© Jon Han
A Syrian allegedly stabbed six people in the Austrian town of Villach in a suspected Islamist terror attack that left a 14-year-old boy dead.
The post Syrian Refugee Suspected in ‘Allahu Akbar’ Mass Stabbing in Austria that left Five Injured and 14-Year-Old Dead appeared first on Breitbart.
The internet must controlled nationally based on the laws of the land. And as any asset need Identity control and monitoring. We must Protect our bordersSANS has been around since AL Gore invented the Internet. I spent many hours reading their materials in the past. Below is a list of courses. There is no one more knowledgeable.Law and protection of American assets is the only way to protect us all. Your cyber warfare I.T. guy has to be faster than the internet.The DHS Intel app, available to all Homeland Security Information Network – Intelligence (HSIN-Intel) members, enables users to view and search for intelligence information, receive alerts when new products are available, and bookmark products for future referenceCyber Info 2023 Risks on SecurityWritten by: Ferdi Gül
In this week’s Focus Friday, we examine high-impact vulnerabilities affecting Palo Alto Networks PAN-OS, Ivanti Connect Secure, Zimbra Collaboration, and Cacti, all of which pose significant third-party risk concerns. These vulnerabilities range from remote code execution (RCE) flaws to SQL injection attacks that could lead to data breaches, system takeovers, and supply chain risks.
Organizations relying on network security appliances, email collaboration tools, and monitoring frameworks must take proactive measures to assess their exposure and secure their vendor ecosystem against these threats. In this blog, we provide an in-depth Third-Party Risk Management (TPRM) perspective, detailing how these vulnerabilities could impact vendor security postures and what questions security teams should ask to mitigate risks.
Additionally, we highlight how Black Kite’s FocusTags™ provide real-time insights into vendor exposure, helping organizations prioritize remediation efforts and streamline their risk management processes.
Two high-severity vulnerabilities have been identified in Palo Alto Networks PAN-OS, affecting network security devices:
Both vulnerabilities were published on February 12, 2025. One proof-of-concept exploit is available on github.com. There is no evidence of active exploitation or inclusion in CISA’s KEV catalog at this time. However, PAN-OS vulnerabilities have been targeted in the past, making proactive mitigation crucial.
Third-party risk management (TPRM) professionals should be concerned due to the critical role of PAN-OS in enterprise cybersecurity.
For vendors relying on PAN-OS for perimeter security, exploitation of these vulnerabilities could lead to network-wide security breaches, data exposure, and compromised firewall configurations.
To assess vendor exposure, TPRM professionals should ask:
To mitigate the risk associated with these vulnerabilities, vendors should:
✔ Upgrade PAN-OS to patched versions:
✔ Update OpenConfig plugin to version 2.1.2 or later (if enabled).
✔ Restrict management interface access to trusted internal IPs only.
✔ Disable the OpenConfig plugin if not in use to reduce the attack surface.
✔ Monitor system logs for unusual access or command execution activity.
✔ Apply Palo Alto Networks’ Threat Prevention rules to block potential exploits (Threat IDs 510000, 510001).
Black Kite has tagged this issue as “PAN-OS – Feb2025” with a VERY HIGH confidence level.
The FocusTag™ was published on February 13, 2025, allowing TPRM teams to take proactive measures before potential exploitation.
Multiple critical vulnerabilities have been identified in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products:
These vulnerabilities were publicly disclosed on February 11, 2025. As of now, there is no evidence of active exploitation in the wild, and they have not been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. Other vulnerabilities to be mindful of include CVE-2024-12058 (arbitrary file read), CVE-2024-13842 (sensitive data exposure), and CVE-2024-13843 (cleartext storage of sensitive information), which, despite their lower CVSS scores, should still be carefully considered.
Third-Party Risk Management (TPRM) professionals should be concerned due to the following reasons:
To assess vendor exposure, TPRM professionals should inquire:
To mitigate the risks associated with these vulnerabilities, vendors should:
✔ Update to Patched Versions:
✔ Restrict Administrative Privileges:
✔ Implement Multi-Factor Authentication (MFA):
✔ Monitor System Logs:
✔ Apply Security Best Practices:
Black Kite has tagged these vulnerabilities under “Ivanti Connect Secure – Feb2025” with a HIGH confidence level.
