<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0"
     xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="https://purl.org/dc/elements/1.1/"
     xmlns:dcterms="http://purl.org/dc/terms/"
     xmlns:media="http://search.yahoo.com/mrss/"
     xmlns:atom="http://www.w3.org/2005/Atom"
>
    <channel>
                    <atom:link rel="alternate" hreflang="en-GB"
                       href="https://www.laptopmag.com/uk/feeds/tag/antivirus-cyber-security"
                       type="application/rss+xml"/>
                            <title><![CDATA[ Latest from Laptop Mag UK in Antivirus-cyber-security ]]></title>
                <link>https://www.laptopmag.com/uk/software/antivirus-cyber-security</link>
        <description><![CDATA[ All the latest antivirus-cyber-security content from the Laptop Mag  UK team ]]></description>
                                    <lastBuildDate>Wed, 25 Jun 2025 22:00:00 +0000</lastBuildDate>
                            <language>en</language>
                                <item>
                                                            <title><![CDATA[ Sick of YouTube ads? I've got a few tricks that might help get rid of them ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/sick-of-youtube-ads</link>
                                                                            <description>
                            <![CDATA[ Google is getting more aggressive with YouTube ads every day, but we've got a few suggestions for how to get around them ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">iz89QeXDbL9tyKFdTH6BhP</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/dLARDzu3oNGTPQjZapLcyd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 25 Jun 2025 22:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Chris Stobing ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/9ohCLRU4rHHGytfVqZnC23.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Chris Stobing grew up in the heart of Silicon Valley and has been involved with technology since the 1990s. Previously at &lt;em&gt;PCMag&lt;/em&gt;, I was a hardware analyst benchmarking and reviewing consumer gadgets and PC hardware such as desktop processors, GPUs, monitors, and internal storage. &lt;/p&gt;&lt;p&gt;He&#039;s also worked as a freelancer for &lt;em&gt;Gadget Review&lt;/em&gt;, &lt;em&gt;VPN.com&lt;/em&gt;, and &lt;em&gt;Digital Trends&lt;/em&gt;, wading through seas of hardware and software at every turn. In his free time, you’ll find Chris shredding the slopes on his snowboard in the Rocky Mountains where he lives, or using his culinary-degree skills to whip up a dish in the kitchen for friends.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/dLARDzu3oNGTPQjZapLcyd-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[How to delete your YouTube watch history]]></media:description>                                                            <media:text><![CDATA[How to delete your YouTube watch history]]></media:text>
                                <media:title type="plain"><![CDATA[How to delete your YouTube watch history]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/dLARDzu3oNGTPQjZapLcyd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>As Google continues to <a href="https://www.laptopmag.com/software/youtube-has-taken-a-drastic-step-in-its-war-on-ad-blockers" target="_blank">ramp up pressure on ad blocking methods </a>like browser extensions and VPNs, the cat-and-mouse game between the blockers and Mountain View has grown in breadth and complexity. </p><h2 id="what-are-the-best-ways-to-block-ads-on-youtube">What are the best ways to block ads on YouTube?</h2><p>First, we should establish the two platforms you can access YouTube on: mobile and desktop. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1705px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="uiARYeYnqhHrbkms8DYJ9W" name="YouTube-iOS.png" alt="YouTube app in a folder on iOS" src="https://cdn.mos.cms.futurecdn.net/uiARYeYnqhHrbkms8DYJ9W.png" mos="" align="middle" fullscreen="" width="1705" height="959" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Laptop Mag)</span></figcaption></figure><p>If you’re accessing YouTube via desktop, you have several options to block YouTube ads including web browser extensions and VPNs.</p><p>Meanwhile, if you access YouTube through the mobile app, your only effective ad blocking method will be a VPN. But those results may be spotty, as we’ll get into later. </p><h2 id="how-can-you-block-ads-on-desktop-youtube">How can you block ads on desktop YouTube?</h2><p>The fastest, and generally most reliable way to block ads on YouTube while browsing on your desktop is to use an extension that’s embedded in your web browser.</p><p>The two most popular options at the time of this writing are <a href="https://adblockplus.org/" target="_blank">AdBlock Plus</a>, and <a href="https://ublockorigin.com/" target="_blank">uBlock Origin</a>, however the latter comes with a catch. Since uBlock has proven incredibly effective at getting around Google’s efforts to show ads on desktop YouTube, the company <a href="https://www.laptopmag.com/software/browsers-search-engines/google-chrome-update-could-doom-your-adblocker-heres-what-you-need-to-know" target="_blank">has disabled access to the extension entirely</a> if you’re trying to install it on a Google Chrome browser.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:3596px;"><p class="vanilla-image-block" style="padding-top:66.66%;"><img id="nBrLrF6VZRuVoWZGLr5NJ" name="GettyImages-1211180803.jpg" alt="BERLIN, GERMANY - APRIL 22: The logo of the webbrowser Google Chrome is shown on the display of a smartphone on April 22, 2020 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)" src="https://cdn.mos.cms.futurecdn.net/nBrLrF6VZRuVoWZGLr5NJ.jpg" mos="" align="middle" fullscreen="" width="3596" height="2397" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><p>That said, ABP is still available on Chrome as of this writing, and is just as effective in most instances. You can also continue to use uBlock Origin on alternative browsers, such as Firefox, Microsoft Edge, and Opera.</p><p>The second method of blocking ads on YouTube using your desktop is to install a virtual private network, or VPN. </p><p>VPNs come in many shapes and sizes, at every price point from free, up to around $15 per month. And while most of the top options in the category, like <a href="https://nordvpn.com/" target="_blank">NordVPN</a>, <a href="https://surfshark.com" target="_blank">Surfshark VPN</a>, and <a href="https://windscribe.com/" target="_blank">Windscribe VPN,</a> all have ad blockers built in, dozens of others don’t.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="sQ8a5GGseMcVbmkddUpqqj" name="iOS_6.jpg" alt="NordVPN App" src="https://cdn.mos.cms.futurecdn.net/sQ8a5GGseMcVbmkddUpqqj.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: NordVPN)</span></figcaption></figure><p>This is why we suggest carefully reviewing the feature list of your preferred VPN before committing to a subscription, to ensure the service offers some level of ad blocking on its network. This issue is further compounded by the fact that even though your VPN may offer an ad blocker, the only way to find out if it will successfully block a YouTube ad (some do, some don’t) is to try the service out for yourself. </p><p>If you’re worried about compatibility, some VPNs offer a short trial period that allows you to test the service ahead of time. Most also support a 30- to 90-day money-back guarantee in case the VPN doesn’t perform as expected.</p><h2 id="how-can-you-block-ads-on-mobile-youtube">How can you block ads on mobile YouTube?</h2><p>As mentioned earlier, the primary method for blocking YouTube in the mobile app is via a VPN.</p><p>Because the YouTube app is developed and maintained directly by Google, there’s no way to install an extension on top of the app that could capably block ads. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:66.67%;"><img id="YpoBPjGDZZW2g4AG4kKNrY" name="asking ai questions youtube.jpg" alt="asking youtube ai questions" src="https://cdn.mos.cms.futurecdn.net/YpoBPjGDZZW2g4AG4kKNrY.jpg" mos="" align="middle" fullscreen="" width="1920" height="1280" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Google)</span></figcaption></figure><p>Previously, there had been a number of third-party ad blocking apps that were available on iOS and Android, but since Google's latest crackdown users have reported that most of them have lost all functionality.</p><p>Mobile VPNs, meanwhile, take control of the internet pipe for the entire device. This means it can filter out certain types of traffic, including ads, before they’re delivered to your device through the YouTube app. </p><p>However, a word of caution. As spotty as ad blocking can be for VPNs on desktops, it’s even spottier on mobile. Due to limitations on what parts of your device the VPN can access, especially on iOS, the success rates for VPN-based ad blocking are even lower than on desktop. Once again, the only way to find out if VPN ad blocking will work for your device, in your region, is to sign up for a subscription and try it out yourself.</p><h2 id="which-vpns-are-best-for-blocking-ads">Which VPNs are best for blocking ads?</h2><p>As we’ve said, no VPN is ever a 100% surefire method for getting around Google’s ads on the YouTube platform. That said, a rule of thumb in the VPN space is, generally, “bigger = better.”</p><p>This means the larger a VPN company is, the more resources it will have to bolster its ad blocking efforts while also adding more features alongside ad blocking that make for a more holistic online privacy experience. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:970px;"><p class="vanilla-image-block" style="padding-top:56.29%;"><img id="VZytxCar4cphejUSSwSf89" name="LPT-NordVPN-1.jpg" alt="Tips for safer online shopping: Protect your personal information" src="https://cdn.mos.cms.futurecdn.net/VZytxCar4cphejUSSwSf89.jpg" mos="" align="middle" fullscreen="" width="970" height="546" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: NordVPN)</span></figcaption></figure><p>At LaptopMag, we’re especially partial to some of the biggest names in the game including NordVPN and Surfshark VPN. Both VPNs are deeply rich in features (including ad blocking), and also support massive global networks of servers.</p><p>The more servers the VPN supports, the more likely you are to find an option that’s close to you. The closer a VPN server is, the faster it will be, and the higher your bandwidth stays while doing everything from streaming videos on YouTube or Netflix, to gaming, and more.</p><p>Right now NordVPN is running a special deal for new subscribers, and <a href="https://go.nordvpn.net/aff_c?offer_id=564&aff_id=3013&url_id=31010&aff_sub1=LM" target="_blank">you can click here to find out more</a> about the money you might save on your next VPN!</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>MORE FROM LAPTOP MAG</span></h3><ul><li><strong></strong><a href="https://www.laptopmag.com/gaming/rog-ally-x-vs-rog-xbox-ally-x"><strong>ROG Ally X vs. Xbox Ally X: Real differences or clever rebranding?</strong></a><strong></strong></li><li><strong></strong><a href="https://www.laptopmag.com/laptops/great-value-cheap-laptops-under-1000-2025"><strong>Cheap laptops aren't always a great value — here are 3 budget laptops I love</strong></a><strong></strong></li><li><strong></strong><a href="https://www.laptopmag.com/laptops/windows-laptops/how-to-get-microsoft-esu-for-windows-10-free"><strong>Microsoft just threw Windows 10 users a free lifeline — but it could test your loyalty</strong></a><strong></strong></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Banking Trojans have hit millions of Android devices in 2025 — here are the biggest threats and how to protect yourself ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/android-malware-threats-early-2025</link>
                                                                            <description>
                            <![CDATA[ Millions of Android devices were hit with banking Trojans already in 2025. Here are the biggest threats to Android devices in 2025 and how to protect yourself. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">uUgNbnCRjomNs8hZz9wxQa</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 16 Jun 2025 21:47:26 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Feodora Chiosea]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Android banking trojan]]></media:description>                                                            <media:text><![CDATA[Android banking trojan]]></media:text>
                                <media:title type="plain"><![CDATA[Android banking trojan]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Android malware remains a massive danger in 2025, with a <a href="https://securelist.com/malware-report-q1-2025-mobile-statistics/116676/" target="_blank" rel="nofollow">June 5 mobile threat report from Kaspersky</a> revealing that 12.1 million attacks were conducted on Android devices running Kaspersky software between January and March 2025. </p><p>Now, considering that number doesn't include the majority of the world's 3.3 billion Android OS devices that aren't using Kaspersky, you get an idea of the scale of this concern.</p><p>Trojans were the most common threat, accounting for 40% of the total malware infections. Trojans are viruses that trick you into installing them on your phone to steal data, gain access to your banking apps, spy on you, or drain cryptocurrency accounts, so they should not be taken lightly.</p><p>Let's examine the current malware landscape on Android and learn how to protect yourself against the most common threats.</p><h2 id="the-most-vulnerable-android-devices">The most vulnerable Android devices</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2594px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="oBeYoYKqsmXSabyLrmqnwD" name="LPT-Android-12-LIST.jpg" alt="Android 12 home screen on a Pixel phone resting on a wooden floor." src="https://cdn.mos.cms.futurecdn.net/oBeYoYKqsmXSabyLrmqnwD.jpg" mos="" align="middle" fullscreen="" width="2594" height="1459" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Laptop Mag)</span></figcaption></figure><div><blockquote><p>Anyone running Android 12 (or earlier) on their device is particularly vulnerable</p></blockquote></div><p>Keeping your software and operating system up to date is one of the easiest ways to stay safe. Before delving deeper into the report's findings, it's worth noting that anyone running Android 12 (or earlier) on their device is particularly vulnerable. Google ended security updates for that version in March 2025. Since then, <a href="https://source.android.com/docs/security/bulletin/2025-04-01" target="_blank" rel="nofollow">Google has patched 133 high-severity and four critical-severity threats</a>.</p><p>Android 12 was launched in October 2021 and is currently installed on approximately 12% of all Android devices, according to <a href="https://gs.statcounter.com/android-version-market-share" target="_blank" rel="nofollow">Statcounter's</a> May 2025 figures. That's nearly 400 million Android devices worldwide, including popular phones such as the Samsung Galaxy S10 lineup (released in March 2019) and Google's Pixel 3 (released in October 2018). </p><p>So, if you are someone who likes to hang onto your phone for a long time, this is the moment to let that old phone go and make the upgrade. Devices without security software updates pose a significant threat to your safety. The good news is that it doesn't have to be that expensive. Check our best phone deals for options starting as low as $169.</p><h2 id="mamont-banking-trojan-was-the-biggest-threat-in-early-2025">Mamont banking Trojan was the biggest threat in early 2025</h2><p>Mamont is off to a banner year in 2025, which is not something you want to hear when it comes to malware. Between January and March, it accounted for three of the top five mobile malware threats, an increase of more than 15 percent compared to October to December of 2024.</p><p>How is Mamont spreading so fast? Social engineering is the key, as these Trojans masquerade as legit apps to gain high-level permissions on the victims' devices.</p><p>Mamont is a threat to anyone who sideloads apps, so be particularly wary if you’ve done so lately. Double-check your permissions and keep one eye on your bank account. Mamont can pose as the Chrome app, a delivery tracking app, or a video file, among numerous alternatives.</p><h2 id="don-t-buy-that-off-brand-android-phone">Don't buy that off-brand Android phone</h2><p>Motorola offers affordable Android phones for under $200, so please don't bite on extreme budget Android phones. </p><p><em><strong>See also: </strong></em><a href="https://www.laptopmag.com/phones/trump-phone-what-we-know" target="_blank"><em><strong>The Trump Mobile T1 phone: A ridiculous claim may doom it to fail</strong></em></a><em><strong></strong></em></p><p>Kaspersky has found several off-brand phones loaded with a backdoor Trojan called Triada so far this year. The Trojan is active from the moment a user powers on their phone.</p><p>It can replace browser links, steal your login data, steal cryptocurrency, or inject malicious code into apps without you realizing it. The people behind Triada have stolen over a quarter of a million dollars in crypto from victims. </p><h2 id="your-phone-is-your-most-valuable-possession">Your phone is your most valuable possession</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2121px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="6hhM6hd9p8asZnaYFRanpi" name="GettyImages-1401122783 Cropped.jpg" alt="Getty Images" src="https://cdn.mos.cms.futurecdn.net/6hhM6hd9p8asZnaYFRanpi.jpg" mos="" align="middle" fullscreen="" width="2121" height="1193" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images/cyano66)</span></figcaption></figure><p>In 2025, your phone will undoubtedly be the most valuable thing you own, as it has access to virtually everything else.</p><p>Again, this means ensuring you don't skip the operating system updates that your phone is prompting you about. Stop putting them off and update now; it'll only take a few minutes. </p><p>Only download apps from the Play Store. Although there have been instances of malware infiltrating the Play Store, it is vastly safer than installing apps from the open web.</p><p>Go to Settings and search for Permission Manager to review the permissions you've granted to every app on your phone. Pay careful attention to any apps with Accessibility or Device Admin rights, as these are often critical for malware.</p><p>Use a mobile <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps">antivirus app</a> to protect your phone from malware further. These apps can move faster against attackers than a software update from Google or Samsung, so it's a sound early defense system.</p><p>Finally, for any critical accounts, enable <a href="https://www.laptopmag.com/news/beware-subscription-malware-arms-hackers-with-tools-to-steal-your-private-data">two-factor authentication,</a> as this can potentially stop cybercriminals from gaining access to your accounts even if your device is infected with malware.</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>MORE FROM LAPTOP MAG</span></h3><ul><li><strong></strong><a href="https://www.laptopmag.com/phones/trump-phone-what-we-know"><strong>The Trump Mobile T1 phone: A ridiculous claim may doom it to fail</strong></a><strong></strong></li><li><strong></strong><a href="https://www.laptopmag.com/laptops/windows-laptops/windows-11-vista-bug-apple-liquid-glass"><strong>Windows 11 'bug' throws shade at Apple's Liquid Glass, but Microsoft is playing innocent</strong></a><strong></strong></li><li><strong></strong><a href="https://www.laptopmag.com/laptops/macbooks/rumors-hint-major-redesign-macbook-pro-2026"><strong>Rumors hint at a major redesign for the MacBook Pro in 2026. Here's what we know so far.</strong></a><strong></strong></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ NordVPN CEO upends a common assumption about VPN servers: It's "basically not very true." ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/nordvpn-challenges-industry-server-counts</link>
                                                                            <description>
                            <![CDATA[ Ever wondered why VPN companies are so competitive about their server counts? So has NordVPN's CEO, and his company wants to rewrite VPN marketing forever. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">zVthBaxmebxs8Ddd3tB8cY</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/VZytxCar4cphejUSSwSf89-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 11 Jun 2025 20:16:33 +0000</pubDate>                                                                                                                                <updated>Wed, 11 Jun 2025 21:13:03 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Chris Stobing ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/9ohCLRU4rHHGytfVqZnC23.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Chris Stobing grew up in the heart of Silicon Valley and has been involved with technology since the 1990s. Previously at &lt;em&gt;PCMag&lt;/em&gt;, I was a hardware analyst benchmarking and reviewing consumer gadgets and PC hardware such as desktop processors, GPUs, monitors, and internal storage. &lt;/p&gt;&lt;p&gt;He&#039;s also worked as a freelancer for &lt;em&gt;Gadget Review&lt;/em&gt;, &lt;em&gt;VPN.com&lt;/em&gt;, and &lt;em&gt;Digital Trends&lt;/em&gt;, wading through seas of hardware and software at every turn. In his free time, you’ll find Chris shredding the slopes on his snowboard in the Rocky Mountains where he lives, or using his culinary-degree skills to whip up a dish in the kitchen for friends.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/VZytxCar4cphejUSSwSf89-1280-80.jpg">
                                                            <media:credit><![CDATA[NordVPN]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Tips for safer online shopping: Protect your personal information]]></media:description>                                                            <media:text><![CDATA[Tips for safer online shopping: Protect your personal information]]></media:text>
                                <media:title type="plain"><![CDATA[Tips for safer online shopping: Protect your personal information]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/VZytxCar4cphejUSSwSf89-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>In <a href="https://www.laptopmag.com/best-picks/best-vpn-services" target="_blank">the world of virtual private networks (VPNs),</a> company marketing is crucial for customer acquisition. Because the products of different providers are so similar, many VPN companies will do anything and everything to stand out. This includes boasting about the number of servers offered on their VPN network. </p><p>But just how important is this figure, and should it be the determining factor in your next purchase decision? <a href="http://go.nordvpn.net/aff_c?offer_id=564&aff_id=3013&url_id=10992" target="_blank" rel="nofollow sponsored"><strong>VPN juggernaut Nord</strong></a> thinks maybe not.</p><h2 id="how-we-got-here">How we got here</h2><p>Because VPNs aren’t the most technically complex products to create and maintain, there has been a flood of providers over the years.</p><p>In such a crowded field with a low barrier to entry, any metric worth mentioning is likely to be picked up by the marketing department and plastered on the home page or any other available advertising channel.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="sQ8a5GGseMcVbmkddUpqqj" name="iOS_6.jpg" alt="NordVPN App" src="https://cdn.mos.cms.futurecdn.net/sQ8a5GGseMcVbmkddUpqqj.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: NordVPN)</span></figcaption></figure><p>Historically, these metrics have often been related to things like speeds, server counts, the number of supported devices, and extra features. However, as most of those are easy for each VPN to match against others, the advertising arms race for “bigger number = better” has focused almost entirely on server counts.</p><div class="product star-deal"><a data-dimension112="1c4a34c5-118a-4a50-886e-c0abba2bd8ff" data-action="Star Deal Block" data-label="Features: 1GB of free eSIM data, secure, high-speed VPN, threat protection, and keep up to 10 devices secured simultaneously." data-dimension48="Features: 1GB of free eSIM data, secure, high-speed VPN, threat protection, and keep up to 10 devices secured simultaneously." data-dimension25="$59.88" href="http://go.nordvpn.net/aff_c?offer_id=564&aff_id=3013&url_id=10992" target="_blank" rel="nofollow"><figure class="van-image-figure "  ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:700px;"><p class="vanilla-image-block" style="padding-top:100.00%;"><img id="dajLSJhGi5KhidU6d54MaW" name="NordVPN-logo" caption="" alt="" src="https://cdn.mos.cms.futurecdn.net/dajLSJhGi5KhidU6d54MaW.png" mos="" align="middle" fullscreen="" width="700" height="700" attribution="" endorsement="" credit="" class=""></p></div></div></figure></a><div><span class="product__star-deal-label">Save 56%</span><p><strong>Features</strong>: 1GB of free eSIM data, secure, high-speed VPN, threat protection, and keep up to 10 devices secured simultaneously. <a class="view-deal button" href="http://go.nordvpn.net/aff_c?offer_id=564&aff_id=3013&url_id=10992" target="_blank" rel="nofollow" data-dimension112="1c4a34c5-118a-4a50-886e-c0abba2bd8ff" data-action="Star Deal Block" data-label="Features: 1GB of free eSIM data, secure, high-speed VPN, threat protection, and keep up to 10 devices secured simultaneously." data-dimension48="Features: 1GB of free eSIM data, secure, high-speed VPN, threat protection, and keep up to 10 devices secured simultaneously." data-dimension25="$59.88">View Deal</a></p></div></div><h2 id="why-is-a-high-server-count-good">Why is a high server count good?</h2><p>In essence, the larger a VPN network is and the more servers it offers, the more likely it is you’ll be able to find one close to your geographical location.</p><p>Overall the closer a server is to you, or the larger number of servers you have to choose from in a particular region, the better performance you can expect from the service. This is because each server has a particular load amount, and the more people that are trying to use a single server, the slower the speeds will be.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="pR44L4GJ5K5rJR7cGh5HT" name="PEXELS-kevin-paster-1923286.jpg" alt="person using a vpn service on a laptop" src="https://cdn.mos.cms.futurecdn.net/pR44L4GJ5K5rJR7cGh5HT.jpg" mos="" align="middle" fullscreen="" width="2000" height="1125" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Pexels)</span></figcaption></figure><p>However, one company, NordVPN, is trying to change this longstanding narrative. In <a href="https://www.techradar.com/vpn/vpn-services/vpn-server-count-doesnt-matter-nordvpn-throws-a-challenge-to-the-vpn-industry" target="_blank">a recent interview with <em>TechRadar</em></a>, the company’s CEO Marijus Briedies was quoted on the issue, stating, "The idea that the more VPN servers you have, the better you are, is basically not very true. So, we have to start talking about this.”</p><p>Briedies argues that server <em>quality</em>, over quantity alone, is more indicative of the experience VPN users can expect. Briedies claims his company caps every server at just 30% load volume, which means more bandwidth is available for each user connected at one time. </p><p>That said, in general, if a VPN offers more servers, the more broadly the network can spread those users when connecting in high-traffic areas like Tokyo or New York City. So, in most cases, yes, a bigger number <em>is</em> better in the long run.</p><h2 id="what-should-you-look-for-in-your-next-vpn">What should you look for in your next VPN?</h2><p>So, what does this all add up to? While server count shouldn’t be the only metric you consider when picking a VPN, it’s still one of the most important, regardless of what a single CEO says. </p><p>Looking at everything from price to supported device count, user reviews, and more should give you the best picture of which VPN will best fulfill your needs. </p><p>Server counts are an important part of this total package, and while they may be less relevant for users who live in moderately populated areas of the world, anyone in very rural settings or densely packed cities will want to keep server count and quality at the top of their list of considerations when shopping for a new VPN.</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h3><ul><li><strong></strong><a href="https://www.laptopmag.com/best-picks/best-vpn-services" target="_blank"><strong>Best VPN services in 2025</strong></a><strong></strong></li><li><a href="https://www.laptopmag.com/how-to/6-things-you-could-and-should-use-a-vpn-for" target="_blank"><strong>6 things you could (and should) use a VPN for</strong></a><strong></strong></li><li><a href="https://www.laptopmag.com/features/5-reasons-why-you-need-a-vpn" target="_blank"><strong>5 reasons why you need a VPN — cheap flights, fast internet and more</strong></a><strong></strong></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ A new kind of phishing attack is fooling Gmail’s security. Here’s how it works ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/new-phishing-attack-fooling-gmails-security</link>
                                                                            <description>
                            <![CDATA[ Be wary of strange emails, even if they say it's from Google. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">vge7scCPRxo3HmirjMZBaW</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/e7Ey3BGYBpUTE7VNGSVWKa-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Sun, 20 Apr 2025 20:22:38 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Oscar Gonzalez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/KGDFNcWsjAjjWi5nnoutLU.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;A veteran journalist and award-winning podcaster who specializes in reporting on conspiracy theories, misinformation, business, economics, video games, and tech.&lt;/p&gt;&lt;p&gt;Oscar previously served as the Tech News Editor at &lt;em&gt;Gizmodo&lt;/em&gt; and a Senior Staff Reporter at &lt;em&gt;CNET&lt;/em&gt;. He&#039;s also reported for CBS radio, done research for &lt;em&gt;Wired&lt;/em&gt;, reported for &lt;em&gt;TheStreet&lt;/em&gt; and for &lt;em&gt;Inverse&lt;/em&gt;. He&#039;s a graduate of the City University of New York Graduate School of Journalism. He&#039;s a native of San Antonio, Texas.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/e7Ey3BGYBpUTE7VNGSVWKa-1280-80.jpg">
                                                            <media:credit><![CDATA[Google]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Keep an eye out on your Gmail inbox. ]]></media:description>                                                            <media:text><![CDATA[Gmail inbox]]></media:text>
                                <media:title type="plain"><![CDATA[Gmail inbox]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/e7Ey3BGYBpUTE7VNGSVWKa-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><a href="https://www.laptopmag.com/news/this-nasty-phishing-attack-allows-hackers-to-steal-your-gmail-emails-using-a-chrome-extension-how-to-check-if-you-have-it">Phishing attacks</a> are not new, especially with <a href="https://www.laptopmag.com/software/i-used-google-gemini-in-gmail-and-its-not-the-ai-revolution-i-hoped-for-yet">Gmail</a>. There are constant warnings from email companies about what to watch out for when receiving a weird email. </p><p>That still doesn't stop hackers. Some do keep with the painfully obvious phishing attacks using emails supposedly from <a href="https://www.laptopmag.com/software/antivirus-cyber-security/iphone-users-beware-reset-password-phishing-attacks-on-the-rise">Apple</a>, Amazon, and Facebook, yet use random email handles to send the fake messages. Others, however, have gotten smarter and sneakier with their attacks, so now, it's close to impossible to tell if an email is fake or not. </p><p>Software developer Nick Johnson created a<a href="https://x.com/nicksdjohnson/status/1912439023982834120" target="_blank" rel="nofollow"> thread on X </a>about a new kind of phishing attack. He received an email from an attacker that said Google had been served with a subpoena and that he needed to provide a copy of his Google account content. </p><p>An email like this would seemingly be easy to dismiss simply by looking at who sent it. In this case, the email did come from a valid, signed Google email account, no-reply@google.com. This email also passed a DomainKeys Identified Mail (DKIM) check, which reaffirms it is legit, and in Gmail, this email sorted itself with other Google security alerts within the inbox. </p><p>Clicking on the link also led to a legit-looking Google sign-in page with the subtle difference that the URL was "sites.google.com" instead of "accounts.google.com." Johnson didn't proceed further as he believed that would have been where the hackers would have harvested his data. </p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vulnerability in Google's infrastructure, and given their refusal to fix it, we're likely to see it a lot more. Here's the email I got: pic.twitter.com/tScmxj3um6<a href="https://twitter.com/cantworkitout/status/1912439023982834120">April 16, 2025</a></p></blockquote><div class="see-more__filter"></div></div><p>So how did these hackers create an email that appears to be a completely valid email from Google and create a fake site that is still a Google website? Johnson came up with a theory. </p><p>The first task was to create a site using an old Google product.<br><br>"The fake portal is fairly straightforward. http://sites.google.com is a legacy product from before Google got serious about security; it allows users to host content on a http://google.com subdomain, and crucially it supports arbitrary scrips and embeds," Johnson tweeted. </p><p>After this fake page is made, they create a Google account using a fake domain that is registered. Johnson used the email of "me@domain."<br><br>They can create a <a href="https://developers.google.com/identity/protocols/oauth2" target="_blank" rel="nofollow">Google OAuth application</a>, which, for a knowledgeable developer, can be done in mere minutes. The application is given the name of the phishing message with all the spacing and wording found on a Google email, including a line for "Google Legal Support" in Johnson's case. </p><p>From here, they grant OAuth app access to the Google account they created, "me@domain," in the case of Johnson's example. This then causes a "Security Alert" message from Google to be generated, which has all the phishing wording in it. The attacker then forwards that email to the victim, and it passes a DKIM check, appears to come from a legitimate Google email, and has a link to the fake site.  </p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">The email is much more sophisticated, and in my opinion much more obviously a security issue on Google's part. The first clues are in the email header: although it was signed by https://t.co/kCLNEQcBQK, it was emailed by https://t.co/ENBJVYriTF, and sent to 'me@blah' pic.twitter.com/BodFDqc6Ps<a href="https://twitter.com/cantworkitout/status/1912439044866203814">April 16, 2025</a></p></blockquote><div class="see-more__filter"></div></div><h2 id="google-is-on-it">Google is on it.</h2><p>At the end of his thread, Johnson said he sent this issue to Google, and their response wasn't ideal.</p><p>"I've submitted a bug report to Google about this; unfortunately they closed it as 'Working as Intended' and explained that they don't consider it a security bug. Obviously I disagree - but until they change their mind, be on the lookout for deceptive security alerts from Google," Johnson <a href="https://x.com/nicksdjohnson/status/1912439066575905013" target="_blank" rel="nofollow">wrote</a>.</p><p>He later posted another message saying the company changed its stance. </p><p>"Outstanding news: Google has reconsidered and will be fixing the oauth bug," he <a href="https://x.com/nicksdjohnson/status/1912575027632873565">tweeted</a>. </p><p>Google confirmed it is working on a solution with <a href="https://www.newsweek.com/google-responds-major-email-scam-2060855" target="_blank" rel="nofollow"><em>Newsweek</em></a>. </p><p>"We're aware of this class of targeted attack from the threat actor, Rockfoils, and have been rolling out protections for the past week. These protections will soon be fully deployed, which will shut down this avenue for abuse," the company told <em>Newsweek</em>. "In the meantime, we encourage users to adopt two-factor authentication and passkeys, which provide strong protection against these kinds of phishing campaigns."</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ You need a VPN for school, here are 3 services we recommend ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/you-need-a-vpn-for-school-here-are-3-services-we-recommend</link>
                                                                            <description>
                            <![CDATA[ Internet safety might not top the list of back-to-school essentials, but it should. Here's why, and the services we recommend for the year ahead. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">PDQzyKxLkqpqVvynUoey8V</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/suuSyf4oupiz5GH56LDwDR-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 19 Aug 2024 10:00:00 +0000</pubDate>                                                                                                                                <updated>Mon, 19 Aug 2024 13:26:34 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/suuSyf4oupiz5GH56LDwDR-1280-80.jpg">
                                                            <media:credit><![CDATA[Pixabay]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[What is a VPN kill switch — and why you should use one]]></media:description>                                                            <media:text><![CDATA[What is a VPN kill switch — and why you should use one]]></media:text>
