves against an AI model made of their likeness, without their consent?

Today, on the Lock and Code podcast with host David Ruiz, we speak with Ali Diamond about finding an AI model of herself, what the creator had to say about making the model, and what the privacy and security implications are for everyday people whose likenesses have been stolen against their will.

For Diamond, the experience was unwelcome and new, as she’d never experimented using AI image generation on herself.

“I’ve never put my face into any of those AI services. As someone who has a love of cybersecurity and an interest in it… you’re collecting faces to do what?”

Tune in today to listen to the full conversation.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

A group of cybercriminals going by the handle NullBulge claims to have downloaded the Slack channels used by Disney’s developers.

“#DisneySlackLeak

#Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Want to see what goes on behind the doors? go grab it.”

The group says it got a hold of a huge amount of data, including unreleased projects and login info:

“1.2 TB of data, almost10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal api/web pages, and more! Have fun sifting through it, there is a lot there. We tried to hold off until we got deeper in, but our inside man got cold feet and kicked us out! I thought we had something special {name}! Consider the dropping of literally every bit of personal info you have, from logins to credit cards to SSN, as a warning for people in the future.”

This seems to indicate that the group was helped by an insider, and that it might have obtained even more had that person not backed out of assisting. It’s unlikely that NullBulge had access to customer data through these Slack channels, but it does look as if the group accessed a lot of material that Disney was working on.

Calling itself a hacktivist group that aims for better compensation and protection of artists’ rights, the group then announced the breach on infamous data leak site BreachForums and provided screenshots of its findings.

“Hi there folks, it is us again.

Yesterday we leaked some small DB, now we leak the big guns.

1.1TiB of data. almost 10,000 channels, every message and file possible, dumped. Unreleased projects, raw images and code, some logins, links to internal api/web pages, and more! Have fun sifting through it, there is a lot there.

Perfect for gathering intelligence and more.”

The earlier post NullBulge is referring to is a WordPress database dump of the howwelove[.]com domain. We have no idea what the group’s beef with this relationships-focused website is.

Disney is yet to make a comment. We’ll keep this post updated with the latest developments

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

Last week on Malwarebytes Labs:

• “Nearly all” AT&T customers had phone records stolen in new data breach disclosure
• Fake Microsoft Teams for Mac delivers Atomic Stealer
• Dangerous monitoring tool mSpy suffers data breach, exposes customer details
• iPhone users in 98 countries warned about spyware by Apple
• Peloton accused of providing customer chat data to train AI
• Ticketmaster says stolen Taylor Swift Eras Tour tickets are useless
• Shopify says stolen customer data was taken in third-party breach
• “RockYou2024”: Nearly 10 billion passwords leaked online

Last week on ThreatDown:

• Watch out for CRYSTALRAY, an open source aficionado with a hunger for crypto
• Credential Dumping: How ransomware gangs steal login data and how to detect it
• WorkersDevBackdoor and MadMxShell converge in malvertising campaigns
• How the world’s worst ransomware gang avoids detection
• Patch now! July Patch Tuesday fixes two actively exploited vulnerabilities
• South Africa’s NHLS is recovering from a ransomware attack quickly, it just doesn’t feel that way
• Alabama State Department of Education stops ransomware attack but the assault on US education continues

Stay safe!

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

Competition between stealers for macOS is heating up, with a new malvertising campaign luring Mac users via a fraudulent advert for Microsoft Teams. This attack comes on the heels of the new Poseidon (OSX.RodStealer) project, another threat using a similar code base and delivery techniques.

Based on our tracking, Microsoft Teams is once again a popular keyword threat actors are bidding on, and it is the first time we have seen it used by Atomic Stealer. Communication tools like Zoom, Webex or Slack have been historically coveted by criminals who package them as fake installers laced with malware.

This latest malvertising campaign was running for at least a few days and used advanced filtering techniques that made it harder to detect. Once we were able to reproduce a full malware delivery chain, we immediately reported the ad to Google.

Top search result for Microsoft Teams

We were able to reliably search for and see the same malicious ad for Microsoft Teams which was likely paid for by a compromised Google ad account. For a couple of days, we could not see any malicious behavior as the ad redirected straight to Microsoft’s website. After numerous attempts and tweaks, we finally saw a full attack chain.