Zimbra Collaboration (formerly known as Zimbra Collaboration Suite or ZCS) is an open-source and commercial groupware email platform. It includes features such as email, calendaring, contacts, task management, instant messaging, and file sharing, designed for enterprises, government institutions, and service providers.
CVE-2025-25064 is a critical SQL injection vulnerability affecting Zimbra Collaboration versions 10.0.x prior to 10.0.12 and 10.1.x prior to 10.1.4. This flaw arises from insufficient sanitization of user-supplied parameters in the ZimbraSync Service SOAP endpoint. Authenticated attackers can exploit this vulnerability by manipulating specific request parameters to inject arbitrary SQL queries, potentially allowing unauthorized retrieval of email metadata and other sensitive information. The vulnerability has a CVSS score of 9.8, indicating its critical severity, and an EPSS score of 0.05%. It was publicly disclosed on February 9, 2025. As of now, there is no evidence of active exploitation in the wild, and it has not been added to CISA’s Known Exploited Vulnerabilities catalog.
Third-Party Risk Management (TPRM) professionals should be concerned about CVE-2025-25064 due to its potential impact on email security. Zimbra Collaboration is widely used by organizations for email and collaboration services. Exploitation of this vulnerability could allow attackers to access sensitive email metadata, leading to unauthorized disclosure of confidential information. If a vendor utilizes vulnerable Zimbra Collaboration products, their compromised systems could serve as entry points for attackers, resulting in data breaches and disruptions that may affect connected organizations.
To assess and mitigate risks associated with this vulnerability, TPRM professionals should inquire:
Vendors using affected Zimbra Collaboration products should:
Black Kite has proactively addressed this issue by publishing the “Zimbra – Feb2025” FocusTag™ on February 11, 2025. This tag enables TPRM professionals to identify vendors potentially affected by CVE-2025-25064. By providing detailed asset information, including IP addresses and subdomains associated with the compromised devices, Black Kite empowers organizations to assess and mitigate risks efficiently. This actionable intelligence allows for targeted inquiries and remediation efforts, ensuring a robust third-party risk management strategy.
Cacti is an open-source network monitoring and graphing tool designed to collect, store, and visualize performance data for IT infrastructure. It is widely used by network administrators and IT professionals to monitor network devices, servers, and applications in real time.
CVE-2025-22604 is a critical security flaw in Cacti, an open-source network monitoring and fault management framework. This vulnerability allows authenticated users with device management permissions to execute arbitrary commands on the server by injecting malformed Object Identifiers (OIDs) into SNMP responses. When processed by functions like ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes(), parts of these OIDs are used as keys in an array that becomes part of a system command, leading to remote code execution (RCE). The vulnerability has a CVSS score of 9.1. It was publicly disclosed on January 26, 2025. There is no evidence of proof of exploitation at the moment.
Third-Party Risk Management (TPRM) professionals should be concerned about CVE-2025-22604 because Cacti is widely used by organizations to monitor network performance and availability. A successful exploit of this vulnerability could allow attackers to execute arbitrary commands on the server, potentially compromising system integrity and data security. This could lead to unauthorized access to sensitive information, disruption of network monitoring capabilities, and further exploitation within the organization’s network. Given the critical nature of this vulnerability and the availability of proof-of-concept exploit code, it is imperative for organizations to assess their exposure and ensure that their vendors have addressed this issue.
To assess the risk associated with this vulnerability, TPRM professionals should consider asking vendors the following questions:
Vendors should take the following actions to remediate the risk associated with CVE-2025-22604:
Black Kite has published a FocusTag™ titled “Cacti – Feb2025” to help organizations identify potential exposure to CVE-2025-22604. TPRM professionals can utilize this tag to assess their vendors’ risk related to this vulnerability. By leveraging Black Kite’s platform, professionals can identify vendors using vulnerable versions of Cacti and take proactive steps to mitigate potential risks. This includes obtaining asset information such as IP addresses and subdomains associated with the vendors’ systems, which is crucial for effective risk assessment and management.