                                <media:title type="plain"><![CDATA[What is a VPN kill switch — and why you should use one]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/suuSyf4oupiz5GH56LDwDR-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>When you’re heading back to school, I’d assume that internet safety is the last thing on your mind. Then again, what do I know? I’m English, and the only thing on my mind when I go back to school is the brickwork of King’s Cross Station as I fail once again to find my way onto the platform for the train to Hogwarts.</p><p>However, while internet safety isn’t as cool as a new MacBook Pro, it should register pretty high up on your to-do list as you prepare for the year ahead. After all, you’ll likely be spending a lot of time on shared networks — a hotbed of potential security abuses that could see you gravely regretting prioritizing that dorm room essential iced coffee maker over investing in the ultra-affordable subscriptions of one of the <a href="https://www.laptopmag.com/best-picks/best-vpn-services"><u>best VPN services</u></a>. </p><h2 id="what-is-a-vpn-xa0">What is a VPN? </h2><p>A Virtual Private Network (or VPN) is a security tool designed to protect your privacy as you surf the internet in search of ways to watch blocked content, whether that’s because of your location or network restrictions.</p><p>VPNs offer an encrypted tunnel by which all of your internet traffic can flow, making your IP address and activity along the way to ensure you remain as anonymous as possible while online.</p><p>While you can’t simply ghost your way around the internet, you can set your virtual location to any number of virtual servers to fool websites, services, and apps into thinking you’re somewhere you aren’t. This lets you bypass everything from ISP firewalls to geo-restrictions in your quest to freely explore the internet without roadblocks.</p><h2 id="why-do-i-need-a-vpn-xa0">Why do I need a VPN? </h2><p>Picture this: your entire class has become enraptured by a hot new TV show on Netflix, and you’re the only one who isn’t up to speed. Filled with dread and a sense of impending social stigma, you rush to your dorm and open Netflix only to find that the show in question is exclusive to the British Netflix library. Oh no. Whatever will you do?</p><p>Well, you could use a VPN to set your virtual location to London, England, and binge-watch your way to group acceptance. That’s what I’d do. After all, I don’t want to become a social pariah in my first week of school.</p><p>Another thing to keep in mind is your potential reliance on open Wi-Fi networks. While having quick and easy access to the internet while on campus, in libraries, or in local coffee shops is an incredible boon, it does come with its downsides. If it’s quick and easy for you to access, it’s just as quick and easy for somebody with less than good intentions to do so.</p><p>Public or shared Wi-Fi networks are a minefield of potential security threats. Thankfully, VPNs help mask your presence on the network and ensure the data passing back and forth between your machine and the internet isn’t intercepted and snooped on by any potential nosey ne’er-do-wells who become overly curious about what you might get up to on the privacy of your own devices.</p><p>VPNs keep you and your data safe from prying eyes at all levels of your internet access while also giving you the freedom to access the net in all the ways you choose. Security, privacy, and freedom: three of the most compelling reasons you need to invest in the VPN this back-to-school season.</p><h2 id="which-vpn-is-right-for-me-as-a-student-xa0">Which VPN is right for me as a student? </h2><p>Choosing a VPN service is a lot easier than deciding between spec-heavy laptops. But it can still be tough to judge if you’re unfamiliar with services like this.</p><p>Thankfully, we’re here to help. We know the importance of a good VPN at <em>Laptop Mag</em>, which means we stay abreast of the best services available so you don’t have to spend your every waking hour flipping back and forth between websites trying to make sure you get the best deal.</p><p>Let&apos;s look at some of the VPNs we recommend this back-to-school season.</p><h2 class="article-body__section" id="section-1-expressvpn"><span>1. ExpressVPN</span></h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:966px;"><p class="vanilla-image-block" style="padding-top:56.21%;"><img id="UesjPAEWfSWLe8uqL8iJRf" name="ExpressVPN.png" alt="ExpressVPN, the best VPN, running on Windows, Mac, tablet, iPhone, Android, router, and AppleTV" src="https://cdn.mos.cms.futurecdn.net/UesjPAEWfSWLe8uqL8iJRf.png" mos="" align="middle" fullscreen="" width="966" height="543" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: ExpressVPN)</span></figcaption></figure><p>Whether you’ve never used a VPN or want to move to a more reliable service, ExpressVPN is our top pick for staying secure online. It’s easy to use and available across a number of your devices, meaning you can secure your laptop, smartphone, tablet, and even game consoles with up to eight devices able to share the same protections at once.</p><p>Better still, ExpressVPN provides a speedy pathway through its network, ensuring you won’t be bogged down by a connection that’s as slow as it is secure. ExpressVPN’s network contains over 3,000 servers spread across 105 countries and offers 24/7 support for anyone encountering issues with its service. It’s an ideal option for those looking for an all-around internet safety solution, and highly recommended.</p><h2 class="article-body__section" id="section-2-nordvpn"><span>2. NordVPN</span></h2><figure class="van-image-figure " data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:3200px;"><p class="vanilla-image-block" style="padding-top:46.88%;"><img id="" name="nordvpn_TR.jpg" alt="NordVPN app working on mobile, PC, tablet, and other devices" src="https://cdn.mos.cms.futurecdn.net/MnbkgvGrJuvn8jtC6KnsGj.jpg" mos="" align="middle" fullscreen="" width="3200" height="1500" attribution="" endorsement="" class=""></p></div></div></figure><p>Even if you’ve never used a VPN, you’ll likely have heard of Nord, whose sponsorships appear in a wide selection of YouTube videos. It’s one of the most popular VPNs you’ll come across, with good reason. Its 6,400+ servers spread across 111 countries are impressively fast and reliable, which makes it ideal for those who are perpetually downloading, streaming, or gaming.</p><p>However, NordVPN doesn’t solely rely on its speeds. It’s also an impressively secure service that takes user privacy incredibly seriously. To facilitate its users with the most secure online experience, Nord supports up to 10 simultaneous devices per account and supports all major operating systems and mobile platforms. NordVPN also offers incredible value to long-haul subscribers, with its two-year plans starting at just $5.99 per month.</p><h2 class="article-body__section" id="section-3-surfshark"><span>3. Surfshark</span></h2><figure class="van-image-figure " data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:3200px;"><p class="vanilla-image-block" style="padding-top:46.88%;"><img id="" name="surfshark_TR.jpg" alt="Surfshark VPN app running on several devices" src="https://cdn.mos.cms.futurecdn.net/3ok8vVPTqUYfW7LDrsL6Xa.jpg" mos="" align="middle" fullscreen="" width="3200" height="1500" attribution="" endorsement="" class=""></p></div></div></figure><p>While I might not be an American, there’s one thing that’s typically universal among students: being broke and appreciating a good deal when you find one. That’s where Surfshark comes into play nicely. Surfshark’s annual plans are some of the cheapest around, but that doesn’t mean it’s willing to compromise on safety or features to get there.</p><p>In fact, you’ll get access to several bonus features by upgrading to some of its broader tiers and still save money compared to more premium services like NordVPN and ExpressVPN. To make things even more outstanding in terms of value, Surfshark has no limits on the number of devices you can use with the service. This allows you to protect yourself but freely offer your roommates the same levels of protection and security.</p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/best-picks/best-vpn-services"><strong>Best VPN services in 2024</strong></a></li><li><a href="https://www.laptopmag.com/how-to/6-things-you-could-and-should-use-a-vpn-for"><strong>6 things you could (and should) use a VPN for</strong></a></li><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/has-your-email-or-password-been-stolen-heres-how-to-find-out"><strong>Has your email or password been stolen? Here's how to find out</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 'You basically have to throw your computer away': Researchers explain AMD 'Sinkclose' vulnerability, but do you need to worry?  ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/an-amd-firmware-flaw-could-give-hackers-deep-control-of-your-pc</link>
                                                                            <description>
                            <![CDATA[ Researchers are warning that a major flaw in AMD processor firmware could give attackers access to deep control over a computer, leading to "unfixable" infections. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">BburgNn9uXABigTTGUyBh4</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ztXw93X2bvqYRoyz7ddSrh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 09 Aug 2024 21:30:43 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Madeline Ricchiuto ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/PsdRdugC24rHrg673Xo7zb.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ztXw93X2bvqYRoyz7ddSrh-1280-80.jpg">
                                                            <media:credit><![CDATA[Stevie Bonifield]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[The AMD Ryzen and NVIDIA RTX stickers on the Acer Nitro 17]]></media:description>                                                            <media:text><![CDATA[The AMD Ryzen and NVIDIA RTX stickers on the Acer Nitro 17]]></media:text>
                                <media:title type="plain"><![CDATA[The AMD Ryzen and NVIDIA RTX stickers on the Acer Nitro 17]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ztXw93X2bvqYRoyz7ddSrh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Researchers from security firm IOActive warn that a major flaw in AMD processor firmware could give attackers access to deep control over a computer, leading to "unfixable" infections. Firmware is a type of software that helps the hardware to run as expected, essentially making this "software for hardware" a major target for hackers who want near-complete control over your PC.</p><p>As reported by <a href="https://www.wired.com/story/amd-chip-sinkclose-flaw/"><em>Wired</em></a>, the "sinkclose" flaw in AMD&apos;s firmware exists in almost every AMD chip since 2006 and presents a significant threat under the right conditions. If hackers did gain access to your laptop via the Sinkclose vulnerability, researchers indicated that "You would basically have to throw your computer away." </p><p>IOActive researchers <strong>Enrique Nissim</strong> and <strong>Krzysztof Okupski </strong>identified the flaw, referring to the vulnerable AMD chips as "Sinkclose." The duo plans to present the vulnerability in the AMD chipsets on August 10 at the <a href="https://defcon.org/">Defcon hacker conference</a> in Las Vegas, Nevada.</p><p><em>Laptop Mag</em> contacted AMD for further comment on Sinkclose but did not receive a response in time for publication.</p><h2 id="what-does-the-quot-sinkclose-quot-flaw-do">What does the "Sinkclose" flaw do?</h2><p>The firmware vulnerability identified by Nissim and Okupski would allow hackers to run their own code in AMD&apos;s System Management Mode, which is intended to run the processor&apos;s firmware. This "Sinkclose" vulnerability would allow an attacker to infect the computer with a <a href="https://www.malwarebytes.com/blog/detections/bootkit">"bootkit" type of malware</a> that targets the Master Boot Record. Bootkit malware can evade antivirus software and is potentially invisible to the operating system. </p><p>A hacker must have already gained access to a PC or server to exploit the System Management Mode controls, which is one reason AMD is downplaying the concern. In a background statement to <em>Wired,</em> AMD company compared the Sinkclose method to "accessing a bank&apos;s safe-deposit boxes after already bypassing its alarms, the guards, and vault door." </p><p>However, the vulnerability would allow a hacker such deep control of a PC that it would be functionally impossible to salvage it, and the vulnerability affects nearly all AMD chips manufactured since 2006, if not earlier. So while hackers would only likely attempt this on high-value targets, it should not be completely ignored.</p><p>AMD has acknowledged IOActive&apos;s findings in a statement to <a href="https://www.wired.com/story/amd-chip-sinkclose-flaw/"><em>Wired</em></a>, noting that the company had released mitigation options for the "Sinkclose" flaw in EPYC server processors and Ryzen consumer processors and that the vulnerability has been patched out of the EPYC server CPUs earlier this year. </p><p>AMD has released a list of all <a href="https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html">affected processors</a> on its <a href="https://www.amd.com/en/resources/product-security.html?utm_campaign=productsecurity&utm_medium=redirect&utm_source=301">security page</a>, including the Ryzen 3000 through 7000 series for laptop owners. </p><h2 id="what-this-means-for-you">What this means for you</h2><p>Unfortunately, because the vulnerability lies in AMD&apos;s firmware, users can only wait for a firmware update to patch it. As most affected systems will be Windows machines, those firmware updates will likely be rolled into future Windows system updates. </p><p>Once those patches become available, any AMD PC owner should install the updates immediately.</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h3><ul><li><a href="https://www.laptopmag.com/software/you-might-accidentally-fall-in-love-with-chatgpts-advanced-voice-mode"><strong>You might accidentally fall in love with ChatGPT's advanced Voice Mode</strong></a></li><li><a href="https://www.laptopmag.com/news/iphone-16"><strong>iPhone 16 rumors: release date speculation, design leaks, price outlook, and more</strong></a></li><li><a href="https://www.laptopmag.com/laptops/an-18-year-old-browser-exploit-leaves-macbooks-and-linux-laptops-vulnerable-but-a-fix-is-coming"><strong>An 18-year-old browser exploit leaves MacBooks and Linux laptops vulnerable — but a fix is coming</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This malware is posing as Google Authenticator using Google ads — here's how to protect yourself ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/this-malware-is-posing-as-google-authenticator-using-google-ads-heres-how-to-protect-yourself</link>
                                                                            <description>
                            <![CDATA[ Here's the latest malware you need to be on the lookout for: a malicious 'Google' ad for the security-focused Google Authenticator app. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">mmyVf4YjNqaywaiGkAjPJn</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/5t2g8pnaYGMgfQ6C6HUvQ7-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Thu, 01 Aug 2024 18:30:57 +0000</pubDate>                                                                                                                                <updated>Thu, 01 Aug 2024 19:14:41 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/fB3fetC99tf85v26bvZJUH.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including &lt;em&gt;Mashable&lt;/em&gt;, &lt;em&gt;How-To Geek&lt;/em&gt;, &lt;em&gt;MakeUseOf&lt;/em&gt;, &lt;em&gt;Tom’s Guide&lt;/em&gt;, and of course, &lt;em&gt;Laptop Mag&lt;/em&gt;. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she&#039;s not writing, she&#039;s probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/5t2g8pnaYGMgfQ6C6HUvQ7-1280-80.png">
                                                            <media:credit><![CDATA[Google]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Google Search]]></media:description>                                                            <media:text><![CDATA[Google Search]]></media:text>
                                <media:title type="plain"><![CDATA[Google Search]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/5t2g8pnaYGMgfQ6C6HUvQ7-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Recent malware attacks have become more advanced, and the advice to keep your device safe is no longer as easy as "Don&apos;t click on any random links sent to you." Threat actors are seeking victims out with more concealed measures, like this fake ad for Google Authenticator that looks like the real deal, identified in a July 30 report by <a href="https://www.malwarebytes.com/blog/news/2024/07/threat-actor-impersonates-google-via-fake-ad-for-authenticator"><em>Malwarebytes</em></a>.</p><p>After users click on the fake ad, they&apos;re redirected multiple times until finally landing on a fake site for Google Authenticator hosted on GitHub. If people aren&apos;t paying close attention, it&apos;s easy to miss these redirects and not notice they&apos;re on a malicious site before innocently clicking that &apos;Download&apos; button.</p><p>If this fraudulent Google Authenticator is successfully downloaded on your device, the malware — known as DeerStealer and originally discovered by <a href="https://x.com/anyrun_app/status/1813940716839522596">@anyrun_app</a> on X — will have access to your personal data, specifically via an "attacker-controlled website hosted at vaniloin[.]fun."</p><p>With such well-concealed malware floating around on the internet, how are you supposed to protect yourself? Well, there are a few specific tips to prevent this malware and an all-encompassing solution that could keep you protected without needing to manually vet all links.</p><h2 id="how-to-notice-deerstealer-malware">How to notice DeerStealer malware</h2><p>Most of us are familiar with what a sponsored ad on Google looks like, and looking at the malicious ad Malwarebytes took screenshots of, it&apos;s hard to spot the differences. The ad shows Google&apos;s official website as the URL, and when you expand details about the advertiser, it convincingly reads "Advertiser identity verified by Google."</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:597px;"><p class="vanilla-image-block" style="padding-top:62.65%;"><img id="nCiue39abQM4fPfnMsTau" name="image_fa7354.jpg" alt="fake google authenticator ad" src="https://cdn.mos.cms.futurecdn.net/nCiue39abQM4fPfnMsTau.jpg" mos="" align="middle" fullscreen="" width="597" height="374" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Malwarebytes)</span></figcaption></figure><p>Even if you accidentally click on this fake ad from &apos;Larry Marr,&apos; your device isn&apos;t compromised just yet. The DeerStealer malware only gains access to your personal data if you don&apos;t recognize the suspicious URL — chromeweb-authenticators[.]com — and download the malicious Authenticator[.]exe file.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:806px;"><p class="vanilla-image-block" style="padding-top:84.74%;"><img id="vePcAspaojfowx2C4mW2ta" name="image_53961f.jpg" alt="malwarebytes screenshot" src="https://cdn.mos.cms.futurecdn.net/vePcAspaojfowx2C4mW2ta.jpg" mos="" align="middle" fullscreen="" width="806" height="683" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Malwarebytes)</span></figcaption></figure><p>Unfortunately, your browser&apos;s built-in security measures will not recognize this fake site and file as malicious because they are hosted on GitHub, a trusted cloud resource. </p><p>So what is a security-conscious user to do?</p><p>The only solution that could protect you from this advanced malware without needing to diligently check every URL yourself is antivirus software. <em>Malwarebytes</em> points out that its own antivirus software detected the malicious payload as "Spyware.DeerStealer," and there are multiple other antivirus solutions available that would work similarly.</p><p>Even taking precautions the modern internet is a hazardous place, so investing in one of the <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps">best antivirus apps</a> that is available for desktop and mobile is the best solution to keep yourself as safe as possible.</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h3><ul><li><a href="https://www.laptopmag.com/laptops/snapdragon-x-pcs-to-rival-macbook-air-in-more-than-performance-from-2025"><strong>Snapdragon X PCs to rival MacBook Air in more than performance from 2025</strong></a></li><li><a href="https://www.laptopmag.com/laptops/keyboards-mice/logitech-considers-releasing-a-mouse-you-buy-once-and-pay-for-forever"><strong>Logitech considers releasing a mouse you buy once and pay for 'forever'</strong></a></li><li><a href="https://www.laptopmag.com/laptops/macbooks/how-to-change-apple-id-password"><strong>How to change Apple ID password: Cybersecurity experts say to do it every 90 days (but now is better than never)</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Microsoft reveals CrowdStrike outage could have a surprising long-term impact on everyday users ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/microsoft-reveals-crowdstrike-outage-could-have-a-surprising-long-term-impact-on-everyday-users</link>
                                                                            <description>
                            <![CDATA[ Microsoft has identified the cause of the CrowdStrike outage on July 19 and it could have a major impact on all Windows users. Here's how it could reshape antivirus and anti-cheat programs. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">pUb5zR8w7gWWZi9UoEvsVT</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6htJCWXusRu2cwB2B3aFzG-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 31 Jul 2024 18:30:05 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Stevie Bonifield ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/YyiuwBdH8o94JgPgp8y2uU.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6htJCWXusRu2cwB2B3aFzG-1280-80.jpg">
                                                            <media:credit><![CDATA[Microsoft / Laptop Mag]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Windows 10 BSOD saying &quot;It&#039;s not you, it&#039;s me.&quot;]]></media:description>                                                            <media:text><![CDATA[Windows 10 BSOD saying &quot;It&#039;s not you, it&#039;s me.&quot;]]></media:text>
                                <media:title type="plain"><![CDATA[Windows 10 BSOD saying &quot;It&#039;s not you, it&#039;s me.&quot;]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6htJCWXusRu2cwB2B3aFzG-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>On July 27, Microsoft released a detailed security report on the cause of the CrowdStrike crash that triggered one of the biggest IT outages in history. </p><p><a href="https://www.microsoft.com/en-us/security/blog/2024/07/27/windows-security-best-practices-for-integrating-and-managing-security-tools/" target="_blank">Microsoft&apos;s report</a> came just a few days after <a href="https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/" target="_blank">CrowdStrike&apos;s post-incident report</a>. Both investigations concluded the same thing: the outage that impacted millions of Windows devices was caused by a bugged driver. </p><p>The CrowdStrike outage was effectively triggered by Channel File 291, a file containing problematic data, incorrectly passing validation through the bugged driver, the "Content Validator," part of CrowdStrike&apos;s Content Configuration System. </p><p>The problematic data in Channel File 291 triggered an out-of-bounds memory read, which led to the crash. An out-of-bounds memory read occurs when a program tries to access data that&apos;s out of reach beyond the end of some type of buffer. For example, if a program tried to access data beyond the end of an index, that could cause an out-of-bounds memory read error. </p><p>In this case, the error resulted in the infamous Blue Screen of Death (BSOD) Windows operating system crash on July 19, which impacted millions of devices worldwide. </p><p>While the outage has mostly been resolved as of this writing, the results of Microsoft and CrowdStrike&apos;s investigations could have a more long-lasting impact on everyday users. The way antivirus and anti-cheat apps work might be changing soon. </p><h2 id="the-role-of-kernel-level-access-in-the-crowdstrike-outage">The role of kernel-level access in the CrowdStrike outage</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1153px;"><p class="vanilla-image-block" style="padding-top:50.82%;"><img id="CrHFmiYHHMF6ST8HSMqeeF" name="crowdstrike-outage-microsoft-kernel-level-chart.JPG" alt="A chart provided from Microsoft showing how kernel mode is separate from user mode in the Windows operating system" src="https://cdn.mos.cms.futurecdn.net/CrHFmiYHHMF6ST8HSMqeeF.jpg" mos="" align="middle" fullscreen="" width="1153" height="586" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Microsoft)</span></figcaption></figure><p>Part of the underlying cause of the CrowdStrike outage was that CrowdStrike&apos;s software requires kernel-level access, like many other antivirus programs. </p><p>Kernel mode is the deepest level of the Windows operating system. It&apos;s often used in cybersecurity software since it can scan for malware more deeply, and kernel-level programs are more complex for hackers to disable. </p><p>By operating on the kernel level, antivirus programs can monitor all the activity on a device to cast the widest net for identifying suspicious activity or files. </p><p>For example, the driver involved in the CrowdStrike outage was a file system filter driver. This type of driver is prevalent in antivirus programs and typically monitors new files saved to a device. They can also monitor system behavior, which appears to be the case with the "Content Validator" involved in the CrowdStrike outage. </p><p>Unfortunately, the downside of allowing a program to run on such a deep level in the Windows operating system is a higher risk of system crashes if a glitch does slip through. </p><p>Microsoft explains in its incident report, "Since kernel drivers run at the most trusted level of Windows, where containment and recovery capabilities are constrained by nature, security vendors must carefully balance needs like visibility and tamper resistance with the risk of operating within kernel mode."</p><h2 id="how-the-crowdstrike-outage-could-impact-kernel-level-apps-for-security-and-gaming">How the CrowdStrike outage could impact kernel-level apps for security and gaming</h2><p>Microsoft&apos;s full report on the CrowdStrike outage is pretty lengthy, but one of the most important sections is at the end, where Microsoft mentions "reducing the need for kernel drivers to access important security data" moving forward. </p><p>This is important to note since CrowdStrike is far from the only developer to require kernel-level access for its software. Many consumer cybersecurity apps and anti-cheat programs also require this deep access into users&apos; operating systems. </p><p>In recent years, kernel-level anti-cheat software <a href="https://www.wired.com/story/kernel-anti-cheat-online-gaming-vulnerabilities/" target="_blank">has faced significant controversy</a> in the gaming community. Many gamers see it as a privacy and security risk since hackers could get kernel-level access to their devices if these anti-cheat programs were ever compromised. Hackers have even <a href="https://youtu.be/kzVYgg9nQis?si=droFXOjKOicjTc4x" target="_blank">found ways to bypass</a> kernel-level anti-cheat programs. </p><p>However, game developers seem reluctant to abandon kernel-level anti-cheat programs due to the growing difficulty of stopping cheating in competitive games. </p><p>The CrowdStrike outage may mark a turning point in this issue since it sheds new light on the potential dangers of kernel-level programs. This incident is evidence that gamers may be right to be concerned about the safety of their devices with kernel-level anti-cheat. It also highlights the drawbacks of kernel-level consumer cybersecurity apps. </p><p>We could see some of these apps move away from kernel-level access. Microsoft may begin putting more research and development into finding alternative ways to protect users&apos; devices (and stop gamers from cheating) <em>without</em> needing kernel-level permissions. </p><p>AI could offer one potential solution. For example, developers have suggested using AI <a href="https://youtu.be/LkmIItTrQP4?si=rbMPxZxNmUmoiRqI" target="_blank">"Human Behavior Detection"</a> to spot cheating in competitive gaming. This approach relies on identifying suspicious behavior in-game rather than scanning every file on a user&apos;s device for potential cheating software. </p><div class="youtube-video" data-nosnippet ><div class="video-aspect-box"><iframe data-lazy-priority="high" data-lazy-src="https://www.youtube-nocookie.com/embed/LkmIItTrQP4" allowfullscreen></iframe></div></div><p>Could similar AI-powered solutions provide alternatives to kernel-level cybersecurity software? That&apos;s unclear, but AI will likely play a major role in Microsoft&apos;s research efforts in the aftermath of the CrowdStrike outage. </p><p>The CrowdStrike outage may have been the most high-profile IT issue caused by a kernel-level program, but it&apos;s certainly not the first time kernel-level errors have led to BSOD crashes for users. Kernel-level software has benefits, but the risks are clearly significant. Users need an alternative that can keep their Windows devices safe without the risk of critical system crashes. </p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/live/news/microsoft-windows-crowdstrike-outage"><strong>Windows/CrowdStrike outage recap: Today's 'Blue Screen of Death' error explained</strong></a></li><li><a href="https://www.laptopmag.com/crowdstrike-aftermath"><strong>The CrowdStrike outage spotlights major vulnerabilities in the global information ecosystem</strong></a></li><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/10-billion-passwords-compromised-in-largest-leak-of-all-time-what-you-need-to-know"><strong>10 billion passwords compromised in largest leak of all time — what you need to know</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ The CrowdStrike outage spotlights major vulnerabilities in the global information ecosystem ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/crowdstrike-aftermath</link>
                                                                            <description>
                            <![CDATA[ The Crowdstrike outage is emblematic of the way organizational networks, cloud computing services, and the Internet are interdependent — and the vulnerabilities this creates. In this case, a faulty automatic update to the widely used Falcon cybersecurity software from CrowdStrike caused $PCs running Microsoft’s Windows operating system to crash. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">SRr2YVxUW4bujvBtmuHPQd</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/VdxqDxE3B4xW4jhuu3oRnj-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 29 Jul 2024 23:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Richard Forno ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/DcXoDuLBosxUNKd9PzpatV.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Dr. Richard Forno is a Principal Lecturer in the University of Maryland, Baltimore County&#039;s Department of Computer Science and Electrical Engineering, where he directs the UMBC Graduate Cybersecurity Program, serves as the Assistant Director of UMBC’s Center for Cybersecurity, and is an Affiliate Scholar of the Stanford Law School’s Center for Internet and Society (CIS). Prior to academia, his twenty-year career in operational cybersecurity includes helping build a formal cybersecurity program for the US House of Representatives&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/VdxqDxE3B4xW4jhuu3oRnj-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Lines of passengers form at the check-in counters at Ninoy Aquino International Airport amid a global IT disruption caused by a Microsoft outage and a Crowdstrike IT problem on July 19, 2024, in Manila, Philippines. A significant global outage affecting Microsoft services, particularly Microsoft 365,  caused widespread disruptions across various sectors, including airlines, banks, and health systems. The outage was attributed to a glitch in CrowdStrike&#039;s &quot;Falcon Sensor&quot; software, which affected Windows systems, leading to thousands of flight cancellations and operational chaos in multiple industries.&lt;a href=&quot;https://www.gettyimages.com/license/2162028333?adppopup=true&quot;&gt;&lt;/a&gt;&lt;a href=&quot;https://www.gettyimages.com/license/2163101814?adppopup=true&quot;&gt;&lt;/a&gt;]]></media:description>                                                            <media:text><![CDATA[MANILA, PHILIPPINES - JULY 19: Long queues of passengers form at the check-in counters at Ninoy Aquino International Airport, amid a global IT disruption caused by a Microsoft outage and a Crowdstrike IT problem, on July 19, 2024 in Manila, Philippines. A significant global outage affecting Microsoft services, particularly Microsoft 365, has caused widespread disruptions across various sectors, including airlines, banks, and health systems. The outage was attributed to a glitch in CrowdStrike&#039;s &quot;Falcon Sensor&quot; software, which impacted Windows systems, leading to thousands of flight cancellations and operational chaos in multiple industries. Microsoft has reported that the underlying cause of the outage has been fixed, but residual effects continue to impact some users as the company works on full recovery. (Photo by Ezra Acayan/Getty Images)]]></media:text>