Despite showing the microsoft.com URL in the ad’s display URL, it has nothing to do with Microsoft at all. The advertiser is located in Hong Kong and runs close to a thousand unrelated ads.

Malicious redirect and payload

We confirmed the ad was indeed malicious by recording a network capture (see below). Each click is first profiled (smart[.]link) to ensure only real people (not bots, VPNs) proceed, followed by a cloaking domain (voipfaqs[.]com) separating the initial redirect from the malicious landing (decoy) page (teamsbusiness[.]org).

Victims land on a decoy page showing a button to download Teams. A request is made to a different domain (locallyhyped[.]com) where a unique payload (file name and size) is generated for each visitor.

Once the downloaded file MicrosoftTeams_v.(xx).dmg is mounted, users are instructed to open it via a right click in order to bypass Apple’s built-in protection mechanism for unsigned installers.

In the video below, we show the steps required to install this malicious application, noting that you are instructed to enter your password and grant access to the file system. This may not come as unusual for someone wanting to install a new program, but it is exactly what Atomic Stealer needs to grab keychain passwords and important files.

Following the data theft is the data exfiltration step, only visible via a network packet collection tool. A single POST request is made to a remote web server (147.45.43[.]136) with the data being encoded.

Mitigations

As cyber criminals ramp up their distribution campaigns, it becomes more dangerous to download applications via search engines. Users have to navigate between malvertising (sponsored results) and SEO poisoning (compromised websites).

To mitigate such risks, we recommend using browser protection tools that can block ads and malicious websites. Often times, threat actors will rely on redirects from ads or compromised networks that can be stopped before even downloading a malicious installer.

Malwarebytes for Mac detects this threat as OSX.AtomStealer:

Indicators of Compromise

Cloaking domain

voipfaqs[.]com

Decoy site

teamsbusiness[.]org

Download URL

locallyhyped[.]com/kurkum/script_66902619887998[.]92077775[.]php

Atomic Stealer payload

7120703c25575607c396391964814c0bd10811db47957750e11b97b9f3c36b5d

Atomic Stealer C2

147.45.43[.]136

In a new episode of Spy vs Spy, the mobile monitoring app mSpy has suffered a data breach that exposed information about millions of its customers.

As Malwarebytes Labs has reported before, the types of companies that make mobile applications that enable users to non-consensually spy and monitor on other users are also—unsurprisingly—rather lax when it comes to their own security. This is the third known mSpy data breach since the company began in around 2010.

TechCrunch reports that in May 2024, unknown attackers stole millions of customer support tickets, including personal information, emails to support, and attachments, including personal documents.

The stolen support tickets date back to 2014, so that’s a decade’s worth of support tickets, reportedly millions of individual customer service tickets and their corresponding email addresses, as well as the contents of those emails.

Sold as a parental monitoring tool, mSpy touts itself as:

“a hugely powerful phone monitoring app which can report on almost every area of your kid’s online activities (and one or two of the offline ones, too).”

Parental monitoring apps present their own complications—particularly when they’re used non-consensually against children—as they can give parents a near-omniscient, unfiltered view into their children’s lives, granting them access to text messages, shared photos, web browsing activity, locations visited, and call logs. Without getting consent from a child, these surveillance capabilities represent serious invasions of privacy.

The same is true when these types of apps are used against adults, and while mSpy may advertise itself now as a tool for parental safety, that wasn’t the case when it was founded.

In fact, in the early 2010s, mSpy promoted its monitoring capabilities against adults, including both in an office environment and in romantic relationships. Looking back at a 2014 archive of mSpy’s website, the company claims that, with mSpy, employers can “make sure your employees’ time is not wasted on writing personal emails.” In an earlier archived version of mSpy’s website from 2012, the company touts that its app can help you “discover if your partner is cheating on you.”

At Malwarebytes, we prefer to refer to these types of apps as “stalkerware” and as one of the founding members of the Coalition Against Stalkerware, we advise strongly against using these apps.

The Coalition Against Stalkerware defines stalkerware as tools—software programs, apps and devices—that enable someone to secretly spy on another person’s private life via their mobile device. The abuser can remotely monitor the whole device including web searches, geolocation, text messages, photos, voice calls and much more. Such programs are easy to buy and install. They run hidden in the background, without the affected person knowing or giving their consent. Regardless of stalkerware’s availability, the abuser is accountable for using it as a tool and hence for committing this crime.