With high-profile vulnerabilities such as PAN-OS authentication bypass (CVE-2025-0108), Ivanti Connect Secure RCE (CVE-2025-22467), Zimbra SQL injection (CVE-2025-25064), and Cacti remote code execution (CVE-2025-22604), organizations must rapidly assess third-party security risks to prevent cascading impacts. Black Kite’s FocusTags™ enable security teams to efficiently identify, analyze, and mitigate these threats by offering:
✅ Real-Time Risk Identification – Instant visibility into which vendors are affected by the latest vulnerabilities, allowing organizations to take immediate action.
✅ Risk Prioritization – Insights into vendor importance and vulnerability severity, helping security teams allocate resources effectively.
✅ Informed Vendor Engagement – Targeted discussions with vendors about their security measures and remediation strategies for identified vulnerabilities.
✅ Comprehensive Security Posture Enhancement – A holistic view of third-party risks, enabling organizations to make data-driven security decisions.
By leveraging Black Kite’s FocusTags™, organizations can stay ahead of evolving cyber threats, ensuring proactive risk mitigation in their third-party ecosystems. These tags provide critical intelligence, transforming complex vulnerability data into actionable insights for better vendor security management.
Want to take a closer look at FocusTags™?
Take our platform for a test drive and request a demo today.
Every week, we delve into the realms of critical vulnerabilities and their implications from a Third-Party Risk Management (TPRM) perspective. This series is dedicated to shedding light on pressing cybersecurity threats, offering in-depth analyses, and providing actionable insights.
https://nvd.nist.gov/vuln/detail/CVE-2025-0108
https://nvd.nist.gov/vuln/detail/CVE-2025-0110
https://security.paloaltonetworks.com/CVE-2025-0108
https://security.paloaltonetworks.com/CVE-2025-0110
https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os
https://forums.ivanti.com/s/article/KB29805?language=en_US
https://nvd.nist.gov/vuln/detail/CVE-2025-22467
https://nvd.nist.gov/vuln/detail/CVE-2024-10644
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes
https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories
https://nvd.nist.gov/vuln/detail/CVE-2025-25064
https://nvd.nist.gov/vuln/detail/CVE-2025-22604
https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36
https://securityonline.info/cve-2025-22604-cvss-9-1-remote-code-execution-flaw-in-cacti-poc-released
The post Focus Friday: Addressing Third-Party Risks in PAN-OS, Ivanti Connect Secure, Zimbra, and Cacti Vulnerabilities appeared first on Black Kite.
In a fast-paced corporate landscape, efficiency and security are key. Managing employee accounts across various platforms can be a time-consuming task, not to mention it could open your organization up to security vulnerabilities. That’s why we’re happy to introduce our latest feature developed especially for Enterprise clients – SAML-based Single Sign-On (SSO). Keep reading to discover its full benefits!
For those new to the concept, Single Sign-On (SSO) is a centralized authentication process commonly used by larger organizations. It allows users to access multiple applications with just one set of login credentials, like a digital passport to all essential corporate tools and services.
With SSO, users can easily navigate through various platforms without the hassle of remembering multiple passwords. For larger organizations with multiple employees or contractors, this means no more juggling accounts and worrying about unauthorized access. Once an employee’s rights are revoked centrally, they lose access to all connected systems simultaneously, giving employers peace of mind.
Our SAML SSO feature operates similarly to familiar login methods like Google or Apple login but is tailored for a corporate environment. The key to SAML SSO lies in the user’s email domain, which determines their identity provider (IdP) and corresponding Team in Inoreader.
We offer two primary authentication flows for SAML SSO: SP-initiated and IdP-initiated. With the SP-initiated one, users begin the login process on our website, whereas the IdP-initiated one allows them to start directly from their corporate login portal, ensuring flexibility and ease of use.