                                <media:title type="plain"><![CDATA[MANILA, PHILIPPINES - JULY 19: Long queues of passengers form at the check-in counters at Ninoy Aquino International Airport, amid a global IT disruption caused by a Microsoft outage and a Crowdstrike IT problem, on July 19, 2024 in Manila, Philippines. A significant global outage affecting Microsoft services, particularly Microsoft 365, has caused widespread disruptions across various sectors, including airlines, banks, and health systems. The outage was attributed to a glitch in CrowdStrike&#039;s &quot;Falcon Sensor&quot; software, which impacted Windows systems, leading to thousands of flight cancellations and operational chaos in multiple industries. Microsoft has reported that the underlying cause of the outage has been fixed, but residual effects continue to impact some users as the company works on full recovery. (Photo by Ezra Acayan/Getty Images)]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/VdxqDxE3B4xW4jhuu3oRnj-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The <a href="https://theconversation.com/major-it-outage-brings-businesses-around-the-world-to-a-standstill-expert-explains-what-happened-and-why-235132"><u>global information technology outage</u></a> on July 19, 2024, which paralyzed organizations ranging from <a href="https://www.wsj.com/business/airlines/flight-cancellations-delays-microsoft-outage-998f1c60" target="_blank"><u>airlines</u></a> to <a href="https://www.nbcnews.com/health/health-news/global-it-outage-us-hospitals-surgery-appointments-cancellations-rcna162687" target="_blank"><u>hospitals</u></a> and even the <a href="https://www.espn.com/olympics/story/_/id/40594979/paris-olympics-systems-hit-global-cyber-outage" target="_blank"><u>delivery of uniforms</u></a> for the Olympic Games, represents a growing concern for cybersecurity professionals, businesses, and governments.</p><p>The outage is emblematic of the way organizational networks, cloud computing services, and the Internet are interdependent — and the vulnerabilities this creates. In this case, a faulty automatic update to the widely used Falcon cybersecurity software from CrowdStrike caused <a href="https://www.wired.com/story/microsoft-windows-outage-crowdstrike-global-it-probems/"><u>PCs running Microsoft’s Windows operating system to crash</u></a>. </p><p>Unfortunately, many servers and PCs need to be fixed manually, and many of the affected organizations have thousands of them spread around the world.</p><div><blockquote><p>The outage is emblematic of the way organizational networks, cloud computing services, and the Internet are interdependent — and the vulnerabilities this creates.</p></blockquote></div><p>Microsoft's problem was <a href="https://www.bleepingcomputer.com/news/microsoft/major-microsoft-365-outage-caused-by-azure-configuration-change/" target="_blank"><u>made worse</u></a> because the company released an update to its Azure cloud computing platform at roughly the same time as the CrowdStrike update. Microsoft, CrowdStrike, and other companies like Amazon have issued technical workarounds for customers willing to take matters into their own hands. </p><p>But for most global users, especially companies, this isn’t going to be a quick fix.</p><p>Modern technology incidents, whether cyberattacks or technical problems, continue to paralyze the world in new and interesting ways. Massive incidents like the CrowdStrike update fault not only create <a href="https://www.wsj.com/tech/microsoft-reports-major-service-outage-affecting-users-worldwide-328a2f40?mod=hp_lead_pos1"><u>chaos in the business world</u></a> but disrupt global society itself. </p><p>The economic losses resulting from such incidents — lost productivity, recovery, disruption to business and individual activities — are likely to be extremely high.</p><div><blockquote><p>For most global users, especially companies, this isn’t going to be a quick fix.</p></blockquote></div><p>As a former cybersecurity professional and current <a href="https://cybersecurity.umbc.edu/richard-forno/"><u>security researcher</u></a>, I believe that the world may finally be realizing that modern information-based society is based on a very fragile foundation.<a href="https://images.theconversation.com/files/608201/original/file-20240719-19-85qlen.jpg?ixlib=rb-4.1.0&q=45&auto=format&w=1000&fit=clip"></a></p><h2 id="the-bigger-picture">The bigger picture</h2><p>Interestingly, on June 11, 2024, a post on CrowdStrike’s own blog seemed to <a href="https://www.crowdstrike.com/blog/next-steps-for-ecosystem-level-cybersecurity/"><u>predict this very situation</u></a> — the global computing ecosystem compromised by one vendor’s faulty technology — though they probably didn’t expect that their product would be the cause.</p><p>Software supply chains have long been a <a href="https://www.cisa.gov/sites/default/files/publications/defending_against_software_supply_chain_attacks_508.pdf"><u>serious cybersecurity concern</u></a> and potential single point of failure. Companies like CrowdStrike, Microsoft, Apple, and others have direct, trusted access to organizations’ and individuals’ computers. </p><p>As a result, people have to trust that the companies are not only secure themselves but that the products and updates they push out are well-tested and robust before they’re applied to customers’ systems. </p><p>The <a href="https://www.fortinet.com/resources/cyberglossary/solarwinds-cyber-attack"><u></u></a><a href="https://www.fortinet.com/resources/cyberglossary/solarwinds-cyber-attack" target="_blank"><u>2019 SolarWinds incident</u></a>, which involved hacking the software supply chain, may well be considered a preview of today’s CrowdStrike incident.</p><div><blockquote><p>Various scams are also likely to target people, preying on their panic or ignorance regarding the issue. </p></blockquote></div><p>CrowdStrike CEO George Kurtz posted on X that “<a href="https://twitter.com/George_Kurtz/status/1814235001745027317"><u>this is not a security incident or cyberattack</u></a>” and that “the issue has been identified, isolated and a fix has been deployed.” </p><p>While perhaps true from CrowdStrike’s perspective — they were not hacked – it doesn’t mean the effects of this incident won’t create security problems for customers. It’s quite possible that in the short term, organizations may <a href="https://twitter.com/bduclaux/status/1814221184612847795"><u>disable some of their internet security devices</u></a> to try and get ahead of the problem, but in doing so, they may have opened themselves up to criminals <a href="https://www.cisa.gov/news-events/alerts/2024/07/19/widespread-it-outage-due-crowdstrike-update"><u>penetrating their networks</u></a>.</p><p>Various scams are also likely to target people, preying on their panic or ignorance regarding the issue. Overwhelmed users might either take offers of faux assistance that lead to identity theft or spend money on bogus solutions to this problem.</p><div class="youtube-video" data-nosnippet ><div class="video-aspect-box"><iframe data-lazy-priority="low" data-lazy-src="https://www.youtube-nocookie.com/embed/abgTzgwdb2A" allowfullscreen></iframe></div></div><h2 id="what-to-do">What to do</h2><p>Organizations and users will need to wait until a <a href="https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/"><u>fix is available</u></a> or try to recover on their own <a href="https://services.northwestern.edu/TDClient/30/Portal/KB/ArticleDet?ID=2642"><u>if they have the technical ability</u></a>. After that, I believe there are several things to do and consider as the world recovers from this incident.</p><p>Companies will need to ensure that the products and services they use are trustworthy. This means doing due diligence on the vendors of such products for security and resilience. </p><p>Large organizations typically <a href="https://testsigma.com/guides/deployment-testing/"><u>test any product upgrades and updates</u></a> before releasing them to their internal users, but that may not happen for some routine products, like security tools.</p><p>Governments and companies alike will need to <a href="https://insights.sei.cmu.edu/blog/system-resilience-what-exactly-is-it/"><u>emphasize resilience</u></a> in designing networks and systems. This means taking steps to avoid creating single points of failure in infrastructure, software, and workflows that an adversary could target or that a disaster could make worse. </p><p>It also means knowing whether any of the products organizations depend on are themselves dependent on certain other products or infrastructures to function.</p><p>Organizations will need to renew their commitment to <a href="https://www.cisa.gov/topics/cybersecurity-best-practices"><u>best practices in cybersecurity</u></a> and general IT management. For example, having a robust backup system in place can make recovery from such incidents easier and minimize data loss. Ensuring appropriate policies, procedures, staffing, and technical resources is essential.</p><p>Problems in the software supply chain like this make it difficult to follow the standard IT recommendation to always keep your systems patched and current. </p><p>Unfortunately, the costs of not regularly updating systems now have to be weighed against the risks of a situation like this happening again.</p><p><em>This article was originally published in </em><a href="https://theconversation.com/massive-it-outage-spotlights-major-vulnerabilities-in-the-global-information-ecosystem-235155">The Conversation.</a></p><iframe allow="" height="1" width="1" data-lazy-priority="low" data-lazy-src="https://counter.theconversation.com/content/235155/count.gif?distributor=republish-lightbox-advanced"></iframe>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 10 billion passwords compromised in largest leak of all time — what you need to know ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/10-billion-passwords-compromised-in-largest-leak-of-all-time-what-you-need-to-know</link>
                                                                            <description>
                            <![CDATA[ Ten billion real-world passwords have been released to an online hacking forum in one of the largest leaks of all time. Are you at risk? Here's what you need to know. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">XNG9GKFM5J52YSzQRvzhiS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 09 Jul 2024 12:10:17 +0000</pubDate>                                                                                                                                <updated>Tue, 09 Jul 2024 12:54:47 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images / Boris Zhitkov]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Passwords]]></media:description>                                                            <media:text><![CDATA[Passwords]]></media:text>
                                <media:title type="plain"><![CDATA[Passwords]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>In what is being referred to as one of the largest and most significant data leaks to date, July 4 bore witness to the release of a massive data dump containing nearly 10 billion unique passwords.</p><p>The data breach was released on a leading hacking forum by a threat actor under the pseudonym "ObamaCare," with the list itself being dubbed "RockYou2024" — an updated compilation of passwords that builds upon the "RockYou2021" document containing information to over eight billion accounts.</p><p>The original "RockYou.txt" data breach occurred in 2009 when the now defunct social application site <em>RockYou</em> was hacked, resulting in the release of 32 million user accounts to the net. Since then, the original list has been added to with further data breaches, reportedly making it one of the largest known repositories of stolen passwords of all time.</p><p>With exactly <strong>9,948,575,739 unique passwords</strong> freely available to all in plain text format, the publication of this list is a threat to netizens and a call to action on checking the security of accounts old and new.</p><h2 id="rockyou2024-how-serious-is-it">RockYou2024: How serious is it?</h2><p>Speaking in a <a href="https://www.malwarebytes.com/blog/news/2024/07/rockyou2024-nearly-10-billion-passwords-leaked-online" target="_blank">blog post published yesterday</a>, Pieter Amtz of Malwarebytes highlights the threat posed by the updated RockYou document, stating: "The list has some value because it contains real-world passwords."</p><p>Amtz continues, "This means if an attacker tried this list of passwords to try to break into an account (known as a brute force attack) they’s be more likely to get in than just trying a list of any old letters and words [sic]."</p><p>While a ten billion list of real-world passwords poses a serious threat to some users, it by no means suggests that ten billion users are now at direct risk. The list, while enormous in size, is only half of the information required to access an account.</p><p>The contents of RockYou2024 will serve threat actors hoping to purposefully target individual accounts by allowing them the option of checking each password from the breach by trial and error — though most websites would never tolerate brute force attempts like this at a scale offered by the RockYou2024 list.</p><p>That&apos;s not to say that there&apos;s no threat at all, however. The data contained within the ten billion-strong list still has plenty of application in pass-the-hash attacks and the offline cracking of stolen password databases.</p><h2 id="rockyou2024-some-have-their-doubts">RockYou2024: Some have their doubts</h2><p>While the breach is considerate in size, and a genuine threat to many, Malwarebyte&apos;s Amtz points out that those who "Don’t reuse passwords and never use &apos;simple&apos; passwords, like single words" probably have little to worry about. </p><p>However, Amtz also wisely insists people take the necessary safety precautions of enabling multi-factor authentication (MFA) on all accounts possible to protect against unwanted intrusions.</p><p>Elsewhere on the internet, security sleuths are questioning the updated RockYou2024 content, claiming much of the additions to the list to be mostly uncracked hashed passwords and random company names among other junk data and over one billion lines of text that are beyond 32 characters in length — which indicates they may not be passwords at all. </p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">I'm calling it: The rockyou2024 release is garbage. File starts with lots of 0x00, and a quick run of strings shows that there are lots of hashed passwords in there (like from /etc/passwd). Also random company names and other stuff. I highly doubt it brings any real value/threat. pic.twitter.com/3maM7BoLOS<a href="https://twitter.com/lkarlslund/status/1809333399435506129">July 5, 2024</a></p></blockquote><div class="see-more__filter"></div></div><h2 id="how-to-check-if-your-information-was-leaked">How to check if your information was leaked</h2><p>Despite reassurances from various in-the-know voices, data breaches like RockYou2024 are a notable threat to be aware of. While it may not be the most dangerous breach in recent history, it&apos;s a considerable example of how much stolen data is out there on the internet waiting to be misused.</p><p>It&apos;s estimated that there are <a href="https://www.darkreading.com/vulnerabilities-threats/24-billion-credentials-circulate-dark-web-2022" target="_blank">over 24 billion stolen credentials</a> to be found online and circulating the dark web, with lists being traded daily containing millions or more combinations of in-use and active user accounts.</p><p>With that in mind, with the release of breaches like the updated RockYou list, it&apos;s always better to be safe than sorry and check to see if your information is secure by using several free and trusted online services that can let you know if your password is secure or if any of your accounts have been included in prior breaches.</p><p>One trusted site we can recommend would be <a href="https://haveibeenpwned.com/" target="_blank"><strong>HaveIBeenPwned.com</strong></a>, one of the largest and most reliable repositories of stolen accounts and data breaches online. Here you can search by email to see if any of your accounts have appeared in breaches, and the site&apos;s <a href="https://haveibeenpwned.com/Passwords" target="_blank"><strong>Pwned Passwords Tool</strong></a> search lets you know if the password you&apos;re using at present has been found within numerous lists like RockYou2024 found online.</p><p>Check out the following article about staying safe against data breaches and checking to see if your email or password has been stolen for more information about <em>HaveIBeenPwned</em> and similar services.</p><ul><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/has-your-email-or-password-been-stolen-heres-how-to-find-out"><strong>Has your email or password been stolen? Here's how to find out</strong></a></li></ul><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/best-picks/best-antivirus-apps"><strong>Best antivirus apps in 2024</strong></a></li><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/openai-hack-revealed-as-chatgpt-flaws-exposed-is-your-data-at-risk"><strong>OpenAI hack revealed as ChatGPT flaws exposed: Is your data at risk?</strong></a></li><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/data-shows-deceitful-android-malware-is-on-the-rise-take-this-one-step-to-keep-your-phone-safe"><strong>Data shows deceitful Android malware is on the rise: Take this one step to keep your phone safe</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ OpenAI hack revealed as ChatGPT flaws exposed: Is your data at risk? ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/openai-hack-revealed-as-chatgpt-flaws-exposed-is-your-data-at-risk</link>
                                                                            <description>
                            <![CDATA[ OpenAI is facing major security concerns after employees revealed a breach. Here's a look at the latest security issues with OpenAI and ChatGPT and how they could affect users. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">6ehJ6p3WAyhpWWrEGXUBDi</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/dQPkAH7yWxnPGwdhmLUDMS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 05 Jul 2024 15:59:41 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Stevie Bonifield ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/YyiuwBdH8o94JgPgp8y2uU.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/dQPkAH7yWxnPGwdhmLUDMS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Bloomberg]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[ChatGPT logo on an iPhone screen]]></media:description>                                                            <media:text><![CDATA[ChatGPT logo on an iPhone screen]]></media:text>
                                <media:title type="plain"><![CDATA[ChatGPT logo on an iPhone screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/dQPkAH7yWxnPGwdhmLUDMS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>OpenAI, the developer of ChatGPT, is facing concerns about its security after a 2023 breach came to light this week. News of the breach comes just days after ChatGPT users reported a serious glitch in the chatbot and a major security vulnerability within the ChatGPT macOS app. </p><p>As the developer of the world&apos;s most popular AI chatbot, it&apos;s no surprise that OpenAI is a target for hackers. The company has been quick to respond to recent security issues, but it&apos;s still important for users to know how they might be affected and how they can keep their data safe moving forward. </p><p>Here&apos;s a look at OpenAI&apos;s recent security controversies and what you can do to stay safe while using ChatGPT. </p><h2 class="article-body__section" id="section-openai-was-hacked-in-2023-and-kept-it-quiet-what-users-should-know"><span>OpenAI was hacked in 2023 and kept it quiet: What users should know</span></h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="HU4epMtNRn4kcaUhhSLBS4" name="Sam-Altman.jpg" alt="Sam Altman of OpenAI" src="https://cdn.mos.cms.futurecdn.net/HU4epMtNRn4kcaUhhSLBS4.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Justin Sullivan/Getty Images)</span></figcaption></figure><p>On July 4, the<em> </em><a href="https://www.nytimes.com/2024/07/04/technology/openai-hack.html" target="_blank"><em>New York Times</em> reported</a> that OpenAI experienced a breach in early 2023, but chose not to tell the public about it. A hacker accessed OpenAI&apos;s internal messaging forums, where they were able to view conversations about the inner workings of OpenAI&apos;s technologies. </p><p>Anonymous OpenAI employees told Cade Metz of the <em>New York Times</em> that OpenAI&apos;s executives decided against revealing the incident to the public since the hacker didn&apos;t access any of the company&apos;s actual systems, such as customer data. One of OpenAI&apos;s employees, Leopold Aschenbrenner, raised concerns about the company&apos;s lack of adequate security measures in the aftermath of the incident but <a href="https://www.businessinsider.com/former-openai-researcher-leopold-aschenbrenner-interview-firing-2024-6" target="_blank">was fired shortly after</a> for sharing information with researchers outside the company. </p><p>This is important to note since Aschenbrenner was part of OpenAI&apos;s Superalignment team, the group of engineers and researchers tasked with ensuring OpenAI&apos;s products are ethical and safe. The Superalignment team has seen <a href="https://www.laptopmag.com/software/a-timeline-of-openai-controversy-november-2023-to-may-2024">a few other major exits</a> over the past few months due to similar concerns about security and safety. </p><p>In fact, OpenAI&apos;s Head of Alignment, Jan Leike, specifically outlined his safety concerns on X after resigning in May 2024. Leike said in an X post that "over the past years, safety culture and processes have taken a backseat to shiny products." </p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">But over the past years, safety culture and processes have taken a backseat to shiny products.<a href="https://twitter.com/janleike/status/1791498184671605209">May 17, 2024</a></p></blockquote><div class="see-more__filter"></div></div><p>While the April 2023 OpenAI breach likely had no direct effect on end users, the way OpenAI handled it demonstrates a lack of transparency. It could also have long-term ramifications if the hacker, and any others that might duplicate their strategy, accessed information that would allow them to jailbreak or hack ChatGPT itself. </p><h2 class="article-body__section" id="section-chatgpt-security-flaws-spotted-by-users-on-reddit-and-macos"><span>ChatGPT security flaws spotted by users on Reddit and macOS</span></h2><p>Unfortunately for OpenAI, the 2023 internal messaging hack wasn&apos;t the only security vulnerability to come to light this week.</p><p>On June 30, Reddit user F0XMaster <a href="https://www.reddit.com/r/ChatGPT/comments/1ds9gi7/i_just_said_hi_to_chatgpt_and_it_sent_this_back/" target="_blank">posted on r/ChatGPT</a> about a strange glitch they experienced while using the chatbot. After greeting the chatbot with a simple "Hi," ChatGPT replied with an outline of its system instructions, which are only intended to be visible to developers. </p><p>The system instructions revealed the inner workings of ChatGPT, including some of the guardrails in place to regulate the chatbot&apos;s behavior. For example, it instructs ChatGPT to only generate one image per prompt, even if a user asks for more. </p><p>Other users quickly replied to the post with workarounds they figured out, allowing them to get around the chatbot&apos;s system instructions. OpenAI patched the issue within a day of the post going live so these "jailbreak" tactics no longer work. </p><p>As if that wasn&apos;t bad enough, OpenAI is also facing concerns from Mac users after <a href="https://www.threads.net/@pvieito/post/C85NVV6hvF6?xmt=AQGzMKqtvfkoGGC_1aO_F0wf6L6cBsJ7pBs8j7km6NtYHg" target="_blank">a Threads user</a> revealed the macOS ChatGPT app was storing conversations as plain text files. That means a hacker, malicious app, or anyone curious enough could freely access a victim&apos;s entire conversations from the macOS ChatGPT app. </p><p>OpenAI has since patched the app to encrypt saved conversations. So, these files should be secure moving forward. However, it is possible the text files containing users&apos; ChatGPT conversations were vulnerable prior to the most recent app update. </p><h2 class="article-body__section" id="section-how-do-these-security-vulnerabilities-affect-users"><span>How do these security vulnerabilities affect users?</span></h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="sWAvLkrXSHTnyBzj45jZCW" name="chatgpt-on-apple-lede-1.jpg" alt="The Apple Intelligence and ChatGPT logos behind two back to back iPhones" src="https://cdn.mos.cms.futurecdn.net/sWAvLkrXSHTnyBzj45jZCW.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Apple/OpenAI (edited on Canva))</span></figcaption></figure><p>It&apos;s certainly not a good time to be OpenAI, between news of its 2023 internal messaging breach, a concerning glitch on ChatGPT, and a major security flaw in the ChatGPT macOS app. However, if you&apos;re a ChatGPT user, only one of these issues could potentially directly impact you. </p><p>The 2023 breach only affected OpenAI&apos;s internal messaging forums, likely to place company secrets at risk but not user data. Similarly, the glitch revealed on Reddit last weekend has been patched and seems to have only exposed ChatGPT&apos;s own instructions. </p><p>The macOS ChatGPT app vulnerability is concerning, though. If you&apos;ve been using the Mac app, the good news is that your conversations are encrypted as of the latest app update. Before this update, it&apos;s possible those conversations were vulnerable to hacking. </p><p>However, unless your Mac was hacked between when you downloaded the Mac ChatGPT app and this week when the encryption patch rolled out, you probably don&apos;t have anything to worry about. If you&apos;re not sure whether or not your Mac was exposed to malware recently, you can use an antivirus program to check for any suspicious activity or downloads. </p><p>You can also protect your data in the ChatGPT app moving forward by deleting conversations when you no longer need them. It may also be a good idea to turn off the <a href="https://help.openai.com/en/articles/7730893-data-controls-faq" target="_blank">"Improve the model for everyone" feature</a> in the app. This feature allows OpenAI to use your conversations to train ChatGPT. If you&apos;re concerned about privacy, it&apos;s probably a good idea to opt out of this program. </p><p>You may also want to keep an eye out for macOS 15 and Apple Intelligence, which will allow you to <a href="https://www.laptopmag.com/phones/iphone/chatgpt-on-iphone-ipad-and-mac-everything-we-know">use ChatGPT on your Mac</a> without sharing your data with OpenAI. This will likely be the most private and secure way to access ChatGPT once the feature launches later this year. </p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/software/a-timeline-of-openai-controversy-november-2023-to-may-2024"><strong>A timeline of OpenAI controversy: November 2023 to May 2024</strong></a></li><li><a href="https://www.laptopmag.com/phones/iphone/the-world-isnt-ready-and-we-arent-ready-and-im-concerned-we-are-rushing-forward-regardless-and-rationalizing-our-actions-openai-employees-sound-the-alarm-ahead-of-apple-partnership"><strong>OpenAI employees sound the alarm ahead of Apple partnership</strong></a></li><li><a href="https://www.laptopmag.com/software/apple-warns-against-cloud-ai-data-collection-leans-into-on-device-ai"><strong>Apple warns against cloud-AI data collection, leans into on-device AI</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Data shows deceitful Android malware is on the rise: Take this one step to keep your phone safe ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/data-shows-deceitful-android-malware-is-on-the-rise-take-this-one-step-to-keep-your-phone-safe</link>
                                                                            <description>
                            <![CDATA[ Android malware applications are on the rise, one small change can help protect your phone. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">7qT7RUEh7Am4asrSgmBWtn</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 29 May 2024 17:34:10 +0000</pubDate>                                                                                                                                <updated>Wed, 29 May 2024 22:29:25 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Madeline Ricchiuto ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/PsdRdugC24rHrg673Xo7zb.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Feodora Chiosea]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Android banking trojan]]></media:description>                                                            <media:text><![CDATA[Android banking trojan]]></media:text>
                                <media:title type="plain"><![CDATA[Android banking trojan]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><em>Updated 5/29/24 at 6:11 p.m. ET with comment from Google representative.</em></p><p>This month, a banking trojan claiming to be an official Google Play Store update wrought havoc on Android users.</p><p>The Antidot Android Banking Trojan discovered by <a href="https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/"><em>Cyble</em></a> uses VNC (virtual network computing), keylogging, and overlay techniques to steal sensitive information and login credentials from unsuspecting Android owners.</p><p>The problem could have been avoided, though. But first, let&apos;s get into what happened when the deceptive malware collected bank information from Android users.</p><h2 id="how-does-antidot-work">How does Antidot work?</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1052px;"><p class="vanilla-image-block" style="padding-top:56.27%;"><img id="tLdBXFrecVjuGpqmZhkZFC" name="AppStore.png" alt="Google Play Store app icon up close on phone display" src="https://cdn.mos.cms.futurecdn.net/tLdBXFrecVjuGpqmZhkZFC.png" mos="" align="middle" fullscreen="" width="1052" height="592" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: How-To Geek)</span></figcaption></figure><p>As the <a href="https://cyble.com/blog/new-antidot-android-banking-trojan-masquerading-as-google-play-updates/"><em>Cyble</em></a> report explains, the Antidot software functions using an accessibility feature and then establishes a connection with its command and control server. That server registers the device and identifies target applications. Using an overlay injection, the Antidot software sends a message claiming to be from Google which tells users to update the Google Play Store.</p><p>The Antidot software then logs keystrokes and transmits that information to the control server, allowing the trojan to steal sensitive information and login credentials. The software can also access text messages and control the camera and screen lock.</p><p>Because the Antidot download is prompted from a false popup message, the Antidot software is sideloaded rather than downloaded directly from the Play Store. This should indicate that the software isn&apos;t a legitimate Play Store update.</p><h2 id="other-malicious-applications-are-out-there">Other malicious applications are out there</h2><p>While the Antidot Android Banking Trojan is sideloaded, it may not be the only malicious application targeting Android phones.</p><p>According to a new report by <a href="https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google#google-play-store-trends">Zscaler ThreatLabz</a>, "over 90 malicious applications (have been) uploaded to the Google Play store. These malware-infected applications have collectively garnered over 5.5 million installs."</p><p>So Android malware applications are potentially on the rise.</p><h2 id="how-to-stop-trojan-applications">How to stop trojan applications</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="3R3mQhgrJGtyTBwcrN8mqG" name="Google Play Protect.jpg" alt="Google Play Protect" src="https://cdn.mos.cms.futurecdn.net/3R3mQhgrJGtyTBwcrN8mqG.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Google)</span></figcaption></figure><p>There is a way to protect yourself from malicious applications like the Antidot Android Banking Trojan.<br><br>A spokesperson for Google tells <a href="https://www.darkreading.com/endpoint-security/android-banking-trojan-antidot-disguised-as-google-play-update"><em>Dark Reading</em></a> that Google Play Protect can protect against this kind of malware. "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."</p><p>We reached out to Google for comment and a representative got back to us with the following statement regarding Google Play Protect:</p><p>This suggests that Zscaler&apos;s 5.5 million installations figure may not be an accurate account, but Google would not confirm or deny that specific figure.</p><p>If you&apos;re worried you may have downloaded the Antidot Android Banking Trojan or a similarly malicious application, <a href="https://www.laptopmag.com/software/antivirus-cyber-security/google-play-protects-new-real-time-scans-make-android-phones-safer-than-ever-make-sure-its-turned-on">Google Play Protect rolled out a virus scan function in October</a>. Play Protect&apos;s scans <a href="https://security.googleblog.com/2023/10/enhanced-google-play-protect-real-time.html">will protect against malware pushed to the Google Play store or sideloaded as an APK</a> like the Antidot trojan.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ World Password Day, created by Intel, sees Google make the biggest waves in 2024 ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/world-password-day-created-by-intel-sees-google-make-the-biggest-waves-in-2024</link>
                                                                            <description>
                            <![CDATA[ Google announced key security updates for World Password Day. Here's how you can use them to keep your accounts and data safe. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Xcm5Jxb8QS673mByCb7q6n</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/YBDuiSRxcjhKL9sBz382EZ-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Thu, 02 May 2024 19:47:32 +0000</pubDate>                                                                                                                                <updated>Thu, 02 May 2024 19:47:36 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Stevie Bonifield ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/YyiuwBdH8o94JgPgp8y2uU.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/YBDuiSRxcjhKL9sBz382EZ-1280-80.png">
                                                            <media:credit><![CDATA[Future. This image was created with the assistance of DALL·E 2]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Keys in comic book style]]></media:description>                                                            <media:text><![CDATA[Keys in comic book style]]></media:text>
                                <media:title type="plain"><![CDATA[Keys in comic book style]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/YBDuiSRxcjhKL9sBz382EZ-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Can you believe it&apos;s already World Password Day? Seems like it arrives earlier every year. <br><br><a href="https://community.intel.com/t5/Blogs/Thought-Leadership/Big-Ideas/Celebrating-the-8th-Annual-World-Password-Day/post/1335057">Created by Intel</a> in 2013, World Password Day is held on the first Thursday in May each year. The reason for the season is security, folks.</p><p>Google opted to make a little news this WPD by announcing it would broaden the set of tools and services it offers to help people leave passwords behind for more secure login tech. When World Password Day is free of passwords, we will truly be living in a more secure world.</p><p>Here&apos;s a look at everything Google announced for WPD — and how you can use these updates to improve your web security. </p><h2 id="google-announces-passkey-updates-for-world-password-day">Google announces passkey updates for World Password Day</h2><p>In Google&apos;s <a href="https://blog.google/technology/safety-security/google-passkeys-update-april-2024/">annual blog post</a> for World Password Day, its security team highlighted some updates to the passkey program it <a href="https://fidoalliance.org/apple-google-and-microsoft-commit-to-expanded-support-for-fido-standard-to-accelerate-availability-of-passwordless-sign-ins/">announced in 2022</a>. These updates will help both high and low-risk users improve their web security so they can keep all of their online accounts and data safe. </p><p>The first highlight of Google&apos;s World Password Day announcements is the expansion of cross-account protection. This program allows users to protect non-Google accounts connected to their Google account. When Cross-Account Protection is active, Google will share security notifications with the apps and websites connected to your account. This makes it much more difficult for hackers to use one compromised account to gain access to all your apps and websites. </p><p>Google is now expanding the apps and services eligible to connect to Cross-Account Protection. So, you&apos;ll soon be able to use it to monitor and secure more of your accounts. </p><p>Google also announced that its passkey sign-in option will soon be available to users enrolled in its <a href="https://landing.google.com/advancedprotection/">Advanced Protection Program</a>. The app is for high-risk users, people who are at an above-average risk of being targeted by hackers, such as politicians, public figures, journalists, executives, and others with high visibility. Starting in 2024, app users will have the option to use passkeys in addition to hardware security keys. </p><p>Users who are not enrolled in APP are also getting an upgrade. Google will now allow users to store passkeys within more security apps, such as the popular password manager 1Password. Users can also <a href="https://security.googleblog.com/2024/05/passkeys-on-your-phone-computer-and-security-keys.html">store their passkeys on existing security keys</a> for greater login convenience. </p><h2 id="how-you-can-use-cross-account-protection-and-google-passkeys">How you can use Cross-Account Protection and Google Passkeys</h2><p>World Password Day isn&apos;t just about passwords — it&apos;s about improving web security on every level. Today that means leaving passwords behind, which is precisely what Google is helping millions of people do with passkeys and cross-account protection. You can also use these security tools to protect your accounts and data, and it only takes a few steps. </p><p>If you haven&apos;t used a passkey before, they are similar to passwords but use stronger authentication methods to prevent hacking. For example, when you attempt to log in to your account, you might be prompted to scan your fingerprint on your phone instead. Passkeys can also be PIN numbers or your face ID. They&apos;re more secure, and they allow you to log in without needing to remember a lengthy password. </p><p>To start using a passkey for your Google Account, head to the <a href="https://myaccount.google.com/signinoptions/passkeys">passkey setup page</a> and log in like normal. After logging in, you should see an option to "Create a passkey." Select it and follow the steps on the screen to create your passkey. If this option isn&apos;t appearing in your Google account, double-check <a href="https://support.google.com/accounts/answer/13548313?hl=en">Google&apos;s hardware and software requirements</a> to make sure your device is eligible. </p><p>Setting up Cross-Account Protection on apps and services connected to your Google account is also a good idea. This tool isn&apos;t available for every app or website yet, but Google announced on Thursday that it will soon expand the number of compatible third-party apps and services. </p><p>Setting up <a href="https://support.google.com/accounts/answer/112802?sjid=14611758571850331455-NA">Cross-Account Protection</a> is very straightforward. All you have to do is connect the accounts you want to protect to your Google account. You can do this by either signing into the app or service using your Google account or <a href="https://support.google.com/accounts/answer/14012355">allowing the app to share access</a> to your Google account. Once you connect them, Google will automatically share security notifications with eligible connected apps, sites, and services. </p><p>With these easy steps, you can utilize all the latest security updates Google announced for World Password Day. Switching to a passkey will make signing into your Google account more straightforward and secure, and setting up Cross-Account Protection will give you extra security for third-party apps and services thanks to Google&apos;s security notifications. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 73 million current, former AT&T accounts leaked to the dark web — here's what to do ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/73-million-current-former-atandt-accounts-leaked-to-the-dark-web-heres-what-to-do</link>
                                                                            <description>
                            <![CDATA[ Whether you are a current AT&T customer or had an account with them in the past, your data may have been leaked to the dark web. Here's what was lost and what AT&T is doing about it. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ABDmCtte2QPjcnDMgJpTkh</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Ke9fiKkZuHYFxrKSCNfS94-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Sun, 31 Mar 2024 03:00:46 +0000</pubDate>                                                                                                                                <updated>Sun, 31 Mar 2024 13:18:38 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Ke9fiKkZuHYFxrKSCNfS94-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/sabelskaya]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[hacker]]></media:description>                                                            <media:text><![CDATA[hacker]]></media:text>