TechCrunch analyzed where mSpy’s contacting customers were located by extracting all of the location coordinates from the dataset and plotting the data in an offline mapping tool. The results show that mSpy’s customers are located all over the world, with large clusters across Europe, India, Japan, South America, the United Kingdom, and the US.

If you fear your data may have been exposed in this or any other breaches, Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.

If you are looking for a way to remove stalkerware from your device, you have come to the right place. You can keep these and other threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

In April 2024, we reported how Apple was warning people of mercenary attacks via its threat notification system. At the time it warned users in 92 countries. In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks.

The message sent to the affected users says:

“Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.”

In the same message, Apple says that it is very likely that the person in question is being specifically targeted because of what they do or who they are. And, although there is a certain margin of error, the user should take this warning seriously.

Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Pegasus is one of the world’s most advanced and invasive spyware tools, known to utilize zero-day vulnerabilities against mobile devices.

On the website that explains Apple threat notifications and protection against mercenary spyware, it specifically mentions Pegasus:

“According to public reporting and research by civil society organizations, technology firms, and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies developing mercenary spyware on their behalf, such as Pegasus from the NSO Group.”

Apple has sent out similar notifications multiple times a year since 2021 but doesn’t disclose how it determines who to send them to, since that might aid attackers in evading future detection.

Amnesty International urges those that have received such a notification to take it seriously. Amnesty’s Security Lab offers digital forensic support to potential victims like human rights defenders, activists, journalists and members of civil society.

If you are a member of civil society, and you have received an Apple notification, you can contact Amnesty International and request forensic support using the Get Help form.

Whether you’ve received that notification or not, every iPhone user should make sure they have the latest updates, protect the device with a passcode, use multi-factor authentication and a strong password for Apple ID, only install apps from the Apple Play store, use a mobile security product, and be careful what they open or tap on.

People that have reason to believe they might be individually targeted by mercenary spyware attacks, can enable Lockdown Mode on their Apple devices for additional protection.

Lockdown Mode does the following:

• Blocks most message attachments
• Blocks incoming FaceTime calls from people you have not called previously
• Blocks some web technologies and browsing features
• Excludes location from shared phots and removes Shared Albums
• Blocks wired connections when the device is locked
• Blocks auto-joining non-secure WiFi networks
• Blocks incoming invitations from people you have not previously invited
• Blocks installation of configuration profiles you may require for work or school

How to turn on Lockdown Mode on iPhone or iPad

1. Open the Settings app.
2. Tap Privacy & Security.
3. Scroll down, tap Lockdown Mode.
4. Tap Turn On Lockdown Mode.
5. Read what it does and tap Turn On Lockdown Mode if that is what you want.
6. Tap Turn On & Restart, then enter your device passcode.

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

In a déjà-vu nightmare, US phone giant AT&T has notified customers that cybercriminals managed to download phone call and text message records of “nearly all of AT&T cellular customers from May 1, 2022 to October 31, 2022 as well as on January 2, 2023”.

In a filing with the Securities and Exchange Commission (SEC), AT&T said:

“On April 19, 2024, AT&T Inc. (“AT&T”) learned that a threat actor claimed to have unlawfully accessed and copied AT&T call logs.”

AT&T says the customer data was illegally downloaded from its workspace on a third-party cloud platform. This might be related to the Snowflake incidents we have seen several of by now.

In the statement, AT&T specifies which data it believes was stolen:

“The call and text records identify the phone numbers with which an AT&T number interacted during this period, including AT&T landline (home phone) customers. It also included counts of those calls or texts and total call durations for specific days or months.”

And which data is unlikely to be included:

“The downloaded data doesn’t include the content of any calls or texts. It doesn’t have the time stamps for the calls or texts. It also doesn’t have any details such as Social Security numbers, dates of birth, or other personally identifiable information.”

Even though the data doesn’t include customer names, there are many easy ways to find the name that’s associated with a phone number.

This is the second time AT&T has disclosed a security incident this year. Back in March, AT&T confirmed that 73 million people had been affected in a breach that people had been speculating about for some time.

Protecting yourself after a data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

• Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
• Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
• Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
• Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify the identity of anyone who contacts you using a different communication channel.
• Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
• Consider not storing your card details. It’s definitely more convenient to get sites to remember your card details for you, but we highly recommend not storing that information on websites.
• Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Check your digital footprint

Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

It seems that Peloton may have been providing more training than just for its customers, as it’s set to face court in California accused of using user chat data to train AI.