Configuring SSO for your Team is easy. Team admins can access the Single Sign-On configuration through the Team dashboard by clicking the dropdown menu under the Team’s name and selecting Manage SSO. Then, they should simply follow the prompts to complete the setup, save their settings, and start enjoying the benefits of SSO. After the initial configuration, admins can use the Inoreader Single Sign-On URL to configure their IdP-initiated flow.
Logging in with SSO is as simple as entering your corporate email on our dedicated SSO login page. Once authenticated through your IdP, you’ll be redirected back to Inoreader, ready to dive into your Team’s content.
While SSO offers unparalleled convenience and security, there are a few things to keep in mind:
At Inoreader, we’re committed to providing solutions that empower our clients. With SSO, we’re simplifying account management and improving how Teams work together. Say goodbye to scattered user data and hello to a secure and efficient workflow with SAML Single Sign-On!
Take advantage of SSO’s power within your organization! Visit your Team dashboard to set up SSO and experience seamless account management like never before. Still not in a Team?
Note: Please be aware that the SSO login method is currently unavailable for Inoreader’s mobile apps. We’re working diligently to bring this functionality to all platforms soon.
The post New Single Sign-On (SSO) feature for Enterprise clients appeared first on Inoreader blog.
Agents with the U.S. Customs and Border Protection (CBP) will no longer wear body cameras during field operations after a social media post publicized how to identify individual agents.
"All U.S. Border Patrol Agents will cease the use of body-worn cameras (BWC) in all operational environments," CBP said in a statement to NewsNation, which originally reported the news.
The directive comes after a post on Reddit claimed that the mobile application BLE Radar, which uses Bluetooth to scan for low-energy devices such as phones, smartwatches and speakers, can also track CBP body cameras from a distance of 100 yards and can also trigger improvised explosive devices.
FRUSTRATED CHICAGOANS BACK ICE DEPORTATIONS, APPLAUD DOJ LAWSUIT TARGETING SANCTUARY POLICIES
CBP officials sent out a directive following the post informing agents of a "potential security risk" while immediately pulling body cameras from use in the field.
"Pending completion of investigation and risk mitigation, all Agents will stand down the use of their BWCs [body worn cameras] until further notice. Additional guidance and information will be disseminated as it is received," the directive said.
Sources told NewsNation that the cameras used by CBP agents are Avon body cams, which the social media post claims are devices BLE Radar, which was developed by F-Droid, can detect.
The directive comes as both CBP and U.S. Immigration and Customs Enforcement (ICE) agents have ramped up enforcement efforts in the weeks since President Donald Trump took office, an effort that was a cornerstone of the president's campaign to return to the White House.
Since the beginning of February, the daily average of gotaways, or illegal immigrants who successfully enter the U.S. without being apprehended, at the southern border has fallen to just 132 per day, a 93% drop from highs seen under former President Joe Biden, a senior Department of Homeland Security source told Fox News.
Data obtained by Fox News showed that during FY 2023, 670,674 known gotaways were recorded by the agency, or more than 1,800 per day.
CLICK HERE TO GET THE FOX NEWS APP
CBP did not immediately respond to a Fox News Digital request for comment.
Fox News’ Bill Melugin and Greg Wehner contributed to this report.
Apple devices are believed to be pretty secure, and that's what the company will tell you. You might have seen the tagline "Privacy. That’s Apple." in their promotions.
However, the tech landscape is changing, and even Apple products aren’t beyond cybercriminals’ reach.
A new report suggests Mac users will need to be more vigilant this year because AI advancements are helping hackers breach even the most secure systems. I have consistently reported on how Mac malware is targeting users, and experts now believe this will only get worse.
Mac malware is not what it used to be. For years, the biggest threats were annoying adware and browser hijackers, more of a nuisance than a real danger. But that is changing fast. As highlighted by Malwarebytes, a new wave of information stealers is taking over, and they are far more dangerous, going after passwords, authentication cookies, credit card details and even cryptocurrency.
This shift started in mid-2023 with the arrival of Atomic Stealer, also known as AMOS, a piece of malware that looked much more like something you would see on Windows than the typical Mac threats. AMOS was not just effective. It was easy to use and sold as a service for $1,000 a month with a slick web-based control panel. That success led to the rise of even more dangerous variants.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
One of them, Poseidon, launched in mid-2024 and quickly became the dominant Mac stealer, responsible for 70% of infections. It can drain over 160 different cryptocurrency wallets, steal passwords from browsers and password managers and even grab VPN credentials.