                                <media:title type="plain"><![CDATA[hacker]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Ke9fiKkZuHYFxrKSCNfS94-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Whether you are a current subscriber or had an AT&T account in the past, your personal data could be part of a massive breach that according to a <a href="https://www.att.com/support/article/my-account/000101995?bypasscache=1">note from AT&T</a> to customers impacts up to 73 million account holders (via <a href="https://www.washingtonpost.com/technology/2024/03/30/att-dark-web-leak/">WP</a>).</p><p>The 7.6 million current subscribers involved in the breach have had their passcodes reset and should have received communication from AT&T already notifying them of the breach. The stolen data is all from 2019 or earlier and also includes 65.4 million former account holders. While according to AT&T there is no financial or call history information, it may include full names, email addresses, mailing addresses, Social Security numbers, date of birth, AT&T account numbers and passcodes.</p><p>Naturally, that is a recipe for identity theft, so all impacted account holders need to be aware of the situation and what to do from here.</p><h2 id="what-should-you-do">What should you do?</h2><p>If your data was part of the breach you can expect an email or letter from AT&T with additional details and your full options. </p><p>While you wait for that to arrive your first step should be to reset your passcode to avoid anyone gaining access to your account to steal additional information. Now to be clear this is your numerical PIN for your AT&T account, not your password. </p><p>Unfortunately, there isn&apos;t much else you can do to proactively protect yourself against the breach as the data was released onto the dark web around two weeks ago. </p><p>What AT&T will offer those impacted is complimentary identity theft and credit monitoring services, hopefully allowing you to quickly catch any potentially damaging activities carried out using your information.</p><h2 id="what-happened">What happened?</h2><p>It&apos;s unclear at this point if AT&T is actually responsible for the lost data. The company claims that it has no "evidence of unauthorized access to its systems resulting in theft of the data set." </p><p>It is entirely possible that a third party working with AT&T is to blame, but obviously, the end result is the same, so that&apos;s cold comfort to account holders that now need to worry about identify theft.</p><h3 class="article-body__section" id="section-more-from-laptop-mag"><span>MORE FROM LAPTOP MAG</span></h3><ul><li><a href="https://www.laptopmag.com/laptops/out-of-touch-windows-loses-android-support">Out of touch: Windows loses Android app support</a></li><li><a href="https://www.laptopmag.com/best-laptops">Best laptop 2024</a>: 10 best laptops tested and rated</li><li><a href="https://www.laptopmag.com/deals/walmart-spring-sale-this-weekend-deals-i-recommend">Walmart is having a huge sale this weekend — here's 21 deals I recommend</a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ iPhone users beware: 'Reset password' phishing attacks on the rise ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/iphone-users-beware-reset-password-phishing-attacks-on-the-rise</link>
                                                                            <description>
                            <![CDATA[ There's a new phishing method targeting iPhone users, here's how it works and how to avoid falling victim to it. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">dzSnXAcHQRvta4dbTVQrhj</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/JQmSJvKVjEhEeUFPq7c5gQ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 27 Mar 2024 20:00:50 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/JQmSJvKVjEhEeUFPq7c5gQ-1280-80.jpg">
                                                            <media:credit><![CDATA[Vecteezy / Parth Patel]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[iPhone showing MFA phishing attack attempts as notifications.]]></media:description>                                                            <media:text><![CDATA[iPhone showing MFA phishing attack attempts as notifications.]]></media:text>
                                <media:title type="plain"><![CDATA[iPhone showing MFA phishing attack attempts as notifications.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/JQmSJvKVjEhEeUFPq7c5gQ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Phishing attacks are on the rise, with these nefarious security threats breaching your accounts, stealing your credit information, or accessing your private files. Scams like these see you simultaneously play the part of an active (yet unwitting) co-conspirator in attempts to hijack your most sensitive data.</p><p>Far beyond the simplistic and often easy-to-spot cold-calling techniques of supposed Microsoft Tech support agents or Amazon customer service employees, a new phishing threat has arisen whereby iPhone users are being targeted by the misuse of Multi-Factor Authentication (MFA) in efforts to trick them into handing over complete control of their Apple account.</p><p>Unlike other phishing attacks that might require a user to divulge passwords, personal details, or banking information, all this attack requires to successfully rob you of your Apple account (and all of the information and banking details linked to it) is a simple tap on the wrong notification.</p><h2 id="gone-phishing-how-apos-push-bombing-apos-and-apos-mfa-apos-fatigue-attacks-target-iphone-users">Gone phishing: How &apos;Push Bombing&apos; and &apos;MFA&apos; fatigue attacks target iPhone users</h2><p>This kind of phishing is known as "Push bombing" or "MFA fatigue," a method that continually harasses victims with a stream of notifications that are otherwise (ironically) used to protect people from this exact kind of attack.</p><p>As reported by <a href="https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/" target="_blank">KrebsOnSecurity</a>, a bug (or potential oversight) in Apple&apos;s password reset feature has seen cyber-criminals spam their victims with password reset request notifications that force users to tap "Allow" or "Don&apos;t Allow" before proceeding.</p><p>While it&apos;s easy enough for users to tap "Don&apos;t Allow," attempting to clear out hundreds of these messages before regaining access to your phone can result in the fatigue part of MFA fatigue, whereby a user might absentmindedly select the wrong option or simply hit "Allow" just to be done with them.</p><p>The risk of users doing so is all the more likely when the notification in question merely asks if you&apos;d like to "Use this iPhone to reset your Apple ID password" — a weak and vague form of phrasing that could lead some to believe that they are accepting the option to control their passwords only from this device.</p><p>But hitting "Allow" will grant the phishing hopefuls control of your password, leaving you in the dark about how to sign in to your own account once they complete the reset. Leaving users targeted by this form of attack helpless but to continually and carefully choose "Don&apos;t Allow" each time. However, even after that, the risk persists.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="d9cdwmYzYYnZhMUKNFJFpQ" name="P1033828.jpg" alt="Apple iPhone 15 Pro Max in Titanium" src="https://cdn.mos.cms.futurecdn.net/d9cdwmYzYYnZhMUKNFJFpQ.jpg" mos="" align="middle" fullscreen="" width="2000" height="1125" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Laptop Mag / Sean Riley)</span></figcaption></figure><h2 id="if-at-first-you-don-apos-t-succeed">If at first you don&apos;t succeed...</h2><p>A second stage of the attack is then likely to follow, whereby the scammers then call their target, spoofing the Apple Support phone number in the process, to inform them that there is a fault or a third-party attack in process and that Apple Support needs to verify a one-time code in order to resolve it.</p><p>Of course, Apple Support is not prone to making outbound calls to customers unless it is specifically requested, and that one-time code that&apos;s requested of you would give the attackers the 2FA (Two-factor authentication) blessing to change your password and lock you out of your account.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="tkBUFHgANM9Q2XDA9gD7BM" name="iPhone-14-pro-volume-buttons.jpg" alt="iPhone 14 Pro on a slatted table top showing the volume buttons and mute switch" src="https://cdn.mos.cms.futurecdn.net/tkBUFHgANM9Q2XDA9gD7BM.jpg" mos="" align="middle" fullscreen="" width="2000" height="1125" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Laptop Mag/Sean Riley)</span></figcaption></figure><h2 id="how-to-prevent-phishing-attacks-against-your-apple-account">How to prevent phishing attacks against your Apple account</h2><p>Sadly, protecting yourself from this form of attack can&apos;t be prevented by ticking a checkbox or enabling a setting somewhere on your device. It&apos;s up to Apple to implement some form of measure that impedes an attacker&apos;s ability to disrupt its users in this way.</p><p>Until then, you&apos;ll have to rely on your own vigilance when it comes to avoiding being duped by ne&apos;er-do-wells seeking to abuse this security feature in their attempts to catch you off-guard.</p><p>Always stay alert to the kind of notifications you&apos;re receiving, especially when it has anything to do with passwords or device permission. And, as with any type of cold-calling, you should never divulge personal information over the phone — no matter how a person identifies themselves to you and no matter how much accurate information they have to hand about you in their attempts to verify themselves.</p><p>If you&apos;re ever asked to share a one-time code, click a link in a dodgy-looking email, or hand over personal information in any way over the phone (or through email) then break the line of contact and reach out to that company directly. This ensures that you know with 100% certainty that who you are speaking to is actually whom they claim to be.</p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/has-your-email-or-password-been-stolen-heres-how-to-find-out"><strong>Has your email or password been stolen? Here's how to find out</strong></a></li><li><a href="https://www.laptopmag.com/how-to/your-phone-is-listening-to-you-heres-how-to-stop-it"><strong>Your phone is listening to you — here's how to stop it</strong></a></li><li><a href="https://www.laptopmag.com/how-to/how-to-switch-from-a-passcode-to-an-iphone-password-boost-your-security-in-seconds"><strong>How to switch from a passcode to an iPhone password — boost your security in seconds</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Yes, Facebook, Instagram are down worldwide: Meta claim issues are now resolved ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/facebook-and-instagram-are-down-worldwide-outage-strikes-popular-social-media-platforms</link>
                                                                            <description>
                            <![CDATA[ Meta-owned Facebook and Instagram are currently out of action worldwide. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">RRBcZ6wQd9wU8XtcKbTKQe</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/PjUjEzzC5v8pZWL7PByPh9-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 05 Mar 2024 16:15:19 +0000</pubDate>                                                                                                                                <updated>Tue, 05 Mar 2024 17:29:05 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/PjUjEzzC5v8pZWL7PByPh9-1280-80.jpg">
                                                            <media:credit><![CDATA[Snappa]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Facebook deactivate]]></media:description>                                                            <media:text><![CDATA[Facebook deactivate]]></media:text>
                                <media:title type="plain"><![CDATA[Facebook deactivate]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/PjUjEzzC5v8pZWL7PByPh9-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p><em><strong>Update (March 5, 2024 @ 12:25 a.m.):</strong></em><em> Reports of service disruption on DownDetector are dipping as Meta addresses the issues on its platforms. </em><a href="https://twitter.com/andymstone" target="_blank"><em>Andy Stone of Meta Communications</em></a><em> is now reporting that service should now resume as normal.</em></p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">Earlier today, a technical issue caused people to have difficulty accessing some of our services. We resolved the issue as quickly as possible for everyone who was impacted, and we apologize for any inconvenience. https://t.co/ybyyAZNAMn<a href="https://twitter.com/andymstone/status/1765064721416245460">March 5, 2024</a></p></blockquote><div class="see-more__filter"></div></div><p><br></p><p><em><strong>Update (March 5, 2024 @ 11:52 a.m.):</strong></em><em> Meta&apos;s service tracker is now showing "Recovering from disruptions" against a number of affected services, indicating that the issue is in the process of being resolved.</em></p><p><em><strong>Update (March 5. 2024 @ 11:45 a.m.):</strong></em><em> Meta&apos;s service tracker is now reporting "Major Disruptions" across more services linked with Facebook, Instagram, and WhatsApp. As a result, users will have trouble logging into services and sending messages on Meta platforms.</em></p><p>Is Facebook down? Yes it is! Along with several other Meta-owned social platforms such as Instagram and even WhatsApp. If you&apos;re unable to access Facebook or Instagram, the problem (thankfully) isn&apos;t on your end! Early reports are indicating that the Meta-owned social media platforms are both down globally amid a potential service outage.</p><p>Website outage tracker <a href="https://downdetector.com/status/facebook/map/" target="_blank">DownDetector</a> is currently reporting issues with Facebook, Instagram, Facebook messenger, and riding reports of issues with WhatsApp as parent company Meta are seemingly being struck by some form of issue.</p><p>Facebook lacks its own outage tracker, but <a href="https://metastatus.com" target="_blank">Meta for Business does not,</a> and it&apos;s currently reporting "Major Disruptions" across the Meta Admin Center, Facebook Login, WhatsApp Business API, and Marketing API.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1038px;"><p class="vanilla-image-block" style="padding-top:58.86%;"><img id="6Zp8p5i2giF6FQurq4VuLD" name="DownDetector_map_of_Facebook_Outage_05_03_24_11_am_ET.png" alt="Map showing Meta Facebook service outages being reported online as of March 5, 2024 11 a.m. ET" src="https://cdn.mos.cms.futurecdn.net/6Zp8p5i2giF6FQurq4VuLD.png" mos="" align="middle" fullscreen="" width="1038" height="611" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">Map showing US locations reporting Facebook service issues online as of March 5, 2024 11 a.m. ET. </span><span class="credit" itemprop="copyrightHolder">(Image credit: DownDetector)</span></figcaption></figure><p>It&apos;s not all doom and gloom, however. Amid the outage Elon Musk has taken to Twitter/X to add a slight bit of levity to Meta&apos;s ongoing problems:</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">If you’re reading this post, it’s because our servers are working<a href="https://twitter.com/elonmusk/status/1765047740327702665">March 5, 2024</a></p></blockquote><div class="see-more__filter"></div></div><h2 class="article-body__section" id="section-meta-website-outage-has-my-account-been-hacked"><span>Meta website outage: Has my account been hacked?</span></h2><p>There is no reason to believe that the current outages are any form of cyber attack or hacking incident. Outages like this are common for many websites online and there is likely no need to panic or assume the worst.</p><p>If you want to be doubly sure, once you can log into Facebook once more, be sure to follow our guide on <a href="https://www.laptopmag.com/how-to/log-all-devices-out-facebook-account">how to log all of your devices out of your Facebook account</a>, to be certain that only the devices you&apos;ve authorized are able to access your profiles.</p><h2 class="article-body__section" id="section-meta-website-outage-how-do-i-log-back-in-to-facebook-or-instagram"><span>Meta website outage: How do I log back in to Facebook or Instagram?</span></h2><p>If you&apos;ve been logged out of your social media accounts due to the outage and are struggling to log back in, don&apos;t panic!</p><p>There&apos;s nothing wrong with your account, but the websites themselves are currently experiencing issues. This appears to stretch to Facebook and WhatsApp messenger also, so don&apos;t be alarmed if messages aren&apos;t currently sending.</p><p>The current issue appears to lie with Meta (the owner of Facebook and Instagram), which will no doubt be aware of the issue and working to resume normal service as soon as possible. Until then, there&apos;s not a great deal you can do but wait.</p><p>Thankfully, service disruptions for Facebook or Instagram are relatively short-lived and we expect normal service to resume shortly.</p><p>This story is currently breaking and we will update this article as the story develops.</p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/how-to/log-all-devices-out-facebook-account"><strong>How to log all devices out of your Facebook account</strong></a></li><li><a href="https://www.laptopmag.com/phones/strange-noises-on-facebook-its-not-just-you-how-to-fix-metas-chirping-bug"><strong>Facebook making strange noises? It's not just you! How to fix Meta's chirping bug</strong></a></li><li><a href="https://www.laptopmag.com/how-to/how-to-change-your-name-on-facebook"><strong>How to change your name on Facebook</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Alleged Epic Games Store hack may include passwords and payment info — should you be worried? ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/epic-games-store-allegedly-hacked-by-ransomware-gang-passwords-and-payment-info-part-of-189gb-heist</link>
                                                                            <description>
                            <![CDATA[ Ransomware group claims to have stolen 189GB of user data from the Epic Games Store including passwords and payment information. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">cFSSjvou5t3MWTZQYtuq9j</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/YTvXRnDJNNduHvW8HJH2xT-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 29 Feb 2024 14:00:57 +0000</pubDate>                                                                                                                                <updated>Thu, 29 Feb 2024 16:24:43 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/YTvXRnDJNNduHvW8HJH2xT-1280-80.jpg">
                                                            <media:credit><![CDATA[Epic / Laptop Mag / Rael Hornby]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Epic Games Store logo with thief peeking from behind the logo with a swag bag full of data]]></media:description>                                                            <media:text><![CDATA[Epic Games Store logo with thief peeking from behind the logo with a swag bag full of data]]></media:text>
                                <media:title type="plain"><![CDATA[Epic Games Store logo with thief peeking from behind the logo with a swag bag full of data]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/YTvXRnDJNNduHvW8HJH2xT-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Epic Games Store users may want to keep their eyes peeled on a developing story that sees a dark-web ransomware group by the name of Mogilevich claiming to have stolen nearly 200GB of data from the platform including emails, passwords, full names, payment information, and source code.</p><p>News of the potential hack comes from social media site X&apos;s <a href="https://twitter.com/DarkWebInformer/status/1762534228154040483" target="_blank">Dark Web Informer</a>, a user known for providing Cyber Threat Intelligence (CTI) to the platform to spread awareness of potential breaches to consumers and businesses after threat actors reveal their actions on the Dark Web or wider internet.</p><p>Data breaches like the one Mogilevich claims to have pulled off involve threat actors gaining access to private information before holding that information to ransom, usually until a company agrees to pay them to prevent further distribution of the stolen information.</p><p>According to <a href="https://twitter.com/LawrenceAbrams/status/1762576389373325757" target="_blank">BleepingComputer&apos;s Lawrence Abrams</a>, Mogilevich is looking to sell the data for just $15K, and won&apos;t be providing evidence of the breach to anyone who isn&apos;t looking to purchase the data and show "proof of funds" in the process. Abrams believes this claim sounds fishy, and he&apos;s not alone.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">🚨ALERT🚨Allegedly, #Mogilevich has breached Epic Games.Country: #USA🇺🇸Threat Actor: MogilevichCompany: Epic GamesRevenue: $5.8 BillionData Stolen: 189GBPrice: UnknownDate: 2024-02-27#Ransomware #DarkWeb #DarkWebInformer #Leaks #Leaked #Cybersecurity #Cyberattack… pic.twitter.com/fLrqCGkYo2<a href="https://twitter.com/DarkWebInformer/status/1762534228154040483">February 27, 2024</a></p></blockquote><div class="see-more__filter"></div></div><h2 id="what-does-epic-games-have-to-say">What does Epic Games have to say?</h2><p>In a follow-up to the news of the breach, Abrams reached out to Epic Games for comment who had the following to say: "<a href="https://www.bleepingcomputer.com/news/security/epic-games-zero-evidence-we-were-hacked-by-mogilevich-gang/" target="_blank">We are investigating but there is currently zero evidence that these claims are legitimate.</a>"</p><p>Epic would also go on to state that, in a move uncommon for most threat actors looking to profit from their actions, "Mogilevich has not contacted Epic or provided any proof of the veracity of these allegations."</p><h2 id="outlook">Outlook</h2><p>Mogilevich doesn&apos;t have a long and storied history of proving its claims but has been previously linked to breaches involving Ireland&apos;s Department of Foreign Affairs and Infinity USA.</p><p>As a relatively unknown group, it&apos;s somewhat of an unknown quantity in terms of being viewed as a credible threat. However, with Epic Games having found no evidence of a breach (as of the time of writing) and with such a small ransom posted for an otherwise large sampling of stolen information, it&apos;s likely that the group could be scamming companies with fake data.</p><p>Facing the negative press or stock backlash of data breaches can be enough to force the hand of certain companies into offering up the ransom to make the problem go away fast. This could be the same case here, and if so, users have very little to be concerned about.</p><p>However, as a general rule of thumb, if a service you&apos;re subscribed to is alleged to be part of a breach, no matter how credible of a threat (and in this case, it seems that Mogilevich may be telling tall tales) it&apos;s often a great reminder to refresh your passwords on these platforms to be extra vigilant against breaches.</p><h2 class="article-body__section" id="section-more-from-laptop-mag"><span>More from Laptop Mag</span></h2><ul><li><a href="https://www.laptopmag.com/software/antivirus-cyber-security/has-your-email-or-password-been-stolen-heres-how-to-find-out"><strong>Has your email or password been stolen? Here's how to find out</strong></a></li><li><a href="https://www.laptopmag.com/how-to/your-phone-is-listening-to-you-heres-how-to-stop-it"><strong>Your phone is listening to you — here's how to stop it</strong></a></li><li><a href="https://www.laptopmag.com/how-to/5-windows-security-settings-you-should-change-now-to-protect-your-laptop"><strong>5 Windows security settings you should change now to protect your laptop</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ You need this Google Chrome update coming ASAP to protect your home network ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/you-need-this-google-chrome-update-coming-asap-to-protect-your-home-network</link>
                                                                            <description>
                            <![CDATA[ Google Chrome is bringing Private networking to your home so you will enjoy a safer browsing experience. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">AtDuKLWimCniuWmzVdwA5</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/nyxNahQipet2eMKFJsVDvn-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 21 Feb 2024 01:30:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/nyxNahQipet2eMKFJsVDvn-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Generated using Adobe FireFly]]></media:description>                                                            <media:text><![CDATA[Generated using Adobe FireFly]]></media:text>
                                <media:title type="plain"><![CDATA[Generated using Adobe FireFly]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/nyxNahQipet2eMKFJsVDvn-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Heads up! Google Chrome is gearing up for a new security feature aimed at safeguarding your home network. Code-named "Private Network Access for Navigation Requests," this innovation aims to shield your connected devices from potential threats lurking on websites. Thanks to a report at <a href="https://www.ghacks.net/2024/02/20/google-chrome-will-soon-prevent-malicious-websites-from-attacking-your-home-network/" target="_blank"><u>Ghacks.net</u></a>, we can share Google’s plans to safeguard your home network. </p><p>The feature blocks navigation requests initiated by websites, acting as a security barricade for your home network. This proactive approach minimizes the risk of infections or intrusions, making your online experience safer. While details are still emerging (thanks to the eagle eyes at <a href="https://www.xda-developers.com/google-chrome-protect-home-network-cyberattacks/"><u>XDA!</u></a>), I&apos;m grateful to see Google prioritizing home network security. </p><h2 id="google-private-network-access-x2014-how-it-works">Google Private Network Access — how it works</h2><p><strong>Blocking Malicious Redirects: </strong>Traditionally, clicking a link or navigating to a new website triggers a smooth transition. However, some websites can sneakily redirect you to dangerous pages. This feature acts as a security checkpoint, blocking navigation requests initiated by malicious websites before they can harm your devices.</p><p><strong>Double-Checking Destinations:</strong> Before granting access, Chrome verifies both the request&apos;s origin and the target website&apos;s security status. Think of it as a double-lock system ensuring both websites are clean before allowing the page to load.</p><p><strong>Transparent Communication:</strong> If access is blocked, Chrome displays a clear error message, informing you about the potential threat and protecting your privacy. Additionally, developers get informed through Chrome&apos;s DevTools, helping them improve their websites.</p><p>While initially a warning-only system, future updates will allow users to disable it on a per-site basis. Mozilla and Apple support the feature&apos;s functionality but suggest a less confusing name like "Local Network Access" instead.</p><h2 id="final-thoughts">Final thoughts</h2><p>This enhanced security measure arrives in Chrome 123, launching in Beta on February 21st and Stable on March 13th. While not foolproof, it&apos;s a significant step towards a safer online experience. Remember, vigilance is key – always use a reliable ad blocker, or antivirus, and practice safe browsing habits. You can read the official documentation Google released <a href="https://docs.google.com/document/d/1QyFqHCgZLmEfy0wbgXNgce9zKpZVaqSpQY3JleFWrk0/edit#heading=h.5ejsehpwzo72"><u>here</u></a>. Enjoy safer browsing, my friends — well, soon enough.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Nasty iPhone, Android malware breaks into your banking apps using your face — here's how it works ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/nasty-iphone-android-malware-breaks-into-your-banking-apps-using-your-face-heres-how-it-works</link>
                                                                            <description>
                            <![CDATA[ A new trojan malware, named 'GoldPickaxe,' is capable of tricking users into scanning their faces and gaining access to banking accounts. Luckily, it's not in the US yet. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">tvubXpMeh9v7xz8fAsWAy4</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/9LhDKt4DAnrkZr9xsZHNxJ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 16 Feb 2024 05:00:07 +0000</pubDate>                                                                                                                                <updated>Fri, 16 Feb 2024 21:47:25 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/fB3fetC99tf85v26bvZJUH.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including &lt;em&gt;Mashable&lt;/em&gt;, &lt;em&gt;How-To Geek&lt;/em&gt;, &lt;em&gt;MakeUseOf&lt;/em&gt;, &lt;em&gt;Tom’s Guide&lt;/em&gt;, and of course, &lt;em&gt;Laptop Mag&lt;/em&gt;. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she&#039;s not writing, she&#039;s probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/9LhDKt4DAnrkZr9xsZHNxJ-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/GoodLifeStudio]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Android malware]]></media:description>                                                            <media:text><![CDATA[Android malware]]></media:text>
                                <media:title type="plain"><![CDATA[Android malware]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/9LhDKt4DAnrkZr9xsZHNxJ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A new malware by the name of GoldPickaxe is affecting Android and iOS devices in a big way. Spotted by <a href="https://www.group-ib.com/blog/goldfactory-ios-trojan/">Group-IB</a> (via <a href="https://www.bleepingcomputer.com/news/security/new-gold-pickaxe-android-ios-malware-steals-your-face-for-fraud/">BleepingComputer</a>), the GoldPickaxe malware tricks users into installing fraudulent apps and scanning their faces and ID documents. This sensitive information is then used to create deepfakes that allow the threat actors to gain unauthorized access to your banking app.</p><p>The GoldPickaxe malware is developed by GoldFactory, a Chinese hacker group that&apos;s also responsible for GoldDigger, GoldDiggerPlus, and GoldKefu malware. Right now, the group seems to be primarily targeting Thailand and Vietnam, but these techniques could be used to target other countries, either by GoldFactory or other malicious groups.</p><p>With that said, here&apos;s how the GoldPickaxe malware works and what to be cautious of over the next few months.</p><h2 id="how-goldpickaxe-malware-works-on-android-and-ios">How GoldPickaxe malware works on Android and iOS</h2><p>Between June 2023 and now, the GoldFactory malware group has distributed multiple threat packages, most of which targeted only Android users. However, its newest GoldPickaxe malware that started in Oct. 2023 targets both Android and iOS users.</p><p>Currently, victims are being targeted through phishing or smishing messages on the LINE app, which is a popular messaging app in Japan, Taiwan, and Thailand. These messages—written in the user&apos;s local language—impersonate government authorities and con victims into installing fraudulent apps, like the Digital Pension app below, from websites that look like Google Play.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:672px;"><p class="vanilla-image-block" style="padding-top:95.54%;"><img id="iEoPg5KZbjGtJ3Y36fpYX9" name="digital pension app goldpickaxe malware.jpg" alt="digital pension app goldpickaxe malware" src="https://cdn.mos.cms.futurecdn.net/iEoPg5KZbjGtJ3Y36fpYX9.jpg" mos="" align="middle" fullscreen="" width="672" height="642" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Group-IB)</span></figcaption></figure><p>The GoldPickaxe malware can target iPhone users in two ways. First, it directs victims to open a TestFlight URL that installs a legitimate TestFlight app in addition to the malware. If the TestFlight method doesn&apos;t work, the GoldFactory group sends out a malicious Mobile Device Management (MDM) profile, and if the iPhone user downloads it, the threat group gains control over the device.</p><p>Once someone has unknowingly installed the trojan horse, it can read incoming SMS messages, control background functions on the phone, request ID documents, and capture the victim&apos;s face. BleepingComputer points out that "use of the victims&apos; faces for bank fraud is an assumption by Group-IB," but this is "corroborated by the Thai police."</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:791px;"><p class="vanilla-image-block" style="padding-top:52.84%;"><img id="J5So5Cxk2Zqxvf8ozZ3kj4" name="goldpickaxe malware capturing faces.jpg" alt="goldpickaxe malware capturing faces" src="https://cdn.mos.cms.futurecdn.net/J5So5Cxk2Zqxvf8ozZ3kj4.jpg" mos="" align="middle" fullscreen="" width="791" height="418" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Group-IB)</span></figcaption></figure><p>Despite the fact that the GoldPickaxe malware can capture the faces of its victims and steal images, it can&apos;t access your official biometric data on Android or iOS. Your biometric data is encrypted and kept separate from running apps.</p><p>According to Group-IB, Android users are at a higher risk than iOS users, partly because Apple has higher security restrictions and partly because GoldPickaxe uses over 20 different fake apps on Android. Plus, with the iOS 17 update, these <a href="https://www.laptopmag.com/news/ios-17-3-game-changing-security-features-coming-to-iphone">3 game-changing security features</a> were added to many iPhones.</p><p><em><strong>Update 2/16/2024: </strong></em><em>A Google spokesperson offered this comment in regard to the threat posed by GoldPickaxe malware: "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Android malware posing as Google Chrome could steal your photos, contacts, and more — how to spot the fake ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/android-malware-posing-as-google-chrome-could-steal-your-photos-contacts-and-more-how-to-spot-the-fake</link>
                                                                            <description>
                            <![CDATA[ Recent Android XLoader malware can automatically launch after installation and start stealing a plethora of private information from your device. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">b5NyyCeJRnniWRpW2bdcqN</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/oSyzvu9dpExXCQ7wGbvq8f-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 09 Feb 2024 22:32:00 +0000</pubDate>                                                                                                                                <updated>Fri, 09 Feb 2024 22:32:04 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/fB3fetC99tf85v26bvZJUH.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including &lt;em&gt;Mashable&lt;/em&gt;, &lt;em&gt;How-To Geek&lt;/em&gt;, &lt;em&gt;MakeUseOf&lt;/em&gt;, &lt;em&gt;Tom’s Guide&lt;/em&gt;, and of course, &lt;em&gt;Laptop Mag&lt;/em&gt;. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she&#039;s not writing, she&#039;s probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/oSyzvu9dpExXCQ7wGbvq8f-1280-80.jpg">
                                                            <media:credit><![CDATA[Shutterstock]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Android malware]]></media:description>                                                            <media:text><![CDATA[Android malware]]></media:text>
                                <media:title type="plain"><![CDATA[Android malware]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/oSyzvu9dpExXCQ7wGbvq8f-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>An updated version of the XLoader malware for Android devices doesn&apos;t require any user interaction to launch once installed, according to researchers at <a href="https://www.mcafee.com/blogs/other-blogs/mcafee-labs/moqhao-evolution-new-variants-start-automatically-right-after-installation/">McAfee</a> (via <a href="https://www.bleepingcomputer.com/news/security/android-xloader-malware-can-now-auto-execute-after-installation/">BleepingComputer</a>). Of course, you still need to click the malicious link in an SMS message to download and install the malware, but this XLoader variant doesn&apos;t require users to manually launch the malware anymore.</p><p>Right now, the malware is being distributed through SMS texts on Android devices. If you&apos;re targeted, the SMS text will include a shortened URL that, if clicked on, will direct you to a website to download an Android APK installation file for a mobile app.  McAfee says that, "While the app is installed, their malicious activity starts automatically."</p><p>The malware will run silently in the background, gaining access to all kinds of personal, private data on your Android device, including photos, messages, contacts, and potentially banking information. Luckily, the malware is pretty easy to spot and you might already be protected if Google&apos;s Play Protect service is enabled on your Android device. Here&apos;s what to look for, and how to see if Play Protect is active.<br></p><h2 id="how-to-spot-the-new-xloader-malware">How to spot the new XLoader malware</h2><p>XLoader—also known as MoqHao malware—is likely created by &apos;Roaming Mantis,&apos; a financially-motivated threat actor, and McAfee identified some malicious pop-up messages in the malware&apos;s code in English, Korean, French, Japanese, German, and Hindi, which indicates the malware&apos;s current targets.</p><p>If you&apos;re in an area that primarily speaks one of those languages, you might be at risk, but the warning signs that something&apos;s off are pretty clear. In permission requests during the malicious app&apos;s first launch, it&apos;ll masquerade as Google Chrome, but you&apos;ll notice some letters are bolded while others aren&apos;t.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:37.81%;"><img id="G8miTsc3bL4eGTWhBsjLt" name="android malware posing as chrome.jpg" alt="android malware posing as chrome" src="https://cdn.mos.cms.futurecdn.net/G8miTsc3bL4eGTWhBsjLt.jpg" mos="" align="middle" fullscreen="" width="1920" height="726" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: McAfee)</span></figcaption></figure><p>After those initial requests, the malicious app will ask you to set "chrome" as your default SMS app, citing the reason "to prevent spam" to convince you it&apos;s the right decision. Again, you&apos;ll spot randomly bolded letters here as a warning sign that something&apos;s off.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1484px;"><p class="vanilla-image-block" style="padding-top:41.64%;"><img id="CJtrjncr83Y5VNrWwZA3ZP" name="android malware posing as google chrome.jpg" alt="android malware posing as google chrome" src="https://cdn.mos.cms.futurecdn.net/CJtrjncr83Y5VNrWwZA3ZP.jpg" mos="" align="middle" fullscreen="" width="1484" height="618" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: McAfee)</span></figcaption></figure><p>You should be on the lookout for suspicious-looking phishing URLs from Pinterest profiles, as this is a primary way the XLoader malware is targeting victims and evading detection right now. There are about 20 commands outlined by McAfee that the malware can execute right now. These 5 pose the biggest threat to your personal data:</p><ul><li><strong>get_photo:</strong> Sends all photos on your device to the hacker's command and control (C2) server</li><li><strong>getSmsKW:</strong> Sends all SMS messages on your device to the C2 server, which could possibly contain sensitive information sent to family and friends</li><li><strong>sendSms:</strong> Lets the XLoader malware send SMS messages from your device, potentially spreading phishing links to your friends and family</li><li><strong>gcont:</strong> Exports your contacts list to the C2 server, giving the hackers direct contact info for targeted phishing attacks</li><li><strong>getPhoneState:</strong> Grabs your device's identifying information, like its IMEI, SIM number, Android ID, and serial number</li></ul><p>In its recent report, McAfee explains that it has told Google about the XLoader malware&apos;s technique of bypassing manual user launch to start running the app, and that Google is "already working on the implementation of mitigations to prevent this type of auto-execution in a future Android version." </p><p>McAfee then goes on to explain that "Android users are currently protected by Google Play Protect, which is on by default on Android devices with Google Play Services." </p><p>To see if <a href="https://www.laptopmag.com/software/antivirus-cyber-security/google-play-protects-new-real-time-scans-make-android-phones-safer-than-ever-make-sure-its-turned-on">Play Protect</a> is active, open the <strong>Google Play app</strong>, tap on your <strong>profile icon</strong> in the top right corner, select <strong>Settings</strong>, and tap <strong>About</strong> to open the dropdown menu. At the very bottom, under <strong>Play Protect Certification</strong>, there should be a short message that reads <strong>Device is certified</strong>. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ ChatGPT leaks personal data — how to lock down your account ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/chatgpt-is-the-latest-threat-to-your-cyber-security</link>