Peloton Interactive, Inc. is a US-based exercise equipment and media company, known for its stationary bicycles, treadmills, and indoor rowers equipped with internet-connected touch screens that stream live and on-demand fitness classes through a subscription service.

In June 2023, legal firm Consumer Advocates filed a class-action lawsuit alleging that AI-powered marketing firm Drift processed chat data between Peloton users and company representatives without permission.

The suit accuses Peloton of violating the anti-wiretapping California Invasion of Privacy Act (CIPA), and although the accusation names Drift, the lawsuit is only against Peloton.

The user data comes from the chat function on Peloton’s website which allows current and would-be customers to ask questions. The complaint claims that users were not made aware of the fact that Drift was recording and analyzing their chat content.

Despite Peloton’s attempts to get the case thrown out, the court allowed it to go forward, albeit with some restrictions. The issue at hand is whether or not Peloton sought the affected users’ permission before conveying their information to Drift. Although Peloton has the right to go through the chat content as it is a part of the conversation, the real problem is the passing of this information to Drift.

Drift, which was bought by Salesloft in February, is a platform that focuses on personalizing conversations at every stage of the buyer’s journey, and as such offers conversational AI for customer service and marketing.

The accusation says that website chat users were not notified that the content of the chat was automatically captured by Drift to be stored and analyzed. It is now up to the court to determine if the Peloton customers had sufficient information on how their data would be handled and whether they had the ability to agree or disagree.

With recent protests against Meta, Google, and Adobe among others, about using user’s input as training data for AI, Peloton can expect to face negative effects even if the court decides in its favor.

Either way, customers should be careful about the data they provide to chatbots.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.

Summer mega sale

Go into your vacation knowing you’re much more secure: This summer you can get a huge 50% off a Malwarebytes Standard subscription or Malwarebytes Identity bundle. Run, don’t walk!

While cybercriminals are offering free tickets to Taylor Swift Eras Tour and other events, Ticketmaster is telling would-be purchasers that these tickets will prove to be worthless.

Those who have claimed responsibility for the Ticketmaster data breach say they’ve stolen 440,000 tickets for Taylor Swift’s Eras Tour, and as proof have leaked 170k ticket barcodes. However, those barcodes are long gone, as a Ticketmaster spokesperson said:

“Ticketmaster’s SafeTix technology protects tickets by automatically refreshing a new and unique barcode every few seconds so it cannot be stolen or copied.”

The rotating barcodes that change every few seconds is a core feature that protects against “scalpers” who buy tickets from licensed sellers and then resell them at—often—huge profits. You could compare this to the “rolling code” method that most car manufacturers use to prevent car thieves from using a Flipper-Zero to steal your car. You can record and retransmit the code sent by a key fob but that exact same code will no longer work.

From past experience we can say that scalpers are usually one step ahead of the ticket platforms.

Only yesterday, the tech journalists at 404 Media reported about a lawsuit filed in California by concert giant AXS which gives readers some insight into an ongoing legal and technological battle between ticket scalpers and platforms like Ticketmaster and AXS.

404 explains that by reverse engineering the process that ticket platforms use, scalpers can generate valid tickets which they can then sell through their own platforms.

In the lawsuit, AXS says that scalpers are selling counterfeit tickets to unsuspecting customers. However, from the buyer’s standpoint—exaggerated price aside—if you paid for them and they get you in the venue, what’s the difference?

But the point is, the struggle between ticket platforms and scalpers is an arms race in which each side keeps coming up with new methods, and there is now way for the average customer to tell who is currently ahead. So buying these tickets poses a risk of losing your money.

The Ticketmaster spokesperson said:

“This is just one of many fraud protections we implement to keep tickets safe and secure.”

Unfortunately, the customer and card details of one million Ticketmaster users were not that safe and secure: The cybercriminals released that data when Ticketmaster refused to pay the ransom for the allegedly 560 million Live Nation/Ticketmaster users they managed to steal.

Either way. Be careful when buying tickets and when receiving emails about free concert tickets. They could turn out to be costly.

Check your digital footprint

Malwarebytes has a free tool for you to check how much of your personal data has been exposed online. Submit your email address (it’s best to give the one you most frequently use) to our free Digital Footprint scan and we’ll give you a report and recommendations.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.