At the same time, cybercriminals have doubled down on malvertising, using fake ads on Google and Bing to trick users into downloading malware instead of real software. These campaigns are highly targeted, allowing attackers to pinpoint Mac users and serve fake downloads based on their searches. With AI now being used to create and execute many of these attacks, they are likely to increase in scale.
4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH
While Mac malware is evolving, the situation on Android is even more alarming. Phishing attacks on the platform have reached staggering levels, with thousands of malicious apps designed to steal credentials and bypass security measures.
So far in 2024, researchers have detected 22,800 phishing-capable apps, alongside 3,900 apps designed to read OTPs from notification bars and 5,200 apps capable of extracting OTPs from SMS messages. These numbers highlight how widespread and effective Android phishing malware has become.
Just like phishing emails, phishing apps trick users into handing over their usernames, passwords and two-factor authentication codes. Once stolen, these credentials can be sold or used for fraud, identity theft or further cyberattacks. Because phishing apps require minimal code and fewer permissions than traditional malware, they are much easier to sneak onto app stores, including Google Play.
Many phishing apps look like regular, fully functional software. Some impersonate games or utilities, while others appear as cracked versions of popular apps like TikTok, WhatsApp or Spotify. Some stay dormant for days to avoid detection before launching their attacks. Others rely on ad functionality to redirect users to phishing sites, making the malicious code harder to trace.
Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC
Follow these essential tips to safeguard your devices from the latest malware threats, including the notorious info stealer malware.
1. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2. Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store, Google Play Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages.
3. Keep your software updated: Ensure that both macOS, Android and all installed applications are up to date. Apple and Android frequently release security patches and updates that address vulnerabilities. Enable automatic updates for macOS, Android and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated.
4. Use strong and unique passwords: To protect your Mac from malware, it’s also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here. It generates and stores complex passwords for you, making them difficult for hackers to crack.
It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you need to recall, you’re less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed Password Managers of 2025 here.
5. Use two-factor authentication (2FA): Enable 2FA for your important accounts, including your Apple ID, Google account, email and any financial services. This adds an extra step to the login process, making it harder for attackers to gain access even if they have your password.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
The days when Mac users could assume they were safe are long gone. Cybercriminals are evolving their tactics, with Mac malware shifting from simple adware to advanced information stealers. Android phishing apps are also becoming harder to detect and more widespread than ever. From stealing passwords and authentication cookies to intercepting OTPs and draining cryptocurrency wallets, these threats are growing in both sophistication and scale. No platform is immune, and as cybercriminals continue refining their techniques, users and organizations must stay ahead with strong security measures.
Do you trust official app stores like the App Store and Google Play, or do you think they need to do more to prevent malware? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
More than 161,000 counterfeit U.S. Forever stamps from China were recently seized in Chicago, U.S. Customs and Border Protection (CBP) said Thursday.
Anti-Terrorism Contraband Enforcement officers at the Chicago International Mail Branch stopped eight shipments containing a total of 161,860 fake stamps that violated trademark laws last weekend, CBP said.
All the parcels were arriving from China, according to authorities, and would be valued at over $118,000 if real.
Officers, however, were able to determine that the stamps were fraudulent based on "the very low invoice value, the routing, and the extraordinary efforts undertaken to conceal the stamps," according to CBP.
LaFonda D. Sutton-Burke, director of Field Operations-Chicago, praised the highly trained CBP officers and specialists who stopped the counterfeiters from profiting from the "very realistic" fake stamps.
"Counterfeiters only care about making a profit," Sutton-Burke said. "They don’t care about the effect that fake postage has on your ability to send important mail and overall impacts the U.S. economy."
"Our officers and specialists are some of the most highly trained in the nation, and their level of expertise is evident with these seizures," she continued. "CBP officers were able to identify these very realistic counterfeits and stop them from reaching their destinations."