                                                                            <description>
                            <![CDATA[ ChatGPT's chat history makes it easy for hackers to access your personal data, from passwords to unpublished research. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">GXsJmWMbbfC5B74YTRTdS</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mc8XfqRsWFcdVsSLSCdD43-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 31 Jan 2024 21:00:54 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Madeline Ricchiuto ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/PsdRdugC24rHrg673Xo7zb.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mc8XfqRsWFcdVsSLSCdD43-1280-80.jpg">
                                                            <media:credit><![CDATA[Laptop Mag / Rael Hornby]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Open AI&#039;s chatbot ChatGPT logo on green background]]></media:description>                                                            <media:text><![CDATA[Open AI&#039;s chatbot ChatGPT logo on green background]]></media:text>
                                <media:title type="plain"><![CDATA[Open AI&#039;s chatbot ChatGPT logo on green background]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mc8XfqRsWFcdVsSLSCdD43-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A reader of <a href="https://arstechnica.com/security/2024/01/ars-reader-reports-chatgpt-is-sending-him-conversations-from-unrelated-ai-users/">ArsTechnica</a> was receiving the personal data of other users, including account passwords and unpublished research papers. According to the latest report from Ars Technica, the cause of those ChatGPT histories were caused by a compromised account.</p><p>A representative from OpenAI told ArsTechnica, "we consider it an account take over in that it’s consistent with activity we see where someone is contributing to a ‘pool’ of identities that an external community or proxy server uses to distribute free access. The investigation observed that conversations were created recently from Sri Lanka. These conversations are in the same time frame as successful logins from Sri Lanka.”<br><br>If your OpenAI account is hacked, any personal data shared in your chat histories can be mined by hackers. This makes perfect sense, but the idea that you could access information from other compromised accounts is out of the ordinary when it comes to security threats.</p><h2 id="how-to-protect-your-openai-account">How to protect your OpenAI account</h2><p>As OpenAI does not provide multi-factor authentification, you need to make sure you use a strong password to keep your ChatGPT history protected.</p><p>Like with any online account, you want to follow the basic password security steps for your OpenAI account like you would with any other online account.</p><ul><li>at least 12-16 characters in length</li><li>use a combination of upper and lower case, numbers, and symbols</li><li>unique - not shared with any other accounts</li><li>use a passphrase that is easy to remember but hard to guess</li><li>change your password frequently</li></ul><p>Of course, most people don&apos;t want to memorize a lengthy passphrase using a combination of letters, numbers, symbols, and cases. Not to mention a new passphrase for every account.</p><p>Which is why password managers exist. If you don&apos;t use the built-in password manager for your phone, laptop, or browser – take a look at our <a href="https://www.laptopmag.com/best-picks/best-password-managers">Best password managers page</a> for help finding the best possible solution for your needs.</p><p>If you suspect any account may be compromised, be sure to change your password immediately to a long, unique passphrase.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Has your email or password been stolen? Here's how to find out ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/has-your-email-or-password-been-stolen-heres-how-to-find-out</link>
                                                                            <description>
                            <![CDATA[ With over 22 billion user credentials circulating online as of 2022, here's how to check if your email or password is one of those that have been compromised. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">BawgLmdVRQK7AJ7phNxbEd</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mg5UCqwsGPuKX4hyVZDYnf-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 19 Jan 2024 05:24:55 +0000</pubDate>                                                                                                                                <updated>Fri, 19 Jan 2024 05:39:39 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mg5UCqwsGPuKX4hyVZDYnf-1280-80.jpg">
                                                            <media:credit><![CDATA[Snappa]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Password Managers]]></media:description>                                                            <media:text><![CDATA[Password Managers]]></media:text>
                                <media:title type="plain"><![CDATA[Password Managers]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mg5UCqwsGPuKX4hyVZDYnf-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Hacking, malware, and phishing attacks are just some of the ways your private accounts can become compromised. When they are, your personal data is exposed — including your private communications and financial information. That makes the theft of these credentials big business for cyber criminals. After all, in the digital age, nothing is more valuable than your data.</p><p>The most clear example of this is the big tech data economy. Companies like Google or Meta hope to mine relevant data from your age, location, and online activities — information we willingly give up through accepting the terms of service that allow us to make use of their search or social media platforms. This will typically be used to target you with more relevant ads, and is generally seen as a fair compromise to make use of their services for free.</p><p>However, there exists a darker side to the data economy that profiteers off of the private data of users, sold and traded across the darker corners of the World Wide Web. In these places, your private information (typically compromised through unethical hacking and phishing methods) can be used as a launch pad for further illegal activities like identity theft or to gain access to your financial information — and it all starts with your username and password.</p><h2 id="how-to-check-if-your-email-or-password-has-been-compromised">How to check if your email or password has been compromised</h2><p>Lists of user credentials sold and traded online can contain millions of entries, with one of the largest data breaches like this containing username and password information for <a href="https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/" target="_blank">over 727 million accounts</a>. As of 2022, it&apos;s <a href="https://www.darkreading.com/vulnerabilities-threats/24-billion-credentials-circulate-dark-web-2022" target="_blank">estimated that there are over 24 billion credentials circulating on the dark web</a> and online.</p><p>Recent examples of these data dumps include the <a href="https://3bdatasecurity.com/blog/chatgpt-over-100000-credentials-found-on-the-dark-web/78?utm_source=social&utm_medium=twitter&utm_campaign=chatgpt-credentials-dark-web-blog" target="_blank">100,000 OpenAI accounts</a> that were compromised and sold on the dark web last year. More recently, a cache of user credentials was uncovered containing the <a href="https://www.laptopmag.com/software/antivirus-cyber-security/70-million-at-risk-as-cache-of-stolen-login-details-to-popular-websites-appears-online">usernames and passwords of over 70 million users</a> across sites like Facebook, eBay, and more.</p><p>Data dumps like this pose a significant threat to anyone with an online presence, no matter how big or small. That&apos;s why it&apos;s vital that services exist to help inform you if your information is currently circulating within them.</p><p>Below are some of the options available online that provide such services.</p><h2 class="article-body__section" id="section-1-haveibeenpwned-com"><span>1. HaveIBeenPwned.com</span></h2><p>Credential breach repository "Have I Been Pwned?" is one of the most expansive and up to date libraries of compromised email addresses online. It currently holds records of nearly 13 billion emails that have appeared in data breaches.</p><p>After navigating to the website, enter your email into the search bar and hit search to check if it features in any known breaches. If it does, the site will inform you of which breaches, and when.</p><p>This information is vital to tracking where your information became compromised, and how long ago it happened. If it was recent, then a change of password is urgently needed.</p><ul><li><a href="https://haveibeenpwned.com/" target="_blank"><strong>Visit HaveIBeenPwned now to check if your email has been compromised</strong></a></li></ul><h2 class="article-body__section" id="section-2-hasso-plattner-institut-identity-leak-checker"><span>2. Hasso-Plattner-Institut Identity Leak Checker</span></h2><p>Similar to "Have I Been Pwned," the Hasso-Plattner-Institut is another credential breach repository with over 13 billion compromised accounts tracked across nearly 2,000 data dumps.</p><p>Every day, Hasso-Plattner-Institut adds over a million compromised accounts to its records and is the most comprehensive lists available online. To check if your information is found in this database, you&apos;ll need to enter your email address on the HPI Identity Leak Checker page.</p><p>Unlike "Have I Been Pwned," the results of your search will be sent to the email address in question, where you&apos;ll be informed of any threats including where they came from and when.</p><ul><li><a href="https://sec.hpi.de/ilc/" target="_blank"><strong>Visit the Hasso-Plattner-Institut Identity Leak Checker now to check if your email has been compromised</strong></a></li></ul><h2 class="article-body__section" id="section-3-leakpeek-com"><span>3. Leakpeek.com</span></h2><p>LeakPeek has a smaller library of data breaches to its name, but it does offer an expanded search that includes usernames, passwords, phone numbers, full names, and even images of your face.</p><p>The LeakPeak database is still over 8 billion entries strong, and the ability to search by username or password can help you gain more insight on how to better protect yourself and your data online.</p><p>If you use the same password across multiple logins, then being able to check if that is a part of the compromised data lets you know its time to retire it and start over with something fresh and more secure.</p><p>Using the LeakPeek website is similar to "Have I Been Pwned" and the Hasso-Plattner-Institut. Simply navigate to the Leakpeek homepage and select your search option, before entering your email, username, password, or full name into the search box and hitting search.</p><ul><li><a href="https://leakpeek.com/" target="_blank"><strong>Visit LeakPeek now to check if your email, username, password, name, or phone number has been compromised</strong></a></li></ul>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ 70+ million at risk as cache of stolen login details to popular websites unearthed ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/70-million-at-risk-as-cache-of-stolen-login-details-to-popular-websites-appears-online</link>
                                                                            <description>
                            <![CDATA[ A data dump of credentials has surfaced online featuring over 70 million usernames and passwords to websites and apps like eBay, Facebook, Roblox, popular MMOs, and more. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">xBdZ3LPVNGndBjPYjSFdrX</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 18 Jan 2024 13:45:26 +0000</pubDate>                                                                                                                                <updated>Thu, 18 Jan 2024 19:37:25 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images / Boris Zhitkov]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Passwords]]></media:description>                                                            <media:text><![CDATA[Passwords]]></media:text>
                                <media:title type="plain"><![CDATA[Passwords]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mrx7qKFuWQLkigNt2GtkRS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Whether through phishing, cracking, or malware attacks, your usernames and passwords to websites, apps, and services are at constant risk from online ne&apos;er-do-wells looking hijack, misuse, and profit from your credentials.</p><p>Sadly, this is less of an uncommon occurrence and more of a fact of life. While there are plenty of steps we can take to keep ourselves safe, the threat is persistent and all too easy to succumb to.</p><p>Sometimes, victims won&apos;t even be aware that their login details have been compromised and are being traded and sold across the shadier corners of the internet until it&apos;s too late — and that could be the case for over 70+ million people after a cache of usernames and passwords for popular sites, apps, and services like eBay, Facebook, and Coinbase was unearthed.</p><h2 id="naz-api-a-70-million-strong-repository-of-stolen-credentials">Naz.API: A 70 million strong repository of stolen credentials</h2><p>New of this massive credential cache comes by way of <a href="https://www.troyhunt.com/inside-the-massive-naz-api-credential-stuffing-list/" target="_blank">Troy Hunt</a>, the creator of popular website breach tracking site "Have I Been Pwned", who was informed of the credential stuffing list by an unnamed but &apos;well-known&apos; tech company.</p><p>The list, known as Naz.API, was hosted on a well-known hacking forum, and was attached to a post dating back nearly 4 months. Typically, something like this passing by without causing too much fuss would likely mean it&apos;s recycled information. However, after investigating further, Hunt came across the startling revelation that almost a third of the information he sampled had never appeared online before.</p><p>Meaning, out of a list of over 70 million unique email addresses, there could be up to 23 million new accounts compromised as part of this one list.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2262px;"><p class="vanilla-image-block" style="padding-top:55.61%;"><img id="QakiDvj5MQLnNmuSuen7bY" name="naz-api-leak.png" alt="Redacted Naz.API stolen credentials list" src="https://cdn.mos.cms.futurecdn.net/QakiDvj5MQLnNmuSuen7bY.png" mos="" align="middle" fullscreen="" width="2262" height="1258" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Troy Hunt)</span></figcaption></figure><h2 id="am-i-affected-by-this">Am I affected by this?</h2><p>According the the original forum post, the information contained within the Naz.API list was sourced from "stealer logs," meaning information pilfered and snatched from machines infected with various forms of malware.</p><p>Once a machine is infected by a piece of malware, it can begin to siphon away credentials stolen through methods like keylogging, where every keyboard input registered by the machine is recorded and sent back to an attacker.</p><p>The full Naz.API list is a mix of older and newer information, though both are relevant if you have accounts included within the list — especially if those accounts are tied to bank cards with purchasing capabilities.</p><p>The emails found within Naz.API have since been compiled with the rest of the database on <a href="https://haveibeenpwned.com/" target="_blank"><strong>HaveIBeenPwned.com</strong></a>, where it is free to search by your email and see if your data was a part of this most recent uncovering.</p><p>HIBP is a safe and free service that only stores the email portion of information from breaches and lists. Performing a search will let you know if your email has been included in any data breaches or credential stuffing lists, giving you a heads up to change your passwords as soon as possible.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This data-stealing Windows malware bypasses Defender, but protecting your PC is easy ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/this-data-stealing-windows-malware-bypasses-defender-but-protecting-your-pc-is-easy</link>
                                                                            <description>
                            <![CDATA[ New malware known as Phemedrone Stealer puts your Windows PC at risk if you haven't updated it since Microsoft patched a major flaw in November 2023. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">6Z4oHeyp4LCQ2abSizWuyD</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mwLaUBMKdr2GubH4NjKBs4-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 16 Jan 2024 09:00:50 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/fB3fetC99tf85v26bvZJUH.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including &lt;em&gt;Mashable&lt;/em&gt;, &lt;em&gt;How-To Geek&lt;/em&gt;, &lt;em&gt;MakeUseOf&lt;/em&gt;, &lt;em&gt;Tom’s Guide&lt;/em&gt;, and of course, &lt;em&gt;Laptop Mag&lt;/em&gt;. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she&#039;s not writing, she&#039;s probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mwLaUBMKdr2GubH4NjKBs4-1280-80.jpg">
                                                            <media:credit><![CDATA[Ed Hardie on Unsplash]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[windows security threat]]></media:description>                                                            <media:text><![CDATA[windows security threat]]></media:text>
                                <media:title type="plain"><![CDATA[windows security threat]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mwLaUBMKdr2GubH4NjKBs4-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>According to a recent <a href="https://www.trendmicro.com/en_us/research/24/a/cve-2023-36025-exploited-for-defense-evasion-in-phemedrone-steal.html" target="_blank">report by Trend Micro researchers</a> (via <a href="https://www.techradar.com/pro/security/windows-pcs-targeted-by-dangerous-new-threat-that-even-gets-around-defender-and-even-though-theres-a-fix-you-could-still-be-at-risk" target="_blank">TechRadar</a>), your Windows PC could be vulnerable to new malware known as Phemedrone Stealer. This malware is taking advantage of a vulnerability in Microsoft Windows Defender SmartScreen, and it&apos;s capable of working around your PC&apos;s built-in Defender antivirus software.</p><p>Officially, the malware is tracked as CVE-2023-36025 and has a vulnerability score of 8.8/10. If your PC is targeted, the Phemedrone Stealer malware can take sensitive data, like passwords and authentication codes, from your web browsers, cryptocurrency wallets, and even messaging platforms, like Steam, Discord, or Telegram. </p><p>The attackers are also capable of seeing your PC&apos;s hardware, location, and operating system data. Your data can be stolen and/or screenshot, and then sent back to the hackers through Telegram or their command-and-control (C&C) server. Luckily, Microsoft has issued a patch for this vulnerability flaw—you just need to update your PC.</p><h2 id="is-your-windows-pc-at-risk">Is your Windows PC at risk?</h2><p>Whereas Microsoft&apos;s Windows Defender SmartScreen typically performs checks and pops up prompts, this Phemedrone Stealer malware can work around all of these security measures. Trend Micro explained in its report that "various demos and proof-of-concept codes have been circulated on social media, detailing the exploitation of CVE-2023-36025."</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1524px;"><p class="vanilla-image-block" style="padding-top:130.84%;"><img id="VU7bE97t7mzoqtfvjX2f5Q" name="fig1-phemedrone-infection-chain.jpg" alt="diagram of malware on windows" src="https://cdn.mos.cms.futurecdn.net/VU7bE97t7mzoqtfvjX2f5Q.jpg" mos="" align="middle" fullscreen="" width="1524" height="1994" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Trend Micro)</span></figcaption></figure><p>As the vulnerability is shared more, more people become aware of the flaw, but this also means more attackers become aware of how to use the flaw to their advantage. Trend Micro writes, "Since details of this vulnerability first emerged, a growing number of malware campaigns, one of which distributes the Phemedrone Stealer payload, have incorporated this vulnerability into their attack chains."</p><p>Microsoft issued a patch for this vulnerability flaw in mid-November 2023, but plenty of hackers are seeking out Windows PCs that haven&apos;t been updated yet. If you haven&apos;t updated your computer in a while, now is definitely the time to do so. </p><p>To see if your computer has any updates ready to be downloaded and installed, head to the search bar next to the Start button and type "Update." Select <strong>Check for updates</strong> from the menu options. </p><p>Here, you can see which updates, if any, your Windows PC is ready for. It can take some time for Microsoft or other major companies to issue a fix or patch for malware, but keeping your system up to date is the best way to protect yourself against attacks.</p><p>If you use a Google account, you might also want to check out this <a href="https://www.laptopmag.com/software/antivirus-cyber-security/this-sneaky-malware-lets-hackers-access-google-accounts-without-a-password-heres-how">sneaky malware that lets hackers access Google accounts</a> without login information or two-factor authentication.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This sneaky malware lets hackers access Google accounts without a password — here's how ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/this-sneaky-malware-lets-hackers-access-google-accounts-without-a-password-heres-how</link>
                                                                            <description>
                            <![CDATA[ A recent report from CloudSEK researchers reveals a major security issue for Google account users, even after signing out or resetting your password. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">zBp6ZdNJiJRK32AcF8M5MF</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6w6koYF9ipja7hKostDdUP-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 03 Jan 2024 05:00:52 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/fB3fetC99tf85v26bvZJUH.png ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Sarah Chaney is a freelance tech writer with five years of experience across multiple outlets, including &lt;em&gt;Mashable&lt;/em&gt;, &lt;em&gt;How-To Geek&lt;/em&gt;, &lt;em&gt;MakeUseOf&lt;/em&gt;, &lt;em&gt;Tom’s Guide&lt;/em&gt;, and of course, &lt;em&gt;Laptop Mag&lt;/em&gt;. She loves reviewing the latest gadgets, from inventive robot vacuums to new laptops, wearables, and anything PC-related. When she&#039;s not writing, she&#039;s probably playing a video game, exploring the outdoors, or listening to her current favorite song or album on repeat.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6w6koYF9ipja7hKostDdUP-1280-80.jpg">
                                                            <media:credit><![CDATA[Pixabay]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Malvertising: How to avoid falling for these malware-infested ads]]></media:description>                                                            <media:text><![CDATA[Malvertising: How to avoid falling for these malware-infested ads]]></media:text>
                                <media:title type="plain"><![CDATA[Malvertising: How to avoid falling for these malware-infested ads]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6w6koYF9ipja7hKostDdUP-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Most websites you visit in your browser will ask you to accept or reject cookies, and for the most part, these cookies can be helpful and they&apos;re supposed to have a limited lifespan. Browser cookies can remember what&apos;s in your shopping cart or save your login status on a website, making your browsing experience easier.</p><p>Unfortunately, a recent <a href="https://www.cloudsek.com/blog/compromising-google-accounts-malwares-exploiting-undocumented-oauth2-functionality-for-session-hijacking">report from CloudSEK researchers</a> (via <a href="https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts/">BleepingComputer</a> and <a href="https://www.androidpolice.com/dangerous-malware-cookies-breaks-google-accounts/">Android Police</a>) outlines how hackers have been using a zero-day exploit to restore expired Google authentification cookies. Put simply, this exploit means that hackers can use your expired browser cookies to bypass two-factor authentication and gain access to your Google account.</p><h2 id="how-can-you-protect-your-google-account-login-details">How can you protect your Google account login details?</h2><p>Six malware groups are currently selling this exploit, and with no word from Google yet on the exploit or their plans to combat it, there&apos;s no way to know how long your login details will be vulnerable or even if you&apos;ve been affected.</p><p>According to a discussion between BleepingComputer and CloudSEK researcher Pavan Karthick, the company was able to reverse-engineer the exploit and "use it to regenerate expired Google authentication cookies, as shown below." </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1246px;"><p class="vanilla-image-block" style="padding-top:35.71%;"><img id="d6Lp6Jm4bLR5w3gqrLzkVa" name="regeneration.jpg" alt="cookie regeneration exploit google chrome" src="https://cdn.mos.cms.futurecdn.net/d6Lp6Jm4bLR5w3gqrLzkVa.jpg" mos="" align="middle" fullscreen="" width="1246" height="445" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: CloudSEK)</span></figcaption></figure><p>Although Karthick and other CloudSEK researchers were able to successfully regenerate authentication cookies for Google account login details (thus verifying the exploint), here&apos;s some good news. Karthick explained to BleepingComputer that "the authentication cookie can only be regenerated once if a user resets their Google password." </p><p>This means that if you reset your Google account password, hackers can still gain access one more time by regenerating authentication cookies, but not after that. If you don&apos;t change your password, the authentication cookie can be regenerated multiple times, giving hackers continuous access to your account. Simply signing out of your account won&apos;t prevent authentication cookies from being used to access your account. </p><p>And unfortunately, until the exploit is addressed by Google and fixed, hackers could repeat the process again with your new login credentials after you change your password. Google hasn&apos;t officially said anything about this security exploit, but the company issued countermeasures to seemingly fight off hackers, but malware group Lumma issued an updated exploit that bypassed Google&apos;s countermeasures.</p><p>There doesn&apos;t seem to be a permanent fix to protect yourself from this vulnerability. Your best chance will be changing your Google account password regularly, and hoping that Google updates its users soon with a plan of action. Check out the <a href="https://www.laptopmag.com/best-picks/best-password-managers">best password managers</a> to keep track of all your passwords.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Best antivirus apps ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/best-picks/best-antivirus-apps</link>
                                                                            <description>
                            <![CDATA[ Antivirus software protects your devices from malicious cyber threats swiping your personal information, ransomware holding your data hostage, and sneaky phishing attempts ⁠— all without impacting your devices’ performance. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Dk2xZE66t8gNPSrUwVHMXb</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/e6mYsavEUnvHGi7LD9xtSF-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 20 Dec 2023 15:27:56 +0000</pubDate>                                                                                                                                <updated>Wed, 23 Apr 2025 16:10:51 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ darragh.murphy@futurenet.com (Darragh Murphy) ]]></author>                    <dc:creator><![CDATA[ Darragh Murphy ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/qc3wCivSfpsC5HDLofWYab.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from washing machines designed for AirPods to the mischievous world of cyberattacks. Whether it&#039;s connecting Scar from The Lion King to two-factor authentication or turning his love for gadgets into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. With a Master’s degree in Magazine Journalism from The University of Sheffield, along with short stints at Kerrang! and Exposed Magazine, Darragh started his career writing about the tech industry at Time Out Dubai and ShortList Dubai, covering everything from the latest iPhone models and Huawei laptops to massive Esports events in the Middle East. Now, he can be found proudly diving into gaming, gadgets, and letting readers know the joys of docking stations for Laptop Mag. &amp;nbsp;&lt;/p&gt; ]]></dc:description>
                                                                                                        <dc:contributor><![CDATA[ Shamar Washington ]]></dc:contributor>
                                                                                                                                                                                    <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/e6mYsavEUnvHGi7LD9xtSF-1280-80.jpg">
                                                            <media:credit><![CDATA[Snappa]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[MacBook with illuminated screen]]></media:description>                                                            <media:text><![CDATA[MacBook with illuminated screen]]></media:text>
                                <media:title type="plain"><![CDATA[MacBook with illuminated screen]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/e6mYsavEUnvHGi7LD9xtSF-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Stepping into the digital world <em>feels</em> like a carefree experience. </p><p>After all, can malicious code even make it past walls of security offered by <a href="https://support.apple.com/en-gb/guide/security/welcome/web">Apple’s Privacy Platform</a>? </p><p>And who would dare attempt a ransomware attack on the <a href="https://safety.google/?utm_source=google&utm_medium=cpc&utm_campaign=safety_center&utm_term=google_security_app&gclid=CjwKCAjwlcaRBhBYEiwAK341jRLmLDSK3CbAf08fMi8yUYIhPq1aaiTe-N0iJkhGCSgmsCe7GIgFXhoC1f4QAvD_BwE&gclsrc=aw.ds">four billion devices Google protects</a> with the “world’s most advanced security?”<br><br>While cybersecurity experts grind to keep us safe from threats, hackers work just as hard to break down our vaults. That’s where antivirus software comes in: continuously scanning for malware, <a href="https://www.laptopmag.com/features/spyware-vs-stalkerware-whats-the-difference">spyware</a>, <a href="https://www.laptopmag.com/features/what-is-ransomware-how-to-avoid">ransomware</a>, and <a href="https://www.laptopmag.com/features/what-is-adware-how-to-remove-it">adware</a> to defend against immediate threats. It's even more critical now that AI is in the mix, using several methods to trick unsuspecting netizens, such as voice cloning.<br><br>Antivirus apps will protect your devices from malicious cyber threats that swipe your personal information, ransomware that holds your data hostage, and sneaky phishing attempts ⁠without impacting their performance. </p><p>Better yet, the best come bundled with extra security features such as password managers, <a href="https://www.laptopmag.com/best-picks/best-vpn-services"><u>VPNs</u></a>, and more. Whether you need top-notch security for your <a href="https://www.laptopmag.com/best-picks/best-smartphones"><u>smartphone</u></a> or want better protection for your <a href="https://www.laptopmag.com/articles/best-apple-laptops"><u>MacBook</u></a>, these reputable antivirus apps will keep your data safe.</p><h2 id="what-is-antivirus-software">What is antivirus software? </h2><p>Antivirus software is designed to detect, prevent, and eradicate any form of malware on your device. Its main goal is to scan all kinds of data, including software, applications, files, and even web pages. It should also notify you about suspicious entities, allowing you to block or remove emerging cyber threats.<br><br>These threats can consist of different types of malware, including computer viruses, spyware, adware, ransomware, Trojans, spam — anything that could cause mayhem to your system. Think of it as your personal CIA team doing background checks on every person, er, I mean program, you encounter.<br><br>The software will perform different types of analysis, including specific analysis, which pinpoints familiar malware; generic analysis, which recognizes parts of known malware code; and heuristic analysis, which searches for unknown, threatening malware that follows the usual malicious routine.<br><br>The best antivirus apps take protection a step further, offering everything from VPN services to stay anonymous online and password managers to keep your private credentials secure to cloud backups, multi-platform compatibility, and even parental controls, including GPS tracking and alerts. Find out the best ones below. </p><h2 id="the-best-antivirus-apps">The best antivirus apps</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="5Fvkgyr952TgG4dXGcg8VK" name="LTP-Bitdefender-Mobile-Security.jpg" alt="Best mobile antivirus apps" src="https://cdn.mos.cms.futurecdn.net/5Fvkgyr952TgG4dXGcg8VK.jpg" mos="" align="middle" fullscreen="" width="2000" height="1125" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Bitdefender)</span></figcaption></figure><div class="buying-guide-block"><h3 id="1-bitdefender"><span class="title__text">1. Bitdefender </span></h3><div class="_hawk subtitle"><p>The best antivirus app for multiple platforms </p></div><p class="specs__container"></p><div class="hawk-wrapper"></div><div class="icon icon-plus_circle _hawk">Brilliant malware detection  </div><div class="icon icon-plus_circle _hawk">Low performance impact </div><div class="icon icon-plus_circle _hawk">Multi-platform protection </div><div class="icon icon-plus_circle _hawk">Password manager </div><div class="icon icon-minus_circle _hawk"> Limited VPN </div><div class="icon icon-minus_circle _hawk">Varied features for different platforms </div></div><p>Bitdefender has been in the antivirus game for a while, and it continues to thrive by being a reliable, award-winning antivirus app not just for Windows but also for <a href="https://www.laptopmag.com/features/macos-monterey-preview-apples-soft-update-lacks-meaningful-additions"><u>macOS</u></a>, <a href="https://www.laptopmag.com/reviews/android-12"><u>Android</u></a><u>,</u> and even iOS. It’s hard to beat the level of malware protection and extensive security features it provides, especially at its competitive subscription prices (which are regularly discounted).<br><br>Whether you own a <a href="https://www.laptopmag.com/reviews/best-laptops-1"><u>Windows laptop</u></a>, MacBook, Android phone, <a href="https://www.laptopmag.com/news/best-iphone"><u>iPhone</u></a>, or all of the above, you can expect automatic protection, thanks to its numerous anti-malware and threat prevention solutions. Expect multi-layer ransomware protection, anti-phishing and anti-fraud tools, webcam protection and microphone monitoring, web attack prevention to keep you from entering harmful sites, vulnerability assessments — the list goes on.<br><br>It isn’t just fortified security, as Bitdefender also boasts exclusive Photon technology to adapt to your system and keep things running smoothly. Antivirus apps are known to slow down your devices due to their constant detection protocols, so an app that barely hinders performance is ideal. The antivirus software adds a OneClick Optimizer on its Total Security subscription plan to boost performance on your devices.<br><br>Bitdefender also throws in a bundle of extra noteworthy features you would otherwise need to get separately, including a password manager and VPN. However, its VPN service is limited to 200MB, which is fine for browsing the web and looking through email, but anything else will quickly eat through the data limit. It also has a limitless VPN Premium service, but its $29.99/£29.99 first-year subscription costs as much as antivirus plans, making it a pricey venture. Plus, not all devices get the plentiful features Bitdefender offers for Windows, such as the macOS option not offering a password manager.<br><br>Still, at just $29.99/£24.99 a year for up to three devices, Bitdefender is a brilliant choice for keeping all your devices malware-free.<br> </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:622px;"><p class="vanilla-image-block" style="padding-top:56.27%;"><img id="Fv27jnwkdH6e3RH9w3fWRF" name="Norton 360 (2).jpg" alt="Norton Antivirus" src="https://cdn.mos.cms.futurecdn.net/Fv27jnwkdH6e3RH9w3fWRF.jpg" mos="" align="middle" fullscreen="1" width="622" height="350" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/Fv27jnwkdH6e3RH9w3fWRF.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Norton)</span></figcaption></figure><div class="buying-guide-block"><h3 id="2-norton-360"><span class="title__text">2. Norton 360 </span></h3><div class="_hawk subtitle"><p>The best antivirus app for the money</p></div><p class="specs__container"></p><div class="hawk-wrapper"></div><div class="icon icon-plus_circle _hawk">Reliable malware protection </div><div class="icon icon-plus_circle _hawk">Plentiful security features </div><div class="icon icon-plus_circle _hawk">Unlimited VPN </div><div class="icon icon-plus_circle _hawk">Reasonable price for standard </div><div class="icon icon-minus_circle _hawk">Cloud backup only available on Windows</div></div><p>Norton is a household name in the antivirus industry, and for good reason. Not only does it offer one of the best anti-malware protection services around, but it does it all without impacting your device’s performance and even boasts a brilliant array of added security features at lower prices than its competition.<br><br>At just $25.99/£19.99, Norton 360 includes an unlimited, no-log VPN service users can turn on freely, meaning their identity is safe no matter where they go online. Plus, it comes with real-time threat detection, password manager, smart firewall for PC and Mac, SafeCam for PCs, and a 100% virus protection promise with 24/7 customer support. This is only for one device, however, but you’ll find its Deluxe and Advanced plans can add up to five or ten devices, respectively.<br><br>On the higher-priced plans, users will also get dark web and social media monitoring, parental control features, and even device optimizers to help gamers stay safe without impacting gaming performance. One of its more notable features is that users can back up their data safely with up to 50GB of online storage.<br><br>Unfortunately, this is only for Windows devices, meaning those mainly using macOS, Android, and iOS can’t access this, which is disappointing. That said, anyone opting for an antivirus app mostly wants to stay protected online, and Norton 360 (at any price plan) will get the job done. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:556px;"><p class="vanilla-image-block" style="padding-top:56.29%;"><img id="JERtxKrGzCWTirw6CDFz8o" name="Trend Micro.jpg" alt="Trend Micro" src="https://cdn.mos.cms.futurecdn.net/JERtxKrGzCWTirw6CDFz8o.jpg" mos="" align="middle" fullscreen="1" width="556" height="313" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/JERtxKrGzCWTirw6CDFz8o.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Trend Micro)</span></figcaption></figure><div class="buying-guide-block"><h3 id="3-trend-micro"><span class="title__text">3. Trend Micro </span></h3><div class="_hawk subtitle"><p>The best antivirus app for standard protection</p></div><p class="specs__container"></p><div class="hawk-wrapper"></div><div class="icon icon-plus_circle _hawk">Good malware protection </div><div class="icon icon-plus_circle _hawk">Dark Web monitoring </div><div class="icon icon-plus_circle _hawk">Safety features for kids </div><div class="icon icon-plus_circle _hawk">Chromebook support </div><div class="icon icon-minus_circle _hawk">Limited to Windows or Mac on certain plans </div><div class="icon icon-minus_circle _hawk">Performance suffers </div></div><p>Trend Micro is a solid choice if you’re a single user looking for a standard antivirus protection service, especially if you’re not looking for all the bells and whistles found on other antivirus apps and are looking to keep the price down to just under £10 (only under $40 for three devices for U.S. pricing).<br><br>Although the service lacks cloud storage in its subscription plans (along with webcam protection), it still offers a limitless VPN, One Proxy Pro, password manager, and 24/7 support. While Trend Micro’s site claims that it protects explicitly against ransomware, this also expands to other types of malware. Plus, its “Advance AI Learning” will keep all your devices, including Windows, macOS, iOS, Android, and even Chrome OS for Chromebooks, squeaky clean.<br><br>Unfortunately, Trend Micro’s basic plan is only for Windows or Mac; users must pay around $60/£30 to get protection for mobile devices and <a href="https://www.laptopmag.com/reviews/best-chromebooks-5"><u>Chromebooks</u></a>. This is more for families with multiple devices, including parental control features to keep the little ones safe online.<br><br>While it offers flawless antivirus protection, devices can suffer performance issues during full scans. This isn’t a deal breaker, but compared to other antivirus apps that work fine alongside other system functions, it can be annoying. If you are just looking for simple but strong malware protection, Trend Micro aims and delivers. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:800px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="vGtfJw99i9ma5staKXBcXe" name="McAfee.jpg" alt="McAfee" src="https://cdn.mos.cms.futurecdn.net/vGtfJw99i9ma5staKXBcXe.jpg" mos="" align="middle" fullscreen="1" width="800" height="450" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/vGtfJw99i9ma5staKXBcXe.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: McAfee)</span></figcaption></figure><div class="buying-guide-block"><h3 id="4-mcafee"><span class="title__text">4. McAfee</span></h3><div class="_hawk subtitle"><p>The best antivirus app for Windows </p></div><p class="specs__container"></p><div class="hawk-wrapper"></div><div class="icon icon-plus_circle _hawk">Strong malware protection </div><div class="icon icon-plus_circle _hawk">Brilliant security features </div><div class="icon icon-plus_circle _hawk">Virus protection pledge </div><div class="icon icon-plus_circle _hawk">Great price (two years) </div><div class="icon icon-minus_circle _hawk">Mainly for Windows users </div><div class="icon icon-minus_circle _hawk">Known malware detection hiccups </div><div class="icon icon-minus_circle _hawk">Auto-renew is a nuisance </div></div><p>If you haven’t encountered pre-installed McAfee antivirus software on your laptop before ... it’s only a matter of time. </p><p>McAfee is a widely known antivirus app that’s easy to use and usually the go-to for protecting your device. However, it isn’t the most robust anti-malware protection service.</p><p>With McAfee, you can expect speedy checkups, a firewall, web protection, and a protection score rating. You’ll also get a password manager, a file shredder, and multi-platform compatibility for five or ten devices for $34.99/£34.99 and $39.99/£39.99 per year (on a two-year subscription plan).</p><p>The McAfee app makes things simple with one-click fixes on its UI. The Windows version is always up to date, but the macOS or iOS versions are a bit dated. McAfee will be updating these soon. While McAfee offers brilliant security, it sometimes scores under what its rivals offer.</p><p>It also offers a VPN service limited to 500MB per month unless you enroll in its auto-renewal payment method. Plus, you’ll lose the identity theft protection feature if auto-renew isn’t switched on. McAfee makes a 100% guaranteed virus protection pledge, or you get your money back, which is always a good sign.</p><h2 class="article-body__section" id="section-faqs"><span>FAQs</span></h2><p><strong>Q: What's the best mobile antivirus app?</strong></p><p>Based on our testing, some of the best mobile antivirus apps include Norton, McAfee, Certo, Avira, Trend Micro, and Bitdefender. Some of these are available for free, and all of them will protect you from a wide range of threats, from malware to dangerous websites and nuisance adverts.</p><p><strong>Q: What's the best free antivirus?</strong></p><p>Most antivirus apps come with free tiers or trials. One of our favorites is Bitdefender, which has a free tier that covers most users' needs.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Ad company spurs paranoia that 'your devices are listening to you' — here's how to check ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/ad-company-spurs-paranoia-that-your-devices-are-listening-to-you-heres-how-to-check</link>
                                                                            <description>
                            <![CDATA[ A marketing company claims, "It's true. Your devices are listening to you." With Android and iOS built-in protections, this simply isn't likely. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">XUHrFesMHkE465P2jqzYbD</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/weRzcCTjVgNxjT3pZVUtdm-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Sat, 16 Dec 2023 05:00:39 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/weRzcCTjVgNxjT3pZVUtdm-1280-80.jpg">
                                                            <media:credit><![CDATA[@mr_fresh on Unsplash]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[woman using phone]]></media:description>                                                            <media:text><![CDATA[woman using phone]]></media:text>
                                <media:title type="plain"><![CDATA[woman using phone]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/weRzcCTjVgNxjT3pZVUtdm-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>According to <a href="https://www.404media.co/cmg-cox-media-actually-listening-to-phones-smartspeakers-for-ads-marketing/">404 Media</a> (via <a href="https://gizmodo.com/cmg-local-solutions-ads-listening-on-devices-1851102426">Gizmodo</a>) marketing team under Cox Media Group (CMG) is claiming that "your devices are listening to you" and collecting relevant data to sell to advertisers. While this sounds like a terrifying invasion of privacy, you can rest easy knowing that it&apos;s not true.</p><p>CMG makes this "Active Listening" feature sound glamorous to potential clients, asserting that they can collect voice data clips like "The car lease ends in a month- we need a plan" or "Do I see mold on the ceiling?" In reality, CMG&apos;s claims that your devices are recording voice data are baseless, and the company has since redirected the website page containing these dubious claims.</p><p>Gizmodo points out that past research shows "very little evidence that your phone&apos;s microphone is listening to you." It&apos;s much easier and more cost-effective for advertisers to collect your web data—like your search queries, browser cookies, and social media posts—rather than use AI to comb through hours of audio files to find helpful content to sell to businesses.</p><p>Plus, with modern security protections built into Android phones and iPhones, you&apos;d know if your device was listening to you. Here&apos;s how to check your phone&apos;s permissions to make sure no unwanted apps have microphone permissions.</p><h2 id="is-your-device-listening-to-you-here-apos-s-how-to-check">Is your device listening to you? Here&apos;s how to check</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:645px;"><p class="vanilla-image-block" style="padding-top:53.95%;"><img id="CYPpNqVAmwUQPhpVLpY8VP" name="ca5d9c684a6698f3a797323168aabb97.jpg" alt="false claim that your device is listening to you" src="https://cdn.mos.cms.futurecdn.net/CYPpNqVAmwUQPhpVLpY8VP.jpg" mos="" align="middle" fullscreen="" width="645" height="348" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: CMG Local Solutions)</span></figcaption></figure><p>With modern versions of Android OS and iOS, your smartphone has an indicator that shows when your microphone is in use. When an app is using your microphone, iOS users will see an orange dot in the status bar, and Android users will see a green dot in the top right corner.</p><p>If this isn&apos;t enough assurance for you that your phone isn&apos;t currently listening to you, you can dive into your phone&apos;s Permission settings to double check which apps have access to your microphone.</p><p>To check permissions by type on Android, head to your <strong>Settings</strong> app and select <strong>Security & Privacy > Privacy > Permission manager</strong> in order. From this screen, you can select <strong>Microphone</strong> to see which apps are allowed to use your microphone. For most people, any apps with permission to use your microphone will show up under the heading <strong>Allowed only while in use</strong>, and not <strong>Allowed all the time</strong>. </p><p>It&apos;s just as easy to check permissions by type on an iPhone. Similarly, you&apos;ll head to your <strong>Settings</strong> app and select <strong>Privacy & Security</strong> from the menu. From here, select the <strong>Microphone</strong> category to see which apps are currently allowed to use your microphone, and under what conditions.</p><p>If you want to further protect your phone, check out these <a href="https://www.laptopmag.com/news/ios-17-3-game-changing-security-features-coming-to-iphone">game-changing security features in iOS 17</a> and Google&apos;s <a href="https://www.laptopmag.com/software/antivirus-cyber-security/google-play-protects-new-real-time-scans-make-android-phones-safer-than-ever-make-sure-its-turned-on">new real-time malware scan feature for Androids</a>.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Update now! Google Chrome flaw could leave you vulnerable to remote hackers ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/update-now-google-chrome-flaw-could-leave-you-vulnerable-to-remote-hackers</link>
                                                                            <description>
                            <![CDATA[ Your Chrome browser may have updated already, but you'll want to make sure as soon as possible. Otherwise, you could be vulnerable to remote hackers. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">R8mDMyyVEbGhRGSuZeZz9H</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/NRnhaRiE5cX63X8jKAeMt4-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 01 Dec 2023 05:00:54 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/NRnhaRiE5cX63X8jKAeMt4-1280-80.jpg">
                                                            <media:credit><![CDATA[ Nathana Rebouças on Unsplash]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[google chrome on laptop]]></media:description>                                                            <media:text><![CDATA[google chrome on laptop]]></media:text>
                                <media:title type="plain"><![CDATA[google chrome on laptop]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/NRnhaRiE5cX63X8jKAeMt4-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Make sure your Google Chrome browser is updated as soon as possible to avoid potential malicious attacks by remote hackers. On November 24, Benoît Sevens and Clément Lecigne of Google&apos;s Threat Analysis Group discovered an integer overflow bug (called CVE-2023-6345) in Skia, the graphics engine for Google Chrome and ChromeOS (via <a href="https://www.androidcentral.com/apps-software/google-updates-chrome-browser-sixth-zero-day-vulnerability-of-2023">Android Central</a>). </p><p>According to the <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-6345">National Vulnerability Database</a>, this integer overflow bug "allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file." In simple terms, this bug could allow hackers to execute a virus on your laptop via Chrome or access your sensitive in-browser data. </p><p>The bug has a Chromium security severity of high, and in <a href="https://chromereleases.googleblog.com/2023/11/stable-channel-update-for-desktop_28.html">Google&apos;s recent release notes</a>, the company notes that it&apos;s "aware that an exploit of CVE-2023-6345 exists in the wild." Automatic updates will roll out to Mac, Linux, and Windows users "over the coming days/weeks," but many people are able to update to the new browser version now.</p><p>Here&apos;s how to check your Chrome browser&apos;s version number, as well as how to manually check for updates if you don&apos;t have the most recent update yet.</p><h2 id="how-to-update-your-google-chrome-browser">How to update your Google Chrome Browser</h2><p>If you don&apos;t have Google Chrome set to automatically update, you&apos;ll need to manually check for updates to get the patch for this integer overflow bug. For Mac and Linux users, the stable channel will be updated to 119.0.6045.199, and for Windows users, it&apos;ll be updated to 119.0.6045.199/.200. </p><p>To see your Chrome browser&apos;s current version number, click on the three vertical dots in the top right corner of your open browser window. Select <strong>Settings</strong> from the dropdown menu, and then scroll all the way down to find <strong>About Chrome</strong> in the left-side menu.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="q5dwLBsARhAifiPRUe6kZC" name="about chrome setting.jpg" alt="about chrome setting" src="https://cdn.mos.cms.futurecdn.net/q5dwLBsARhAifiPRUe6kZC.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>Underneath the Google Chrome header, you&apos;ll see <strong>Version</strong> followed by a string of numbers. Compare the numbers you see to the ones above specific to your computer&apos;s operating system. </p><p>Above my current version number, there&apos;s a message that reads "Nearly up to date! Relaunch Chrome to finish updating." If you see this message, it means your browser has automatically been updated with the most recent patch, and you just need to restart the browser to complete the process. Any tabs you currently have open will reopen once your browser restarts.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="MK83MopkzzSnPDgivnBeoV" name="current version number chrome.jpg" alt="current version number chrome" src="https://cdn.mos.cms.futurecdn.net/MK83MopkzzSnPDgivnBeoV.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>If your version number isn&apos;t up to date, it&apos;s possible the patch might not have reached you yet. Once there&apos;s an update to install, it&apos;ll either be automatically installed if you have auto-updates enabled, or you&apos;ll see a button that reads <strong>Update Google Chrome</strong>.</p><p>This is Chrome&apos;s sixth zero-day vulnerability this year, but it looks like Google is acting quickly and rolling out a patch before any major harm can be done. Plus, a month ago, <a href="https://www.laptopmag.com/software/browsers-search-engines/google-chrome-may-get-a-massive-privacy-boost-heres-whats-new">Google boosted its privacy game</a> with a tool that can hide your IP address. It might not be as privacy-focused as <a href="https://www.laptopmag.com/software/browsers-search-engines/i-quit-google-chrome-after-15-years-heres-where-i-ended-up-and-why">FireFox</a> or <a href="https://www.laptopmag.com/features/can-duckduckgos-privacy-first-browser-take-on-google-chrome">DuckDuckGo</a> yet, but it&apos;s a step in the right direction.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Google Play Protect's new real-time Malware scans make Android phones safer than ever ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/google-play-protects-new-real-time-scans-make-android-phones-safer-than-ever-make-sure-its-turned-on</link>
                                                                            <description>
                            <![CDATA[ Google now offers Android phones real-time, code-level scanning of unknown apps through Play Protect, so let's make sure it's enabled! ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">dPquyrFgE25cQTYwPRptbY</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/3R3mQhgrJGtyTBwcrN8mqG-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 19 Oct 2023 12:30:00 +0000</pubDate>                                                                                                                                <updated>Fri, 20 Oct 2023 08:38:27 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/3R3mQhgrJGtyTBwcrN8mqG-1280-80.jpg">
                                                            <media:credit><![CDATA[Google]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Google Play Protect]]></media:description>                                                            <media:text><![CDATA[Google Play Protect]]></media:text>
                                <media:title type="plain"><![CDATA[Google Play Protect]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/3R3mQhgrJGtyTBwcrN8mqG-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>While small in numbers, the Google Play Store has been subjected to a wave of Versioned-in malware attacks of late — and infections stemming from third-party Android Packages (APKs) is an ever-present threat for Android users.</p><p>While Google are hard at work playing whack-a-mole with the former, the company&apos;s ability to protect users from third-party apps installed beyond the Google Play Store has just been given a notable boost thanks to a recent Google Play Protect update.</p><h2 id="google-play-protect-what-is-it">Google Play Protect: What is it?</h2><p>Google Play Protect is the Android app store&apos;s bulwark when it comes to safeguarding against spyware and malware intrusions. It&apos;s built-in to Google Play services already, and has been protecting millions of users from bad-faith apps for years.</p><p>Play Protect scans ~125 billion Play Store apps daily on the Google backend to ensure its databases are always up to date. An essential task given the latest <a href="https://www.laptopmag.com/news/heres-why-the-google-play-store-is-a-malware-infected-hellscape">Versioning tactic used by malicious developers</a> to sneak apps past Google&apos;s malicious code detection systems.</p><p>Should Play Protect find a malicious app, it can then take actions, either by warning users, preventing the app from installing, or disabling apps automatically.</p><h2 id="google-play-protect-real-time-scanning-keeps-android-users-safer">Google Play Protect: real-time scanning keeps Android users safer</h2><p>Play Protect historically keeps install numbers of malicious apps through the Play Store down to a fraction of a percent. However, this has led to a rise in harmful apps being pushed onto Android users outside of the Play Store through direct downloads of APKs by using links in SMS messages, websites, and messaging apps.</p><p>While Play Protect can still warn users if the malicious app is already known to Google, these apps exist "off the grid" to the Play Store, and typically never pass through Google&apos;s rigorous checks — leaving users exposed to potentially harmful attacks.</p><p>In response, <a href="https://security.googleblog.com/2023/10/enhanced-google-play-protect-real-time.html" target="_blank">Google have enhanced Play Protect</a> to keep users installing apps inside and outside of the Google Play Store safer than ever. The update, which began rolling out to users yesterday, sees Play Protect now offer real-time, code-level scanning of unknown apps in order to detect malicious intent or variations of harmful code.</p><p>This real-time analysis will then be able to inform users if a third-party APK is safe to install and pass this information back to Google&apos;s servers to keep others safe in future.</p><h2 id="google-play-protect-how-to-enable-google-play-protect">Google Play Protect: How to enable Google Play Protect</h2><p>Google Play Protect is enabled by default on Android Phones making use of Google Play Services. However, if you want to make sure you&apos;re protected let&apos;s go through the steps of making sure this feature is currently active.</p><p><strong>Step 1:</strong> Open the <strong>Google Play Store</strong>.</p><p><strong>Step 2:</strong> At the top right, tap on your profile icon.</p><p><strong>Step 3:</strong> Tap <strong>Play Protect</strong>, and then <strong>Settings</strong>.</p><p><strong>Step 4:</strong> Make sure <strong>"Scan Apps with Play Protect"</strong> is set to <strong>On</strong>. </p><h2 id="outlook-2">Outlook</h2><p>While this seems like a minor update on the surface, the enhancement to Google Play Protect is a notable leap in security for Android phones. Not only will more Google Play Store users be safer from unknown threats, but so too will those making use of unregistered APKs.</p><p>Each app scanned by Play Protect aids in training Google&apos;s machine learning algorithms, helping it recognize threats easier. This includes advanced threats such as polymorphic and AI incursions that prove both difficult to detect and even more difficult to remove from a user&apos;s device.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Untold number of Android users duped by dangerous SpyNote trojan ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/dont-trust-that-update-untold-number-of-android-users-duped-by-dangerous-spynote-trojan</link>
                                                                            <description>
                            <![CDATA[ An untold number of users may have fallen victim to this keylogging, call recording, and screen capturing trojan. Here's what it does and how experts suggest you remove it. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">kzNZqrAK5yfaGsJA6wcs3R</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/AYEtog8rhbU9mjqhs4Ftk9-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 18 Oct 2023 14:32:05 +0000</pubDate>                                                                                                                                <updated>Tue, 24 Oct 2023 09:12:29 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/AYEtog8rhbU9mjqhs4Ftk9-1280-80.jpg">
                                                            <media:credit><![CDATA[N/A]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Image by Bing Image Generator (Powered by Dall.E 3), Prompt: A smartphone being held by somebody and there is a dangerous notification on the screen, in a flat style, infographic-like, on a white background]]></media:description>                                                            <media:text><![CDATA[Image by Bing Image Generator (Powered by Dall.E 3), Prompt: A smartphone being held by somebody and there is a dangerous notification on the screen, in a flat style, infographic-like, on a white background]]></media:text>
                                <media:title type="plain"><![CDATA[Image by Bing Image Generator (Powered by Dall.E 3), Prompt: A smartphone being held by somebody and there is a dangerous notification on the screen, in a flat style, infographic-like, on a white background]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/AYEtog8rhbU9mjqhs4Ftk9-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>As an update to this piece, a Google representative has informed us that Google Play Protect is aware of the core SpyNote threat and users are protected against its installation. "<em>Google implemented user protections for this spyware ahead of this report&apos;s publication. Users are protected by </em><a href="https://support.google.com/googleplay/answer/2812853?hl=en" target="_blank"><em>Google Play Protect</em></a><em>, which can warn users or block apps known to exhibit malicious behavior on Android devices with Google Play Services."</em>You can read more about Google Play Protect&apos;s new real-time scanning feature for unknown applications <a href="https://www.laptopmag.com/software/antivirus-cyber-security/google-play-protects-new-real-time-scans-make-android-phones-safer-than-ever-make-sure-its-turned-on">here</a>.</p><p>Android users have been put on spyware high-alert as a banking trojan by the name of <strong>SpyNote</strong> has recently returned to the limelight.</p><p>The <strong>Android-based malware</strong> has been a background security threat for users since 2022. However, now in its third revision and with source code of of one of its variants (known as &apos;CypherRat&apos;) having leaked online in January of 2023, detections of this spyware have spiked throughout the year.</p><p>SpyNote isn&apos;t like many of the threats Android users face. You won&apos;t find it tucked away inside of an innocuous app on the <a href="https://www.laptopmag.com/news/heres-why-the-google-play-store-is-a-malware-infected-hellscape">malware infected hellscape that is Google Play</a> — at least not for now.</p><p>Instead, its primary method of spreading is through &apos;Smishing&apos; or SMS phishing. These SMS messages can range from government updates to social media alerts with links to malicious apps. Here users will be misled into downloading an Android Package file (.APK), that works outside of the Google Play Store to infect a device and begin it&apos;s nefarious deeds.</p><h2 id="spynote-what-does-it-do">SpyNote: What does it do?</h2><p>As stated, SpyNote&apos;s primary method of infection is through SMS phishing attacks. However, variants of the spyware do exist and its methods of infection may evolve over time.</p><p>If you&apos;re unlucky enough to fall foul of these attempts, the third-party app (while posing as an official update or legitimate service) tricks the user into accepting various permissions — after which, it will hide itself from view and begin to work behind the scenes at collecting user data in the following ways.</p><ul><li><strong>Audio recording:</strong> Including microphone access and phone calls.</li><li><strong>Camera recording:</strong> Being able to access a victims camera for pictures or video.</li><li><strong>Keylogging:</strong> Recording every input and tap you make on your device.</li><li><strong>Credential theft:</strong> Stealing user logins (usernames, passwords, passkeys, and more) by intercepting banking, crypto wallets, and social media apps.</li><li><strong>Screen recording:</strong> Through screenshot captures and device streaming.</li><li><strong>GPS tracking:</strong> Accessing location services to track a victims location.</li></ul><h2 id="spynote-do-i-have-it-and-how-do-i-remove-it">SpyNote: Do I have it, and how do I remove it?</h2><p>SpyNote&apos;s presence is hard to detect, and even harder to remove. If you&apos;ve accessed a link to an app through SMS at any point, one of the ways you can tell if SpyNote is present on your device is by seeing if it reacts to you opening your device&apos;s Settings menu.</p><p>The purpose of any piece of spyware is to collect as much information as possible, as such it needs to stay on the device for as long as possible. One of SpyNote&apos;s methods of ensuring this is to repeatedly close the settings menu whenever it is opened — preventing users from uninstalling the third-party app through the usual menus.</p><p>Amit Tembe, <a href="https://blog.f-secure.com/take-a-note-of-spynote/" target="_blank">a researcher at security firm F-Secure</a>, SpyNote is a particularly difficult piece of software to remove from your device "<strong>often necessitating a factory reset</strong>, resulting in data loss."</p><p>Sadly, this seems like it&apos;s often the best way of removing the troublesome spyware from your system, before changing any and all logins you may use afterwards to prevent the spread, sale, and use of your credentials without permission.</p><h2 id="outlook-3">Outlook</h2><p>SpyNote&apos;s pervasive pilfering of your information runs incredibly deep. Meaning removing it from your phone will be only half the journey when it comes to recovering from its effects.</p><p>As always, to avoid instances like this, Laptop Mag recommend only downloading apps through verified channels such as the Google Play Store. While it might not be perfect and security vulnerabilities will happen from time to time. It&apos;s the much safer alternative to downloading third-party Android Packages (.APKs) that bypass Google&apos;s security steps altogether.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Google wants you to ditch your password — passkeys are the new default ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/google-wants-you-to-ditch-your-password-passkeys-are-the-new-default</link>
                                                                            <description>
                            <![CDATA[ Google account users will now be prompted to create a passkey by default for their account, using a fingerprint, PIN, or face scan to sign in rather than a password. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">EwCrgqDxq5BvafmgEha7QP</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/4yCNWWY5LV6Ka4iDTquzDJ-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 11 Oct 2023 11:00:41 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/4yCNWWY5LV6Ka4iDTquzDJ-1280-80.jpg">
                                                            <media:credit><![CDATA[Unsplash / Brett Jordan ]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Google app]]></media:description>                                                            <media:text><![CDATA[Google app]]></media:text>
                                <media:title type="plain"><![CDATA[Google app]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/4yCNWWY5LV6Ka4iDTquzDJ-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Earlier this year, Google made a huge step towards a "passwordless future" and introduced passkeys, which are more secure, faster to use, and easier to remember than traditional passwords. A passkey could be your PIN, face, or fingerprint used to unlock your device.</p><p>Starting today, <a href="https://blog.google/technology/safety-security/passkeys-default-google-accounts/">passkeys will be the new default</a> (via <a href="https://www.theverge.com/2023/10/10/23910966/google-account-passkey-setup-prompt-default-passwordless-security">The Verge</a>). Google users will be prompted to create a passkey for their account if they haven&apos;t already, making it easier to switch from password to passkey.</p><p>If you&apos;re not ready to make the change, don&apos;t worry. Although it&apos;s an industry-wide goal for passkeys to eventually phase out traditional passwords, Google says that "new technologies take time to catch on — so passwords may be around for a little while." You can opt out of creating a passkey, and stick with your trusty password for now. </p><h2 id="what-makes-passkeys-more-secure">What makes passkeys more secure?</h2><p>Alongside Apple and Microsoft, Google announced last year that it would support a new sign-in standard that was created by the Fast IDentity Online (FIDO) Alliance to embark on a journey towards a password-free future. <a href="https://blog.google/inside-google/googlers/ask-a-techspert/how-passkeys-work/">Google says</a> "this joint effort to create a safer alternative to passwords is rooted in passkeys." </p><p>Put simply, "a passkey is a FIDO credential stored on your computer" that you use to unlock your online accounts. Because a passkey requires proof that you are who you say you are, it&apos;s much safer than a traditional password. </p><p>Traditional passwords typically contain pet names, important dates, family member names, or favorite books, sports teams, or movies—this is all information that can easily be guessed for malicious reasons or forgotten by the user over time. </p><p>To combat the vulnerability of traditional passwords, we&apos;ve seen fixes like multi-factor authentication or authenticator apps. Google thinks passkeys will replace traditional passwords and all the extra security measures placed on top.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1000px;"><p class="vanilla-image-block" style="padding-top:200.00%;"><img id="8HxXyEJ4YrQyUXufByzdui" name="PasskeysUITemplate-1.width-1000.jpg" alt="prompted to switch to passkey" src="https://cdn.mos.cms.futurecdn.net/8HxXyEJ4YrQyUXufByzdui.jpg" mos="" align="middle" fullscreen="" width="1000" height="2000" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Google)</span></figcaption></figure><p>You can have more than one passkey on multiple devices, and you don&apos;t have to worry about someone else gaining access to everything that requires a passkey on your device if you lose it because your passkeys are only useful to you. Google says passkeys "authenticate that you are in posession of your device, and that you are the one accessing your account."</p><p>Passkeys are phishing-resistant and 40% faster to use than traditional passwords. Plus, you&apos;ll never have to remember which numbers or special characters you added to your password to make it different from your previous password.</p><p>If you haven’t been prompted yet to switch from your old password to a new passkey, check out our guide on <a href="https://www.laptopmag.com/how-to/how-to-use-passkeys-to-sign-into-your-google-account"><u>how to use passkeys to sign into your Google account</u></a> to manually make the switch. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Watch out! This password-stealing malware is posing as a popular password manager ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/watch-out-for-this-password-stealing-malware-its-posing-as-a-popular-password-manager</link>
                                                                            <description>