AOC'S OFFICE ADVISES MIGRANTS ON HOW TO AVOID DEPORTATIONS IN LIVE WEBINAR
While the quality of the seized fraudulent stamps was poor, CBP warned that advances in counterfeiting are improving the quality so much so that most consumers may not detect the differences between fake and authentic stamps.
An uptick in counterfeit U.S. Postal Service postage stamps typically occurs around holidays, especially "high volume card holidays like Valentine’s Day," authorities said.
CBP reminded the public that authentic postage stamps are produced at the U.S. Bureau of Engraving & Printing in the United States.
Apple devices are believed to be pretty secure, and that's what the company will tell you. You might have seen the tagline "Privacy. That’s Apple." in their promotions.
However, the tech landscape is changing, and even Apple products aren’t beyond cybercriminals’ reach.
A new report suggests Mac users will need to be more vigilant this year because AI advancements are helping hackers breach even the most secure systems. I have consistently reported on how Mac malware is targeting users, and experts now believe this will only get worse.
Mac malware is not what it used to be. For years, the biggest threats were annoying adware and browser hijackers, more of a nuisance than a real danger. But that is changing fast. As highlighted by Malwarebytes, a new wave of information stealers is taking over, and they are far more dangerous, going after passwords, authentication cookies, credit card details and even cryptocurrency.
This shift started in mid-2023 with the arrival of Atomic Stealer, also known as AMOS, a piece of malware that looked much more like something you would see on Windows than the typical Mac threats. AMOS was not just effective. It was easy to use and sold as a service for $1,000 a month with a slick web-based control panel. That success led to the rise of even more dangerous variants.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
One of them, Poseidon, launched in mid-2024 and quickly became the dominant Mac stealer, responsible for 70% of infections. It can drain over 160 different cryptocurrency wallets, steal passwords from browsers and password managers and even grab VPN credentials.
At the same time, cybercriminals have doubled down on malvertising, using fake ads on Google and Bing to trick users into downloading malware instead of real software. These campaigns are highly targeted, allowing attackers to pinpoint Mac users and serve fake downloads based on their searches. With AI now being used to create and execute many of these attacks, they are likely to increase in scale.
4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH
While Mac malware is evolving, the situation on Android is even more alarming. Phishing attacks on the platform have reached staggering levels, with thousands of malicious apps designed to steal credentials and bypass security measures.
So far in 2024, researchers have detected 22,800 phishing-capable apps, alongside 3,900 apps designed to read OTPs from notification bars and 5,200 apps capable of extracting OTPs from SMS messages. These numbers highlight how widespread and effective Android phishing malware has become.
Just like phishing emails, phishing apps trick users into handing over their usernames, passwords and two-factor authentication codes. Once stolen, these credentials can be sold or used for fraud, identity theft or further cyberattacks. Because phishing apps require minimal code and fewer permissions than traditional malware, they are much easier to sneak onto app stores, including Google Play.
Many phishing apps look like regular, fully functional software. Some impersonate games or utilities, while others appear as cracked versions of popular apps like TikTok, WhatsApp or Spotify. Some stay dormant for days to avoid detection before launching their attacks. Others rely on ad functionality to redirect users to phishing sites, making the malicious code harder to trace.
Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC
Follow these essential tips to safeguard your devices from the latest malware threats, including the notorious info stealer malware.
1. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2. Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store, Google Play Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages.
3. Keep your software updated: Ensure that both macOS, Android and all installed applications are up to date. Apple and Android frequently release security patches and updates that address vulnerabilities. Enable automatic updates for macOS, Android and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated.
4. Use strong and unique passwords: To protect your Mac from malware, it’s also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here. It generates and stores complex passwords for you, making them difficult for hackers to crack.
It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don’t have to remember them yourself. By reducing the number of passwords you need to recall, you’re less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed Password Managers of 2025 here.
5. Use two-factor authentication (2FA): Enable 2FA for your important accounts, including your Apple ID, Google account, email and any financial services. This adds an extra step to the login process, making it harder for attackers to gain access even if they have your password.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
The days when Mac users could assume they were safe are long gone. Cybercriminals are evolving their tactics, with Mac malware shifting from simple adware to advanced information stealers. Android phishing apps are also becoming harder to detect and more widespread than ever. From stealing passwords and authentication cookies to intercepting OTPs and draining cryptocurrency wallets, these threats are growing in both sophistication and scale. No platform is immune, and as cybercriminals continue refining their techniques, users and organizations must stay ahead with strong security measures.
Do you trust official app stores like the App Store and Google Play, or do you think they need to do more to prevent malware? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Cyberscams have reached alarming levels in the U.S., with nearly 30% of Americans falling victim to fraudulent schemes in the past year alone.
The financial toll is staggering — scams cost Americans over $159 billion annually, with average individual losses now exceeding $3,500 per victim. This epidemic is not just a financial crisis but also a human rights issue, as many scams originate from forced labor operations in Southeast Asia.
With nearly 90% of Americans targeted by scam attempts and 40% receiving suspicious messages daily, the question remains: how can we protect ourselves and hold perpetrators accountable in an increasingly digital world?
One of the most pervasive scams today is the so-called "pig butchering" scheme. Originating in China and spreading across Southeast Asia, this scam involves criminals building trust with victims through social media or messaging apps. Once trust is established, victims are lured into fraudulent cryptocurrency investment schemes. These scams are meticulously crafted to appear legitimate, often involving fake trading platforms and simulated profits. Victims are encouraged to invest more until they are "slaughtered," losing their entire savings when the scammers vanish with their funds.
9 WAYS SCAMMERS CAN USE YOUR PHONE NUMBER TO TRY TO TRICK YOU
What makes these scams even more horrifying is their reliance on human trafficking. Criminal syndicates in countries like Myanmar, Cambodia and Laos force trafficked individuals to run these operations under threat of violence. These "scam centers" operate in lawless regions controlled by rebel groups or corrupt officials, making international intervention challenging. Survivors describe conditions akin to modern slavery, with physical abuse and even torture being common.
Cyberscams have taken hold in the U.S. for several reasons that make it particularly vulnerable. As an American, you’re likely connected to the digital world through social media platforms, messaging apps and other online tools. This high level of connectivity makes it easier for scammers to reach you directly, whether through a text message, email or social media chat. The sheer number of people online in the U.S. creates a vast pool of potential targets for cybercriminals.
Additionally, the growing popularity of cryptocurrency in the U.S. has made it a prime medium for fraud. Cryptocurrency transactions are fast, anonymous and difficult to trace, which makes them ideal for scammers looking to steal funds without leaving a trail. Many scams are designed to exploit this lack of transparency, leaving victims with little chance of recovering their money once it’s gone.
Another major issue is the lack of a centralized reporting system for cyberscams in the U.S. If you’ve ever been scammed or know someone who has, you might have noticed how confusing it can be to figure out where to report the crime — whether to the FBI, the Federal Trade Commission (FTC) or another agency. This fragmented system not only makes it harder for victims to seek help but also prevents authorities from gathering comprehensive data to tackle the problem effectively. These factors combined have made Americans some of the most targeted individuals in the world when it comes to cyberscams.
FBI'S NEW WARNING ABOUT AI-DRIVEN SCAMS THAT ARE AFTER YOUR CASH
Several countries have implemented innovative measures to combat cyberscams, offering valuable lessons for the U.S. Singapore, for instance, has introduced a mandatory SMS Sender ID Registry (SSIR) that requires organizations to register their alphanumeric Sender IDs. This system effectively blocks unregistered SMS senders, significantly reducing impersonation scams. In fact, cases involving scam SMSes in Singapore fell by 70% over three months after mandating the SSIR.
Britain has taken a different approach by establishing a dedicated "159" hotline, allowing residents to instantly verify suspicious calls. This simple yet effective system provides a quick way for individuals to check the legitimacy of unexpected communications, potentially preventing many scams before they occur.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Many nations have also implemented stricter authentication measures, such as biometric checks and in-app verifications, which have proven highly effective in reducing fraud. For example, Singapore has required facial verification for higher-risk transactions through Singpass since 2022, resulting in no further reports of malware-enabled scams involving unauthorized CPF withdrawals since its implementation in June 2023.