                            <![CDATA[ This newest malware threat is targeting Windows users specifically, posing as the popular password manager, Bitwarden, to do so. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">g2RyM9K4nuhUcPDcbrsMRo</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/wjbNmaBrrJLcXvbrfkhcjd-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 29 Sep 2023 04:00:51 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/wjbNmaBrrJLcXvbrfkhcjd-1280-80.jpg">
                                                            <media:credit><![CDATA[piranka/Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[A physical lock resting on a laptop keyboard]]></media:description>                                                            <media:text><![CDATA[A physical lock resting on a laptop keyboard]]></media:text>
                                <media:title type="plain"><![CDATA[A physical lock resting on a laptop keyboard]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/wjbNmaBrrJLcXvbrfkhcjd-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>If you&apos;ve recently downloaded Bitwarden as your go-to password manager, you might want to double check that it&apos;s not masquerading as password-stealing malware. <a href="https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm">Proofpoint researchers identified</a> a new malware they&apos;re calling ZenRAT that&apos;s prompting unsuspecting users to download fake installation packages of Bitwarden. </p><p>This malware seems to only be affecting Windows users, while users on other platforms are only sent to a benign webpage. Proofpoint was tipped off to this malicious software by Jérôme Segura at Malwarebytes, but it&apos;s unclear at the moment how people are stumbling across the malware in the first place.</p><h2 id="how-to-avoid-this-password-stealing-malware">How to avoid this password-stealing malware</h2><p>If you&apos;re not using Windows, you&apos;re safe from this malware attack. Anyone using a different OS who clicks on the fake Bitwarden site is sent to a webpage containing a cloned article from opensource.com, but there&apos;s no malware in sight.</p><p>For Windows users, clicking on the fake Bitwarden site opens up a page that looks almost identical to the real Bitwarden site. If you look at the address bar, however, you&apos;d see that the site address reads bitwariden[.]com rather than the real bitwarden.com. </p><p>On this fake Bitwarden site, clicking the Download button or the Desktop installer for Windows Download button would send a request to crazygameis[.]com to grab the malicious Bitwarden installation package. Proofpoint notes that crazygameis[.]com no longer appears to be hosting the malware, and the names and versions of the malware have changed a few times over the past few months.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:816px;"><p class="vanilla-image-block" style="padding-top:29.17%;"><img id="toCBmUBW4VwrYXAJBbJyg7" name="Picture3_22.jpg" alt="bitwarden spoof password malware" src="https://cdn.mos.cms.futurecdn.net/toCBmUBW4VwrYXAJBbJyg7.jpg" mos="" align="middle" fullscreen="" width="816" height="238" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Proofpoint)</span></figcaption></figure><p>Only Windows users can access this fake Bitwarden site, but links for Linux and macOS downloads are still clickable. If someone clicks on a non-Windows download link, they&apos;re redirected to the actual Bitwarden site.</p><p>When Proofpoint looked at the installer details for the malware package, they found the installer posing as Speccy, a software used to gather system specifications, and claiming to be signed by Tim Kosse, known for developing the Filezilla FTP/SFTP software. </p><p>According to Proofpoint, "The installer file copies itself to C:\Users\[username]\Appdata\Local\Temp, and creates a hidden file, named .cmd in the same directory that launches a self-deletion loop for both itself, and the installer file." This self-deletion loop means that the file will automatically remove both it and the installer as soon as it finishes running.</p><p>It looks like ZenRAT is collecting host data once it&apos;s installed, including your computer&apos;s CPU Name, GPU Name, OS Version, installed RAM, IP address and gateway, installed antivirus programs, and installed applications. </p><p>Right now, Proofpoint doesn&apos;t have any leads on how traffic is being directed to the fake Bitwarden site in the first place. Historically, fake software installers catch victims through SEO Poisoning, adware bundles, or email phishing. </p><p>SEO Poisoining, or phishing through fake sites and ads in search engine results, seems to be growing in popularity, so be extra careful to read the site&apos;s address before clicking on it, downloading anything, or inputting personal information. For extra security in the future, be sure to check out these <a href="https://www.laptopmag.com/how-to/5-windows-security-settings-you-should-change-now-to-protect-your-laptop">Windows security settings you should change</a>. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Hackers may have breached 'all Sony systems' — here's what we know ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/software/antivirus-cyber-security/hackers-may-have-breached-all-sony-systems-heres-what-we-know</link>
                                                                            <description>
                            <![CDATA[ A new ransomware group has allegedly hacked all Sony systems and plans to sell the stolen data to third parties since Sony didn’t want to pay. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">ci422tRzBgUB9DD7vQyQJE</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/Zqq5v3xWDH3tg4Y8MYhQ6e-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 26 Sep 2023 04:30:12 +0000</pubDate>                                                                                                                                <updated>Mon, 16 Oct 2023 12:55:37 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sarah Chaney ]]></dc:creator>                                                                                                        <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/Zqq5v3xWDH3tg4Y8MYhQ6e-1280-80.jpg">
                                                            <media:credit><![CDATA[Sony]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[sony building at night]]></media:description>                                                            <media:text><![CDATA[sony building at night]]></media:text>
                                <media:title type="plain"><![CDATA[sony building at night]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/Zqq5v3xWDH3tg4Y8MYhQ6e-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>A ransomware newcomer is advertising its recent hack of all Sony systems. Reported by <a href="https://www.cybersecurityconnect.com.au/commercial/9600-ransomed-vc-group-claims-hack-on-all-of-sony-systems"><u>Cyber Security Connect</u></a>, this ransomware group “has racked up an impressive amount of victims” despite starting operations as Ransomed.vc only a month ago. </p><p>If the ransomware group’s claims are to be believed, Sony is the latest victim. Unlike the 2011 Sony hack that left personal details of 77 million PlayStation Network users exposed, this hack includes all Sony systems, not just the PlayStation sector. Sony hasn’t confirmed yet whether its systems were hacked by Ransomed.vc, but here’s what we know so far.</p><h2 id="the-proof-behind-the-hack-isn-apos-t-substantial">The proof behind the hack isn&apos;t substantial</h2><p>Ransomed.vc is claiming they’ve “successfully compromissed [sic] all of sony systems,” but the proof to back up this claim is lacking. There are screenshots of an internal login screen and an internal PowerPoint presentation with test bench details. Then, there’s a file tree of the stolen data, which includes less than 6,000 files. </p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:828px;"><p class="vanilla-image-block" style="padding-top:48.31%;"><img id="HwFqFvxj7258jcDwnXGLv4" name="sony ransomed.vc hack.jpg" alt="sony ransomed.vc hack" src="https://cdn.mos.cms.futurecdn.net/HwFqFvxj7258jcDwnXGLv4.jpg" mos="" align="middle" fullscreen="" width="828" height="400" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Cyber Security Connect)</span></figcaption></figure><p>Among these files, there are build log files, some HTML files, and various Java resources. For a hack that involves “all of sony systems,” the number of stolen files used as proof is pretty small. After all, Sony is a multinational conglomerate corporation with a ton of divisions, subdivisions, and employees, so the company likely has millions of files—not just 6,000.</p><p>Of course, these 6,000 files used as proof-of-hack information could just be a snippet of what Ranssomed.vc stole, but we won’t know for sure until Sony confirms or denies the attack. In the message attached to the leaked attack, Ransomed.vc adds “We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE.”</p><p>According to Cyber Security Connect, Ransomed.vc listed a “post date” of September 28. There’s no price attached to the stolen data, but the ransomware group left its contact details. If the data doesn’t sell before the posted date, the group will likely publish it wholesale rather than wait for an individual buyer.</p><p>It&apos;s worth mentioning again that Sony hasn&apos;t officially confirmed this ransomware attack, but the company has been hacked before. In the meantime, if you&apos;re worried about <a href="https://www.laptopmag.com/features/what-is-ransomware-how-to-avoid">how ransomware works and how it could affect you</a>, check out our helpful guide. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Skype messages are being used to give away your location: Here’s how ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/skype-messages-are-being-used-to-give-away-your-location-heres-how</link>
                                                                            <description>
                            <![CDATA[ Skype mobile app flaw is revealing user IP addresses and location information. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">DXnqtFoY6Fw7HAhkPTajE8</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/2XKpD2BmB74ZRaKSskvQS4-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 30 Aug 2023 06:00:00 +0000</pubDate>                                                                                                                                <updated>Mon, 16 Oct 2023 11:33:20 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/2XKpD2BmB74ZRaKSskvQS4-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Skype messages are being used to deliver nasty viruses: Here’s how]]></media:description>                                                            <media:text><![CDATA[Skype messages are being used to deliver nasty viruses: Here’s how]]></media:text>
                                <media:title type="plain"><![CDATA[Skype messages are being used to deliver nasty viruses: Here’s how]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/2XKpD2BmB74ZRaKSskvQS4-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Pause before you open that incoming Skype message on your mobile device. As reported by <a href="https://www.pcworld.com/article/2044341/reading-a-skype-message-could-reveal-your-location-to-hackers.html" target="_blank">PCWorld</a>, a recent flaw in the Skype mobile app reveals your IP address and location to threat agents without your knowledge. Sadly, all you have to do is open the message with a link, and you&apos;re now vulnerable. </p><p>According to the report, the odd thing is that Microsoft knows about this flaw, but is taking a lackadaisical approach to coming up with and releasing a fix. Although the tech giant knows of the spot, it has supposedly decided the flaw doesn&apos;t meet the criterion of a severe security threat or vulnerability. Apparently, giving away your location and IP address isn&apos;t a severe privacy issue for them. </p><h2 id="microsoft-apos-s-flawed-reaction-to-security-threat">Microsoft&apos;s flawed reaction to security threat</h2><p><a href="https://www.404media.co/hackers-find-your-skype-ip-address-microsoft-wont-fix/" target="_blank">According to 404 Media Report</a>, you don&apos;t have to click the link within the message. All you have to do to give away your IP and location is open the message. An independent security researcher named Yossi discovered the flaw and reached out to Microsoft, and in emails, he shared with 404 Media Report, the tech giant stated, "The issue did not require immediate servicing and did not indicate that it plans to fix the security hole."</p><p>Although Microsoft did say it would patch the hole in the future with an upcoming update, no timeline was given. A fear some have is the security flaws&apos; ability to give away a person&apos;s physical location, which is a significant privacy and personal security risk. How Microsoft has deemed this non-concern is very concerning. Using Skype to locate someone you may have issues with to escalate or exacerbate the problems is a huge danger, especially with lax gun laws in the United States of America and the <a href="https://www.gunviolencearchive.org/reports/mass-shooting" target="_blank">daily mass shootings</a>. </p><p>Microsoft&apos;s stance that, "This report does not appear to identify a weakness in a Microsoft product or service that would enable an attacker to compromise the integrity, availability, or confidentiality of a Microsoft offering," is reckless and endangers the wellbeing of anyone using the Skype mobile application. </p><p>Since Microsoft has yet to fix the issue, Skype, which has been losing much ground in recent years, seems to be further burying itself as a communication platform. How does one use Skype knowing that it is unsafe? Since there is no fix, not even using a VPN, which usually hides your location, will not protect you from this massive security flaw. </p><p>The only advice I would suggest is, until Microsoft addresses this issue with an update, don&apos;t use Skype as you could be giving away your location. As developments happen with this story, we will keep you updated. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Duolingo: If you've ever used it, hackers may have your data — how to check ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/duolingo-if-youve-ever-used-it-hackers-may-have-your-data-how-to-check</link>
                                                                            <description>
                            <![CDATA[ Duolingo is the latest platform to suffer a major data leak; language-learning app allegedly exposed the data of 2.6 million users. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Mqvr7xex2j34XaCRM5HaN4</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/vncK9aHjpHt6kFU3PXB2Se-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 23 Aug 2023 22:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Kimberly Gedeon ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/5dnFvosdQ4xpGod6qS6KZc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/vncK9aHjpHt6kFU3PXB2Se-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/SOPA Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Duolingo]]></media:description>                                                            <media:text><![CDATA[Duolingo]]></media:text>
                                <media:title type="plain"><![CDATA[Duolingo]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/vncK9aHjpHt6kFU3PXB2Se-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Duolingo is in hot water after it&apos;s been revealed that hackers scraped data of 2.6 million users from the language-learning app, according to <a href="https://www.bleepingcomputer.com/news/security/scraped-data-of-26-million-duolingo-users-released-on-hacking-forum/">BleepingComputer</a>. Duolingo confirmed to <a href="https://therecord.media/duolingo-investigating-dark-web-post-offering-data-from-2-6-million-accounts">TheRecord</a> that it&apos;s investigating a post on Breached, a hacking forum, that offered $1,500 in exchange for its customers&apos; details.</p><p>Interestingly, however, a Duolingo spokesperson denies that a data breach or hack occurred. "These records were obtained by data scraping public profile information," a Duolingo spokesperson said.</p><p>However, BleepingComputer isn&apos;t convinced; users&apos; email addresses were exposed in the breach, which are not available to the public.</p><h2 class="article-body__section" id="section-how-it-all-went-down"><span>How it all went down</span></h2><p>In January 2023, a malicious actor was selling scraped data of 2.6 million Duolingo users on a now-defunct version of Breached. As mentioned, the price tag for the exposed information was $1,500.</p><p>According to BleepingComputer, this data includes users&apos; real names, public login, email addresses, and even their language-learning progress. On Monday, <a href="https://twitter.com/vxunderground/status/1693742275145150927">X user VX-Underground</a> spotted that the Duolingo data leak was released on a <em>new </em>version of the Breached forum.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">A Threat Actor identified a bug in the Duolingo API. Sending a valid email to the API returns generic account information on the user (name, email, languages studied).They used an email list to assemble over 2.6m unique entries.This will be used for doxxing.<a href="https://twitter.com/vxunderground/status/1693742275145150927">August 21, 2023</a></p></blockquote><div class="see-more__filter"></div></div><p>The threat actor claims that he snagged Duolingo users&apos; information by scraping an exposed API. Pundits suspect that the threat actor fed this API email addresses leaked in <em>previous</em> breaches. Next, the API likely confirmed whether the email addresses are connected with an active Duolingo account. Consequently, the threat actor had the opportunity to create a Duolingo customer data collection that features a mélange of both public and non-public information.</p><h2 class="article-body__section" id="section-how-to-check-if-you-ve-been-compromised"><span>How to check if you've been compromised</span></h2><p>Interestingly, Have I Been Pwned, a site that lets you check whether you&apos;ve been compromised in data leaks, tweeted that 100% of the details scraped from the Duolingo breach were already in its database.</p><div class="see-more see-more--clipped"><blockquote class="twitter-tweet hawk-ignore" data-lang="en"><p lang="en" dir="ltr">New scraped data: Duolingo had 2.6M records scraped from a vulnerable API earlier this year and posted to a hacking forum today. Data included name, email, username and learning progress. 100% were already in @haveibeenpwned. Read more: https://t.co/fR3d9rPody<a href="https://twitter.com/haveibeenpwned/status/1694210094886731940">August 23, 2023</a></p></blockquote><div class="see-more__filter"></div></div><p>Have I Been Pwned added the Duolingo data breach to its system, so click <a href="https://haveibeenpwned.com/">here</a> to see whether your information fell into the wrong hands.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This subscription malware can steal your private data from 60+ popular apps — how to avoid it ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/beware-subscription-malware-arms-hackers-with-tools-to-steal-your-private-data</link>
                                                                            <description>
                            <![CDATA[ An update to Raccoon Stealer, a subscription-based malware tool, gives hackers new tools to help them evade capture and steal your private data. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">qimBABZtSmVcFkFd7KqMkH</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/ZNi42Tpb6eyu8RgcheWNNi-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 16 Aug 2023 07:00:02 +0000</pubDate>                                                                                                                                <updated>Wed, 16 Aug 2023 14:23:38 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/ZNi42Tpb6eyu8RgcheWNNi-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images / Matic Grmek]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hacker on PC]]></media:description>                                                            <media:text><![CDATA[Hacker on PC]]></media:text>
                                <media:title type="plain"><![CDATA[Hacker on PC]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/ZNi42Tpb6eyu8RgcheWNNi-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>It feels like we are reporting on a new hacking incident daily and it&apos;s easy to see why with tools like Raccoon Stealer out in the wild.</p><p>The subscription-based malware tool is designed to give hackers an easy interface to aid them in their quest to relieve you of your private data, while also evading the authorities (via <a href="https://www.bleepingcomputer.com/news/security/raccoon-stealer-malware-returns-with-new-stealthier-version/">Bleeping Computer</a>).</p><h2 id="trash-panda-hackers">Trash panda hackers</h2><p>The aptly named Raccoon Stealer is nothing new, but after its main developer was arrested in October of 2022 it seemed like it may simply disappear. Of course, with money to be made, someone else took up the reins and the subscription hacking app is back to help hackers forage through your private data in over 60 apps to reveal treasures like your credit card details, login info, browsing history, cookies, and of course the ever-popular crypto wallets.</p><p>For $200 a month, newer hackers get access to these updated tools which give an easier interface from which to launch nefarious data thievery. </p><p>A new dashboard allows them to quickly search through large breached datasets. It also offers enhanced protection with a feature that attempts to identify security measures in hacked PCs so that it can delete any potentially incriminating evidence on those machines. An activity profile shows the hackers the potential threat posed to them by any given PC with a red, yellow, and green emoji. Another new system identifies IP addresses associated with crawlers and bots typically used by cyber-security firms and blocks them. Last, but not least a Log Stats panel gives the hacker a look at how their digital crime spree is faring with how many PCs they&apos;ve infiltrated and their success rate in specific regions.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2725px;"><p class="vanilla-image-block" style="padding-top:56.26%;"><img id="KUoxMcaQ3qeDSXkg66G9ZR" name="How to do 2FA right-16-9.jpg" alt="How to do 2FA right: Getting started with two-factor authentication" src="https://cdn.mos.cms.futurecdn.net/KUoxMcaQ3qeDSXkg66G9ZR.jpg" mos="" align="middle" fullscreen="" width="2725" height="1533" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Laptop Mag)</span></figcaption></figure><h2 id="how-to-avoid-being-hacked">How to avoid being hacked</h2><p>Unfortunately, malware-as-a-service isn&apos;t going away, which means hacking is just getting easier and the threats are going to continue to grow. So you need to arm yourself against the modern web with a couple of handy tips.</p><p>First, you need to be using a <a href="https://www.laptopmag.com/best-picks/best-password-managers">password manager</a>, and while the one built into your browser is terribly convenient, it is a large piece of software that can end up with a hole that exposes your login info. That&apos;s not to say that password managers are never breached, but select from one of the best and it is far less likely to happen and may even give you tools to rapidly change passwords en masse if a breach does happen.</p><p>Secondly, you should be using <a href="https://www.laptopmag.com/how-to/how-to-do-2fa">two-factor authentication</a>, it&apos;s going to seem annoying at first and please do not use the versions that use a text or email as the confirmation, but ultimately proper 2FA will save you the massive time suck and headache of dealing with a significant breach of your data.</p><p>Stay safe out there!</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Here’s why the Google Play Store is a malware infected hellscape ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/heres-why-the-google-play-store-is-a-malware-infected-hellscape</link>
                                                                            <description>
                            <![CDATA[ Hackers are abusing the Google Play Store to their benefit — here's how. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">Pyh6J8su8HLbxkELgKaEuf</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/tLdBXFrecVjuGpqmZhkZFC-1280-80.png" type="image/png" length="0"></enclosure>
                                                                        <pubDate>Tue, 08 Aug 2023 14:18:48 +0000</pubDate>                                                                                                                                <updated>Fri, 13 Oct 2023 11:53:31 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/png" url="https://cdn.mos.cms.futurecdn.net/tLdBXFrecVjuGpqmZhkZFC-1280-80.png">
                                                            <media:credit><![CDATA[How-To Geek]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Google Play Store app icon up close on phone display]]></media:description>                                                            <media:text><![CDATA[Google Play Store app icon up close on phone display]]></media:text>
                                <media:title type="plain"><![CDATA[Google Play Store app icon up close on phone display]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/tLdBXFrecVjuGpqmZhkZFC-1280-80.png" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Not a week goes by without the Google Play Store playing some part in delivering a strange new malware designed to steal from or spy on Android users — if it’s a good week, it’ll even manage both.</p><p>Many have been left puzzled by how the Google Play Store became more riddled with viruses than a sailor on shore leave — but not Google, who seem to have figured out how hackers are manipulating its platform to their benefit.</p><h2 id="google-play-store-a-weakness-exposed">Google Play Store: A weakness exposed</h2><p>A recent <a href="https://services.google.com/fh/files/blogs/gcat_threathorizons_full_jul2023.pdf" target="_blank"><u>threat report</u></a> published by Google’s Cybersecurity Action Team indicated that, in spite of a recent spike in cases, less than 1% of all downloads from Google Play are what the company calls Potentially Harmful Applications (or PHAs).</p><p>Google thoroughly evaluates all apps before release onto the Google Play Store and when PHAs are detected they’re quick to act — promptly removing apps and terminating developer accounts.</p><p>However, knowing this to be the case, dastardly developers have switched tactics. Instead of allowing a harmful app to go through Google’s evaluation process and risk getting flagged as a PHA, malicious actors will submit an innocuous and seemingly legitimate app for Play Store evaluation at first to gain Google’s trust.</p><p>However, once the app is on the Play Store it will receive an update from a third-party server — altering the app&apos;s code and functionality, allowing malicious extensions to execute freely.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:2000px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="gV2mvp2oVYQ2kRAN2ZrjMK" name="GooglePlaySubversionChart.jpg" alt="Diagram showing how DCL and versioning bypasses Google's Play Store security checks" src="https://cdn.mos.cms.futurecdn.net/gV2mvp2oVYQ2kRAN2ZrjMK.jpg" mos="" align="middle" fullscreen="1" width="2000" height="1125" attribution="" endorsement="" class="expandable"><a href='https://cdn.mos.cms.futurecdn.net/gV2mvp2oVYQ2kRAN2ZrjMK.jpg' target='_blank' class='expand-button icon-expand-image icon' ></a></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">A diagram from the Google threat report showcasing how DCL and versioning can bypass Google's Play Store security checks. </span><span class="credit" itemprop="copyrightHolder">(Image credit: Google)</span></figcaption></figure><h2 id="versioning-how-good-apps-go-bad">Versioning: How good apps go bad</h2><p>This process is called versioning — a circumvention of <a href="https://support.google.com/googleplay/android-developer/answer/9888379?hl=en#:~:text=An%20app%20distributed%20via%20Google,source%20other%20than%20Google%20Play." target="_blank"><u>Google Play’s policy</u></a> against any apps that can “modify, replace, or update itself using any other method than Google Play’s update mechanism.”</p><p>Google has identified one instance of versioning as Dynamic Code Loading (or DCL). DCL apps have the potential to download and run code from untrusted sources beyond the walled garden of the Google Play environment. This allows previously legitimate apps to bypass Google’s PHA checks and convert themselves into malware or spyware right under Google’s noses.</p><p>Google does state that apps making use of DCL “violate <a href="https://support.google.com/googleplay/android-developer/answer/9888077?visit_id=638200273350597826-1646989331&rd=1" target="_blank"><u>Google Play Deceptive Behavior policy</u></a> and may be categorized as a backdoor.” </p><h2 id="outlook-4">Outlook</h2><p>While Google has identified one of the main pipelines to malicious apps appearing on its platform, the report fails to indicate exactly how they plan to combat it. However, it’s highly unlikely that the Cybersecurity Action Team behind the report are willing to allow malicious actors to continue with their efforts for much longer.</p><p>Could we see a Play Store crackdown on DCL apps in the near future? Quite possibly. Google will no doubt be keen to patch up its app platform&apos;s biggest security flaw and hard at work on sealing shut any backdoor vulnerabilities currently being exploited.</p><p>For news, rumors, and updates on all things cybersecurity and tech, follow Laptop Mag on <a href="https://twitter.com/LaptopMag" target="_blank">Twitter</a>, <a href="https://www.facebook.com/laptopmag/" target="_blank">Facebook</a>, and <a href="https://flipboard.com/@LaptopMag" target="_blank">Flipboard</a> for the latest word as it arrives.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ New Google tool sends alerts when it spots invasive info about you — how to use it ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/new-google-tool-sends-alerts-if-it-discovers-invasive-info-about-you-how-to-use-it</link>
                                                                            <description>
                            <![CDATA[ The search-engine giant made some updates to the "Results about you" part of the Google app, giving you more control over your online footprint. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">3sxrxwgDEKzHJXc2naXY3k</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/PTMaFJAEoAbsZTkuFVaEc9-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 03 Aug 2023 22:00:00 +0000</pubDate>                                                                                                                                <updated>Fri, 13 Oct 2023 11:57:52 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Kimberly Gedeon ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/5dnFvosdQ4xpGod6qS6KZc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/PTMaFJAEoAbsZTkuFVaEc9-1280-80.jpg">
                                                            <media:credit><![CDATA[Future/Getty Images/Maria Voronovich]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Shocked man with text alert]]></media:description>                                                            <media:text><![CDATA[Shocked man with text alert]]></media:text>
                                <media:title type="plain"><![CDATA[Shocked man with text alert]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/PTMaFJAEoAbsZTkuFVaEc9-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Nothing is worse than Googling yourself and discovering invasive information you wish you could erase. Fortunately, a collective sigh of relief rang around the world when Google debuted its <a href="https://www.laptopmag.com/news/google-is-making-it-easier-to-remove-your-phone-number-and-email-address-from-search-results-heres-how">"Results about you" tool</a> last year. It lets users easily remove their phone number, home address, and email from Google Search.</p><p>On Thursday, <a href="https://blog.google/products/search/new-privacy-tools/">Google announced</a> that it&apos;s rolling out a few updates to the "Results about you" tool, including a new dashboard that alerts you of any web results displaying invasive information about you. How cool is that?</p><h2 id="how-to-access-the-updated-quot-results-about-you-quot-tool">How to access the updated "Results about you" tool</h2><p>As mentioned, the updated "Results about you" tool gives you an overview of <em>existing </em>web results that are displaying your private information. On top of that, it will also send you notifications about any <em>new </em>results that have your contact information. </p><p>Don&apos;t know how to access this tool? Follow the steps below.</p><p>1. Go to the <strong>Google app. </strong>(If you don&apos;t have it installed, you can get it <a href="https://apps.apple.com/us/app/google/id284815942">here if you&apos;re an iPhone user</a> or <a href="https://play.google.com/store/apps/details?id=com.google.android.googlequicksearchbox&hl=en_US&gl=US">here if you&apos;re an Android owner.</a>)</p><p>2. Tap on your Google account photo or icon on the top-right corner.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:400px;"><p class="vanilla-image-block" style="padding-top:214.50%;"><img id="tb6JrUQK6jwGypQB5BipoB" name="mwZswavrXEiGSHfkGc6vJd-400-80.jpg" alt="Google app account photo" src="https://cdn.mos.cms.futurecdn.net/tb6JrUQK6jwGypQB5BipoB.jpg" mos="" align="middle" fullscreen="" width="400" height="858" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">Google app account photo </span><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>3. Tap on <strong>Results about you. </strong></p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:400px;"><p class="vanilla-image-block" style="padding-top:214.50%;"><img id="CjeKU5cabLB2cZuDBrfLaL" name="ToG3rsbHwz6oHsDp4Y66CW-400-80.png" alt="Google app account photo" src="https://cdn.mos.cms.futurecdn.net/CjeKU5cabLB2cZuDBrfLaL.png" mos="" align="middle" fullscreen="" width="400" height="858" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">Google app account photo </span><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>Here, you should see a new dashboard that makes it easier for you to see a better overview of your online footprint, making the removal process more seamless. Again, you&apos;ll be notified about any new results about you, too.</p><p>If you don&apos;t see the new dashboard yet, don&apos;t worry. Google said it will roll out within the next few days, starting with U.S. users.</p><p><em>Keep in mind that while your information may be removed from Google Search, it will not be scrubbed from the internet. You&apos;ll have to reach out to the website directly for this.</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Nasty malware disguised as chat app can track your live location - is it on your phone? ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/dangerous-android-imposter-targets-your-whatsapp-facebook-data-delete-it-now</link>
                                                                            <description>
                            <![CDATA[ WhatsApp, Telegram, Signal, and Facebook Messenger users are being targeted by a fake instant messaging app. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">rNr2eSdq7QCsapVyHogvmE</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mWXUV6Bqo8fD4ntNPyEckn-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 02 Aug 2023 11:45:00 +0000</pubDate>                                                                                                                                <updated>Fri, 13 Oct 2023 11:52:34 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mWXUV6Bqo8fD4ntNPyEckn-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Spyware]]></media:description>                                                            <media:text><![CDATA[Spyware]]></media:text>
                                <media:title type="plain"><![CDATA[Spyware]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mWXUV6Bqo8fD4ntNPyEckn-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>WhatsApp, Telegram, Signal, and Facebook Messenger users have been put on high alert as the latest threat to their chat data has emerged in the form of “Safe Chat” — a fake instant messaging app.</p><p>The impostor app is convincingly designed but has no intention of allowing peer-to-peer communication — instead, the app’s primary goal is to spread the “CoverIm” malware, previously weaponized across the murky gizzards of the Google Play Store by APT (Advanced Persistent Threat) group ‘DoNot’.</p><h2 id="safe-chat-it-x2019-s-anything-but-xa0">Safe Chat: It’s anything but </h2><p>According to <a href="https://www.cyfirma.com/outofband/apt-bahamut-targets-individuals-with-android-malware-using-spear-messaging/" target="_blank"><u>CYFIRMA</u></a>, the analysts who exposed the Android security threat, the spread of the fake messaging app is done primarily through social engineering across instant messaging services like WhatsApp. Here, a victim will be tricked into believing they are downloading a more secure platform with which to talk over — unsuspectingly opening themselves up to further exploitation.</p><p>Safe Chat’s convincing user interface tricks victims into accepting a series of permissions under the guide of setting up a secure and safe chat environment. However, in actuality, the imposter app uses these permissions to begin the act of data extraction before the victim is even aware something is wrong.</p><p>The malware housed within the Safe Chat app will then begin to capture screen activity including keystrokes — and thanks to previously accepted permissions to ignore battery optimization and background usage it will continue to do so even while minimized or closed.</p><h2 id="coverim-malware-x2014-how-bad-is-it-xa0">CoverIm Malware — How bad is it? </h2><p>This particular instance of the CoverIm malware is particularly nefarious, especially when paired with its expanded privileges through the accepted Safe Chat permissions. As well as acting as a keylogger for keystrokes the malware is also capable of accessing precise locations through GPS, accessing your contacts list, SMS messages, call logs, and even external storage on your device.</p><p>The malware will also begin monitoring other messenger apps like WhatsApp, Signal, Telegram, and even Facebook Messenger for further data — all of which can then be transmitted to a C&C (Command and Control) server where attackers can then obtain all gathered information.</p><h2 id="outlook-5">Outlook</h2><p>Due to Safe Chat’s social engineering delivery method, there’s no clear indication of how many users may be affected by the malware, though it is believed that the majority of those infected reside in South Asia.</p><p>That being said, successful campaigns like this will often breed copycat attempts, so ensure you start alert across instant messaging apps and only install apps from trusted sources and storefronts.</p><p>If you have the Safe Chat app on your device delete it immediately before clearing your cache and running a full scan with an <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps" target="_blank"><u>antivirus app</u></a> of your choice.</p><p>For news, rumors, and updates on all things security and tech, follow Laptop Mag on <a href="https://twitter.com/LaptopMag" target="_blank"><u>Twitter</u></a>, <a href="https://www.facebook.com/laptopmag/" target="_blank"><u>Facebook</u></a>, and <a href="https://flipboard.com/@LaptopMag" target="_blank"><u>Flipboard</u></a> for the latest word as it arrives.  </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ These 2 new types of Android malware steal your cryptocurrency — delete them now ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/crypto-apps-turn-crypto-cap-cherryblos-android-malware-puts-your-wallet-at-risk</link>