Some countries are exploring ways to slow down cryptocurrency transactions or cap transfer amounts, which could significantly hinder scammers who rely on quick, anonymous transfers. These measures, combined with a coordinated global response involving major victim nations like the U.S. and China, could prove instrumental in dismantling criminal networks more effectively. By learning from these international examples and adapting them to the American context, the U.S. could significantly strengthen its defenses against the rising tide of cyberscams.
Recognizing red flags is essential to avoid falling victim to scams. Here are some important red flags to be aware of:
Protecting yourself and your loved ones from scams requires vigilance and awareness. Here are eight effective ways to safeguard against scammers:
1. Verify before you act: Always verify the identity of the person or organization contacting you. Use official contact information to reach out directly and confirm the legitimacy of the request.
2. Limit personal information sharing: Avoid sharing personal or financial information over the phone, email or online unless you are certain of the recipient's identity and legitimacy.
3. Use strong, unique passwords for all your accounts: A robust password should include a mix of uppercase and lowercase letters, numbers and symbols. Avoid reusing passwords across multiple platforms, and consider using a reputable password manager to store and generate complex passwords securely.
4. Enable two-factor authentication (2FA) wherever possible: 2FA adds an extra layer of security by requiring a secondary verification method, such as a code sent to your phone or biometric authentication. This ensures that even if your password is compromised, unauthorized access remains highly unlikely.
5. Keep your devices and software up to date: By regularly installing the latest updates and security patches, you can ensure your devices are equipped with the latest security features and bug fixes, reducing the risk of becoming a target for cyberattacks. Many cyberattacks exploit unpatched vulnerabilities, so enabling automatic updates for your operating system, apps and antivirus software can significantly reduce your risk.
GET FOX BUSINESS ON THE GO BY CLICKING HERE
6. Invest in personal data removal services: Consider using a service that specializes in removing your personal information from the internet to reduce your exposure to potential scammers. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
7. Monitor financial accounts: Regularly check your bank and credit card statements for any unusual or unauthorized transactions. Promptly report any suspicious activity.
8. Be skeptical of unsolicited requests: Treat unexpected requests for money or personal information with caution. Scammers often create a sense of urgency to pressure you into acting quickly.
9. Be vigilant against phishing attempts and use strong antivirus software: Avoid clicking on links or downloading attachments from unsolicited emails or messages. Ensure your devices are protected with strong antivirus software that can detect and block malicious activities. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
10. Report Suspected Scams: If you suspect you've encountered a scam, report it to your local authorities, the Federal Trade Commission (FTC), and any relevant financial institutions.
SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES
The rise of cyberscams is not just an economic issue but a moral one that demands immediate action. With billions lost annually and countless lives disrupted, we cannot afford complacency in addressing this crisis. By learning from global best practices and fostering international collaboration, we can begin to dismantle these criminal networks. Be sure to follow the steps I outlined to keep yourself safe.
What do you think should be done to tackle cyberscams more effectively? Should governments focus on stricter regulations or public education campaigns? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you'd like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Leaders from key European countries will gather Monday to discuss the continent's security in a rushed meeting as U.S. efforts to end the Ukraine war pick up speed. France's President Emmanuel Macron will lead the hastily convened meeting in Paris.
The post Trump Effect: E.U. Countries Launch Rushed Summit on Ukraine, European Security appeared first on Breitbart.
The Trump administration has reportedly called on European nations to outline the number of troops and weapons they are willing to commit to a peacekeeping force in Ukraine amid growing complaints from the continent of being sidelined from negotiations.
The post Put Up or Shut Up: Trump Admin Reportedly Calls on Europeans to List Troops and Weapons Available for Ukraine Peacekeeping Force appeared first on Breitbart.
The heavy precision-guided bombs that then-President Joe Biden withheld from Israel last year arrived in Israel on Saturday night after being released by President Donald Trump.
The post Heavy Bombs Withheld by Biden Arrive in Israel, Thanks to Trump appeared first on Breitbart.
Login