                                                                            <description>
                            <![CDATA[ If you have an Android phone, your crypto wallet is regularly at risk from bad actors with fake apps that steal your information. Two new malware families have been discovered — named ‘CherryBios’ and ‘FakeTrade.’ ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">mQ2Uns7nBYj2gZqRSxxhsa</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/PMUgGAuRkZKQFnaBQiXcEb-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 31 Jul 2023 11:30:00 +0000</pubDate>                                                                                                                                <updated>Fri, 13 Oct 2023 11:18:03 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Jason England ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/wQPbR4WoyN3tC88cNxU7o9.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Jason brings a decade of tech and gaming journalism experience to his role as a writer at Laptop Mag. He takes a particular interest in writing articles and creating videos about laptops, headphones and games. He has previously written for Kotaku, Stuff and BBC Science Focus. In his spare time, you&#039;ll find Jason looking for good dogs to pet or thinking about eating pizza if he isn&#039;t already.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/PMUgGAuRkZKQFnaBQiXcEb-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/JaaakWorks]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Hacker stealing money from phone]]></media:description>                                                            <media:text><![CDATA[Hacker stealing money from phone]]></media:text>
                                <media:title type="plain"><![CDATA[Hacker stealing money from phone]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/PMUgGAuRkZKQFnaBQiXcEb-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>If you have an Android phone, your crypto wallet is regularly at risk from bad actors with fake apps that steal your information. Two new malware families have been discovered — named ‘CherryBios’ and ‘FakeTrade.’</p><p>They were both on Google Play for a while, and being widely shared across social media and fake websites. Here is a little more about how they work, but please make sure you delete them immediately, and keep that wallet safe.</p><h2 id="popping-the-cherry-bios">Popping the Cherry (Bios)</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:5000px;"><p class="vanilla-image-block" style="padding-top:56.26%;"><img id="oSyzvu9dpExXCQ7wGbvq8f" name="Android malware 2.jpg" alt="Android malware" src="https://cdn.mos.cms.futurecdn.net/oSyzvu9dpExXCQ7wGbvq8f.jpg" mos="" align="middle" fullscreen="" width="5000" height="2813" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Shutterstock)</span></figcaption></figure><p>Discovered by <a href="https://tech.hindustantimes.com/tech/news/trend-micro-finds-2-new-types-of-malware-on-google-play-store-is-it-on-your-phone-delete-now-71690710175053.html#:~:text=Trend%20Micro%20has%20found%20two,on%20the%20Google%20Play%20Store.&text=Cybercriminals%20are%20constantly%20evolving%20their,despair%20of%20innocent%20smartphone%20users." target="_blank"><u>Trend Micro</u></a>, these two new Android malware families have one goal in mind: steal your cryptocurrency details to conduct scams or nab your funds. </p><p>CherryBios has been distributed since April 2023, and is commonly found across social media, disguised as an AI tool or coin miner. To access your cryptocurrency funds, it manipulates your Accessibility service permissions to gain access to configuration files from the C2 server — a backdoor that can be used to automatically grant permissions without any user interaction.</p><p>With that, the user isn’t able to kill the app’s process of taking your crypto credentials. More concerning is the fact it also uses OCR (optical character recognition) to extract any text from images saved on your device. So if you screenshot your recovery phrase for your cryptocurrency wallet, that’s not safe when CherryBios is around!</p><p>FakeTrade is a separate campaign that uses the same nefarious means, but seems to be a little more widespread, given that 31 fraudulent apps were identified. These are posted like shopping-related programs or money-making offers to trick people into downloading them.</p><h2 id="outlook-6">Outlook</h2><p>Luckily, <a href="https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ocr-to-steal-credentials-from-images/" target="_blank"><u>Google confirmed</u></a> the CherryBios malware-infected apps have been removed from the Play Store. But there is still a cause for concern here, given that the APK is being spread through social media and fake websites.</p><p>If you’re worried about these malicious APKs, check whether you downloaded from the following websites:</p><ul><li>chatgptc[.]io</li><li>happyminer[.]com</li><li>robot999[.]net</li><li>Synthnet[.]ai</li></ul><p>And as we always say, check your phone and delete them promptly if you have them. Either that or stay away from unofficial APKs from websites, and stick to the Play Store. It may take Google a little bit to remove malicious apps, but it’s a far more reliable place than going outside the system.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Look out — Android stalkerware caught syping on thousands of phones ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/your-android-device-may-have-been-sharing-your-data-for-years</link>
                                                                            <description>
                            <![CDATA[ Spyhide, an app used to spy on romantic partners has been found to be sharing personal data with a nefarious Iranian software company and other threat actors. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">jUiDuiKMbhK9jDToXyx2ze</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/TNmfA9EYvDEh3dNnLRVZWi-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 27 Jul 2023 20:02:56 +0000</pubDate>                                                                                                                                <updated>Thu, 12 Oct 2023 12:51:56 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/TNmfA9EYvDEh3dNnLRVZWi-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Your Android device may have been sharing your data for years]]></media:description>                                                            <media:text><![CDATA[Your Android device may have been sharing your data for years]]></media:text>
                                <media:title type="plain"><![CDATA[Your Android device may have been sharing your data for years]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/TNmfA9EYvDEh3dNnLRVZWi-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Thanks to a Switzerland-based hacker, <a href="https://maia.crimew.gay/posts/fuckstalkerware-2/">maia arson crimew</a>, it&apos;s been revealed that thousands of Android devices have shared personal user data (contacts, messages, call logs, recordings, and location) with an Iranian stalkerware company for over seven years. As reported by <a href="https://www.techradar.com/pro/this-nasty-stalkerware-was-found-spying-on-tens-of-thousands-of-phones">TechRadar</a>, over 60,000 Android users have had their data exposed since 2016, thanks to a phone surveillance app called Spyhide. </p><p>Spyhide (a.k.a. Spouseware) is an app many have used to spy on their significant others. A spouseware app is used when someone suspects their significant other of cheating, being downloaded onto the victim&apos;s phone and running silently and sneakily in the background so that the suspecting spouse can track the activities of the person they think is stepping out. </p><p>However, users spying on their partners weren&apos;t the only ones collecting data; so was an Iranian software company Virsys, which may also go by Virsis. </p><h2 id="this-stalkerware-is-dangerous">This Stalkerware is dangerous</h2><p><a href="https://techcrunch.com/2023/07/24/spyhide-stalkerware-android/">TechCrunch</a>, which did a deep dive into how much data was collected, discovered that the victim&apos;s personal data was completely compromised, with call logs, text messages, and precise location history that dated back for years, being shared with threat actors worldwide. Spyhide&apos;s loose source code allowed access via its web-based dashboard, which allowed the victim&apos;s data to be exploited. </p><p>Using the information released by maia arson crimew, the team at TechCrunch was able to show how vast Spyhide&apos;s surveillance network is and how it reached around the world. Thousands of victims from Europe, Brazil, and the U.S. had more than 3,100 compromised devices sharing location data. One U.S.-based victim device had shared more than 100,000 location data points over several years. </p><p>What&apos;s terrifying is over 750,000 users have signed up to Spyhide to spy on someone or a romantic partner.  Oddly enough, it was found that in several cases, it wasn&apos;t just one person stalking a singular victim, but several to thousands of individuals were following the activities of certain victims. In one case, 4,000 people were surveilling one individual. </p><p>Although TechCrunch tried to reach the developers of Spyhide, nobody responded. For its part, Google banned such spying devices from its app store long ago, but you can download Spyhide from the company&apos;s website. </p><p>To avoid this issue, go to Google Settings and check which apps share your data, especially your location. You can also turn off location sharing, and when an app requests you share location, deny it faster than me saying no to a fruit salad.</p><p>Lastly, here&apos;s some advice from a wise, experienced person who has had many relationships in adulthood. If your gut tells you you can&apos;t trust your partner, then end the relationship and save yourself the trouble. Don&apos;t go behind their backs and download spyware to their phone.  Trust is the central cog in any healthy relationship. If you have good, logical, fact-based reasons not to trust someone, then do yourself and them a favor and move on. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ LokiBot malware infecting PCs via Microsoft Word — protect yourself now ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/lokibot-malware-infecting-pcs-via-microsoft-word-protect-yourself-now</link>
                                                                            <description>
                            <![CDATA[ Thanks to a report in TheHackerNews, we know that Microsoft Word documents are being used to exploit known remote code execution flaws. The flaws are used as phishing lures to sneak the LokiBot malware onto compromised computers. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">T4nWw6xVhEpMWLgjMpuw8T</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/uSqcUow4hYpCAGSBz2DCY4-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 19 Jul 2023 06:00:00 +0000</pubDate>                                                                                                                                <updated>Mon, 16 Oct 2023 11:50:37 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/uSqcUow4hYpCAGSBz2DCY4-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Don’t open that Word Doc; it may be infected with a LokiBot]]></media:description>                                                            <media:text><![CDATA[Don’t open that Word Doc; it may be infected with a LokiBot]]></media:text>
                                <media:title type="plain"><![CDATA[Don’t open that Word Doc; it may be infected with a LokiBot]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/uSqcUow4hYpCAGSBz2DCY4-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Thanks to a report in <a href="https://thehackernews.com/2023/07/cybercriminals-exploit-microsoft-word.html">TheHackerNews</a>, we know that Microsoft Word documents are being used to exploit known remote code execution flaws. The flaws are used as phishing lures to sneak the LokiBot malware onto compromised computers. </p><p>These so-called "LokiBots, " also known as Loki PWS, have stolen users&apos; information since 2015 and remain a well-known trojan. Cara Lin, a security researcher with <a href="https://www.fortinet.com/">Fortinet</a> FortiGuard, said, "It primarily targets Windows systems and aims to gather sensitive information from infected machines."</p><p>Fortinet first noticed the attack campaign in May 2023; the company released a <a href="https://www.fortinet.com/blog/threat-research/lokibot-targets-microsoft-office-document-using-vulnerabilities-and-macros">statement</a> saying the attacks take advantage of <a href="https://thehackernews.com/2021/09/microsoft-releases-patch-for-actively.html" target="_blank">CVE-2021-40444</a> and <a href="https://thehackernews.com/2023/07/romcom-rat-targeting-nato-and-ukraine.html" target="_blank">CVE-2022-30190</a> (aka Follina) to achieve code execution.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1600px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="QDvk8RGuhYouYh22DDxKKC" name="malwareattackchain.jpg" alt="LokiBot malware infecting PCs via Microsoft Word — protect yourself now" src="https://cdn.mos.cms.futurecdn.net/QDvk8RGuhYouYh22DDxKKC.jpg" mos="" align="middle" fullscreen="" width="1600" height="900" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><h2 id="how-it-apos-s-done">How it&apos;s done</h2><p>According to the folks at Fortinet, the Word file that activates CVE-2021-40444 uses an external GoFile link that&apos;s embedded within an XML file which leads to the download of an HTML file that exploits Follina to download a next-stage payload, an injector module written in Visual Basic that decrypts and launches LokiBot.</p><p>On top of all this, and not to add to your worry, the injector also uses evasion techniques to check your system for the presence of debuggers and determine if it&apos;s running in a virtualized environment. So this malware is super smart and invasive. </p><p>Discovered towards the end of May, an alternative chain starts with a Word document incorporating a VBA script which then executes a macro immediately when users open the document using the "Auto_Open" and "Document_Open" functions.</p><p>This macro script subsequently delivers a payload from a remote server, which also functions as a way to load LokiBot and connect to a command-and-control (C2) server.</p><h2 id="lokibot-apos-s-yes-there-are-several">LokiBot&apos;s, yes there are several</h2><p>This is not the first<a href="https://malpedia.caad.fkie.fraunhofer.de/details/win.lokipws"> LokiBot</a> or the last. Like the deity of mischief, who can conjure up multiple versions of themself, there appear to be many variants that affect every OS imaginable. This current one is not confused with the LokiBot, a known <a href="https://malpedia.caad.fkie.fraunhofer.de/details/apk.lokibot">Android banking trojan</a> that can log your keystrokes, capture screenshots and gather your login information. That filthy trickster will siphon your financials, especially your cryptocurrency. </p><p>Cara Lin from Fortinet states, "LokiBot is a long-standing and widespread malware active for many years," Lin said. "Its functionalities have matured over time, making it easy for cybercriminals to use it to steal sensitive data from victims. The attackers behind LokiBot continually update their initial access methods, allowing their malware campaign to find more efficient ways to spread and infect systems."</p><p>So please remember to remain diligent about not opening suspicious emails, and do not open Word documents from email addresses you do not recognize. Also, you should look at our <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps">best antivirus page</a> to see if you can increase your security level. </p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ WormGPT: ChatGPT’s evil twin should have us all deeply concerned ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/wormgpt-chatgpts-evil-twin-should-have-us-all-deeply-concerned</link>
                                                                            <description>
                            <![CDATA[ There’s a new AI in town — WormGPT, and unlike Chat GPT, Bing Chat, or Bard, it’s not here to make your life any easier. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">risBJQ6MzayqNc8K94Zjhj</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6h7JjnP9HfWC7uTVFMc3xh-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Mon, 17 Jul 2023 14:30:29 +0000</pubDate>                                                                                                                                <updated>Mon, 17 Jul 2023 14:30:35 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                <author><![CDATA[ rael.hornby@futurenet.com (Rael Hornby) ]]></author>                    <dc:creator><![CDATA[ Rael Hornby ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/mHBEvtDnBfXRumgmoVGtvf.jpeg ]]></dc:source>
                                                                <dc:description><![CDATA[ &lt;p&gt;Rael Hornby, potentially influenced by far too many LucasArts titles at an early age, once thought he’d grow up to be a mighty pirate. However, after several interventions with close friends and family members, you’re now much more likely to see his name attached to the bylines of tech articles. While not maintaining a double life as an aspiring writer by day and indie game dev by night, you’ll find him sat in a corner somewhere muttering to himself about microtransactions or hunting down promising indie games on Twitter.&lt;/p&gt; ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6h7JjnP9HfWC7uTVFMc3xh-1280-80.jpg">
                                                            <media:credit><![CDATA[Laptop Mag / Rael Hornby]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Corrupt ChatGPT logo above binary code, with WormGPT wriggling through it.]]></media:description>                                                            <media:text><![CDATA[Corrupt ChatGPT logo above binary code, with WormGPT wriggling through it.]]></media:text>
                                <media:title type="plain"><![CDATA[Corrupt ChatGPT logo above binary code, with WormGPT wriggling through it.]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6h7JjnP9HfWC7uTVFMc3xh-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>ChatGPT has taken the world by storm, racking up over 100 million users since its launch late last year. OpenAI’s chatbot has put artificial intelligence on the map in a big way, sparking a number of follow-ups like <a href="https://www.laptopmag.com/features/bing-ai-was-the-friend-i-always-wanted-but-microsoft-is-ruining-it" target="_blank">Microsoft Bing Chat</a> and <a href="https://www.laptopmag.com/news/the-internet-is-now-google-bards-to-consume" target="_blank">Google Bard</a> in its wake. However, there’s a new AI in town — WormGPT, and it’s not here to make your life any easier.</p><p>WormGPT isn’t an AI chatbot developed to amusingly offer the invertebrate AI assistance of a wriggly invertebrate ala the feline-focused <a href="https://www.tomsguide.com/how-to/how-to-use-catgpt-what-is-catgpt" target="_blank"><u>CatGPT</u></a>. Instead, it’s a far more malicious tool designed without ethical boundaries for the sole purpose of bolstering productivity, raising effectiveness, and lowering the bar for entry of your common garden variety cybercriminal. </p><h2 id="wormgpt-artificial-iniquity">WormGPT: Artificial iniquity</h2><p>Shamelessly presented as a blackhat alternative to current <a href="https://www.laptopmag.com/news/gpt-4-is-here-5-ways-its-better-than-chatgpt" target="_blank">GPT</a> models, WormGPT could potentially become the most useful tool in the criminal arsenal since the invention of the Jimmy bar or balaclava.</p><p>Doing away with all of that ethical bottlenecking of generative AI models, WormGPT provides anyone with a spare €60 the gateway to AI-assisted criminalities including phishing attacks, social engineering techniques, and even the creation of custom malware.</p><p>Powered by GPTJ (Generative Pre-trained Transformer model with JAX) language model, WormGPT has similar capabilities to other Large Language Models (LLMs) — making it able to generate human-like answers to queries and questions along with providing generative responses on trained data.</p><p>It’s believed the primary focus of WormGPT’s training revolved around malware and phishing, with one of the tool’s primary features being its ability to compose convincing and sophisticated phishing communications in order to further business email compromise (BEC) attacks.</p><p>In plain old human speak, the bar for entry when it comes to cybercrime has now been lowered to such a degree that if you were listening closely over the weekend you might have heard the distant echo of said bar bouncing off of Satan’s skull.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1920px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="3SadRTt6R4cwiDHt7ioi6N" name="disturbingailede.jpg" alt="AI face with machine code eyes" src="https://cdn.mos.cms.futurecdn.net/3SadRTt6R4cwiDHt7ioi6N.jpg" mos="" align="middle" fullscreen="" width="1920" height="1080" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Wired)</span></figcaption></figure><h2 id="the-dark-side-of-the-boom">The dark side of the boom</h2><p>It was only a matter of time before it happened, and you’d have been nigh on crazy to assume the AI boom would only include friendly chatbots, generative art, and easy ways to cheat on your homework.</p><p>In fact, the list of <a href="https://www.laptopmag.com/features/the-5-most-disturbing-ways-ai-is-currently-being-used" target="_blank"><u>disturbing ways AI is currently being used</u></a> grows larger every day, and the release of WormGPT could be the first undeniable proof that we’re flying headfirst into a cybersecurity hellscape of epic proportions.</p><p>Security analysts have been in a tizzy about the potential of cybercriminals weaponizing AI for some time, with just a thin buffer zone of oft-easily skirted ethical roadblocks standing in the way of the intent of bad actors. A buffer zone increasingly eroding due to mass attempts to “jailbreak” the ChatGPT software into acting without restrictions.</p><p>Juhani Hintikka, CEO of cyber security firm WithSecure, <a href="https://www.infosecurity-magazine.com/news/ai-create-malware-withsecure/" target="_blank"><u>recently confirmed</u></a> in an interview that the company has observed malware samples being generated by ChatGPT already — and that the generative nature of LLMs like it allows for the results to be generated in “many different variations,” with these tools spawning mutated versions of malicious code that makes it “harder for defenders to detect.”</p><p>In essence, our ability to defend against a potential tsunami of security threats could be pushed to its very limits as highly customized, unique, and varied malware is generated in mere moments by AI tools like ChatGPT, and WormGPT.</p><h2 id="outlook-7">Outlook</h2><p>With the first AI chatbot specifically for criminal and nefarious deeds being so brazenly announced, there’s no doubt it&apos;s just the first of many ever-advancing, ever-improving models ne&apos;er-do-wells will have to choose from in the near future.</p><p>Ironically, AI will increasingly become a vital tool to prevent the flood of AI-generated cybercrime over the coming years — an AI arms race to see which side is more proficient in its prompts.</p><p>The doomsday clock currently sits at 90 seconds to midnight, pushed part of that way by our rapid adoption of disruptive technologies. Meanwhile, the digital doomsday clock that monitors our internet security might as well be seconds away from midnight.</p><p>So maybe it&apos;s time to all climb into our antivirus Anderson shelters, and fill our bellies with MRE Malwarebytes as we await the only likely outcome as two disruptive forces come together on the digital landscape — mutually assured destruction.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Yikes! Microsoft Teams exploit revealed by US Navy — here's how to stop it ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/yikes-microsoft-teams-exploit-revealed-by-us-navy-heres-how-to-stop-it</link>
                                                                            <description>
                            <![CDATA[ The US Navy's hacker squad found a way to breach Microsoft Teams' security, but the company doesn't seem too concerned, which is very concerning. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4BNbFjByBL2WPsGJATwWoc</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/5yRewC44LRvYbzkxCAVaj6-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 06 Jul 2023 20:30:48 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/5yRewC44LRvYbzkxCAVaj6-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Microsoft Teams has a massive security problem, the US Navy]]></media:description>                                                            <media:text><![CDATA[Microsoft Teams has a massive security problem, the US Navy]]></media:text>
                                <media:title type="plain"><![CDATA[Microsoft Teams has a massive security problem, the US Navy]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/5yRewC44LRvYbzkxCAVaj6-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>According to a report on <a href="https://www.neowin.net/news/a-member-of-the-us-navy-created-a-tool-made-to-exploit-a-microsoft-teams-flaw/">Neowin,</a> a member of the US Navy exploited a flaw in Microsoft Teams&apos; code. Hypothetically it could be used by hackers to send malicious attachments to a Teams group from an outside source. </p><p>Alex Reid, a member of the US Navy&apos;s Red Team (a cybersecurity team within the Navy), published the "TeamsPhisher" tool on <a href="https://github.com/Octoberfest7/TeamsPhisher">GitHub</a>. The Red Team&apos;s stated purpose is to simulate hacker attacks and then create solutions to use in defense against these hacker attacks. </p><h2 id="how-to-protect-against-this-microsoft-teams-exploit">How to protect against this Microsoft Teams exploit</h2><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:722px;"><p class="vanilla-image-block" style="padding-top:57.48%;"><img id="fnmAm8GurERWSL7TeqPgLG" name="Screenshot 2023-07-06 at 3.34.51 PM.png" alt="Microsoft Teams has a massive security problem, the US Navy" src="https://cdn.mos.cms.futurecdn.net/fnmAm8GurERWSL7TeqPgLG.png" mos="" align="middle" fullscreen="" width="722" height="415" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>According to the README file on GitHub, businesses using Teams can circumvent exploits like the TeamsPhisher and block it from accessing user meetings" by managing the options related to external access via the Microsoft Teams admin center under Users -> External access." Teams admins can set up a "universal block as well as allowing only specific external tenants for communications."</p><p>For its part, a Microsoft spokesperson responded to <a href="https://www.bleepingcomputer.com/news/security/new-tool-exploits-microsoft-teams-bug-to-send-malware-to-users/">Bleeping Computer</a>, stating that they were aware of the report, but noted the exploit relies on social engineering to be successful. Then Microsoft encouraged its users "to practice good computing habits online, including exercising caution when clicking on links to web pages, opening unknown files, or accepting file transfers."</p><p>To me, it sounds like Microsoft doesn&apos;t see this as a major issue, and that it is up to users of Microsoft Teams to police themselves and not accept or open files or links of unknown origins.</p><p>This is good basic advice for any time you&apos;re using the internet, but it seems a little dismissive in the grand scheme of things because it&apos;s been proven by the US Navy your product is broken and needs to be fixed.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ These 34 Google Chrome Extensions may steal your credit card info — delete 'em before you're toast ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/these-34-google-chrome-extensions-may-steal-your-credit-card-info-delete-em-before-youre-toast</link>
                                                                            <description>
                            <![CDATA[ Be careful with the Google Chrome Web Store. Although the search engine giant hosts countless Chrome Extensions for download, some of them may be malicious. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">raWmJCCBfERqMd9QWcoWsb</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/DXiopRJHvJDZUXNNC4Hc84-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 05 Jul 2023 22:00:24 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Kimberly Gedeon ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/5dnFvosdQ4xpGod6qS6KZc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/DXiopRJHvJDZUXNNC4Hc84-1280-80.jpg">
                                                            <media:credit><![CDATA[Google/Getty Images/Ysr Dora]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Google Chrome Web Store with shocked face]]></media:description>                                                            <media:text><![CDATA[Google Chrome Web Store with shocked face]]></media:text>
                                <media:title type="plain"><![CDATA[Google Chrome Web Store with shocked face]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/DXiopRJHvJDZUXNNC4Hc84-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>The Google Chrome Web Store is the most popular destination for extensions, which lets users to extend the functionality of their browsers. For example, the <a href="https://chrome.google.com/webstore/detail/netflix-party-is-now-tele/oocalimimngaihdkbihfgmpkcpnmlaoa">Teleparty extension</a> lets me host a Netflix party with friends, allowing us to watch the same show or movie simultaneously.</p><p>However, according to a new report from <a href="https://usa.kaspersky.com/blog/dangerous-chrome-extensions-87-million/28561/">Kaspersky</a>, you may want to be careful about what you download on the Chrome Web Store. Cybersecurity researchers discovered that the search-engine giant was inadvertently hosting over 30 malicious Chrome Extensions in the popular online store.</p><h2 class="article-body__section" id="section-34-malicious-chrome-extensions-invaded-the-web-store"><span>34 malicious Chrome Extensions invaded the Web Store</span></h2><p>The malicious Chrome extensions were uploaded to the Chrome Web Store in 2021 and 2022. In other words, these extensions were sitting the Web Store for at least six months before cybersecurity researchers stepped in to analyze them for the aforementioned Kaspersky report.</p><p>Many of them are ad blockers and VPNs; take a look at the list below:</p><ul><li>Autoskip for Youtube</li><li>Soundboost</li><li>Crystal Adblock</li><li>Brisk VPN</li><li>Clipboard Helper</li><li>Maxi Refresher</li><li>Quick Translation</li><li>Easyview Reader view</li><li>PDF Toolbox</li><li>Epsilon Ad blocker</li><li>Craft Cursors</li><li>Alfablocker ad blocker</li><li>Zoom Plus</li><li>Base Image Downloader</li><li>Clickish fun cursors</li><li>Cursor-A custom cursor</li><li>Amazing Dark Mode</li><li>Maximum Color Changer for Youtube</li><li>Awesome Auto Refresh</li><li>Venus Adblock</li><li>Adblock Dragon</li><li>Readl Reader mode</li><li>Volume Frenzy</li><li>Image download center</li><li>Font Customizer</li><li>Easy Undo Closed Tabs</li><li>Screence screen recorder</li><li>OneCleaner</li><li>Repeat button</li><li>Leap Video Downloader</li><li>Tap Image Downloader</li><li>Qspeed Video Speed Controller</li><li>HyperVolume</li><li>Light picture-in-picture</li></ul><p>Fortunately, Google took them all down, but Kaspersky noted that it took two big-name cybersecurity firms, including itself, before the search engine giant took action to remove these malicious Chrome Extensions.</p><p>Among some of the reviews, there were complaints from users about the extensions swapping out addresses in search results with adware links, but according to Kaspersky, "ordinary users&apos; complaints generally go unheeded."</p><h2 class="article-body__section" id="section-what-can-these-malicious-extensions-do"><span>What can these malicious extensions do?</span></h2><p>Kaspersky said that browser extensions are breeding grounds for malicious cybercriminal activity because users give them high-level access. Most browser plugins ask your permission to read and change your data on all websites. In other words, ill-intentioned actors can see everything you do and follow all the sites you visit. Plus, they can change the contents of any page.</p><p>As such, malicious browser extensions can do the following</p><ul><li>Track your activity to collect and sell information about you</li><li>Steal card details and account credentials</li><li>Embed ads in web pages</li><li>Substitute links in search results</li><li>Replace the browser's home page with an advertising link</li></ul><p>What&apos;s worse is that a browser extension may play an innocent game at first, but with the owner&apos;s command, it can transform into a malicious plugin. </p><h2 class="article-body__section" id="section-how-did-these-malicious-chrome-extensions-get-caught"><span>How did these malicious Chrome Extensions get caught?</span></h2><p>A Chrome extension named PDF Toolbox alarmed cybersecurity investigator Vladimir Palant when he, upon close inspection, discovered a suspicious extraneous functionality. It had the ability to access a site that "loaded arbitrary code on all pages viewed by the user," according to the Kaspersky report.</p><p>Interestingly, PDF Toolbox has a large user page, good reviews, two million downloads, and an average score of 4.2.</p><p>This deceptive Chrome extension impelled Palant to see if there were any more infected plugins hiding out in the Web Store, and of course, he found plenty — an additional 33 to be exact.</p><h2 class="article-body__section" id="section-how-to-delete-a-chrome-extension"><span>How to delete a Chrome Extension</span></h2><p>Kaspersky said that Google&apos;s moderators do an awful job at vetting the security and safety of the extensions that it hosts in the Google Chrome Web Store. If you&apos;re concerned about an extension you currently have installed, here are the steps you can take to remove it:</p><p>1<strong>. </strong>Click on the the triple-dot <strong>Settings </strong>icon</p><p>2. Go to <strong>Extensions.</strong></p><p>3. Click on <strong>Manage Extensions.</strong></p><p>Here, you can click <strong>Remove </strong>on any suspicious extensions you feel have malicious intent.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ How to find stalkerware on Android — 3 signs a creep is tracking you and how to stop it ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/how-to/How-to-find-and-remove-stalkerware-on-Android</link>
                                                                            <description>
                            <![CDATA[ Here's how to find and remove stalkerware on Android if you are concerned about your mobile privacy. A few simple steps can put your mind at ease that no one is monitoring your phone. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">sqP4gJMs5557Jgr7WCbHsR</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/bPvNoZiKnAXc4EjrrqgSZK-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 04 Jul 2023 06:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/bPvNoZiKnAXc4EjrrqgSZK-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Sorbetto]]></media:credit>
                                                                                                                                                                        <media:description><![CDATA[Spyware]]></media:description>                                                            <media:text><![CDATA[Spyware]]></media:text>
                                <media:title type="plain"><![CDATA[Spyware]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/bPvNoZiKnAXc4EjrrqgSZK-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>If you are wondering how to find and remove stalkerware on Android, you may have caught the recent news that a <a href="https://www.laptopmag.com/news/this-hidden-spyware-app-was-hacked-revealing-thousands-of-users-data-was-it-on-your-phone">popular Android spyware app was hacked</a>. Or perhaps you&apos;re wary of your mobile privacy and you want to tighten up as many security holes as you can.</p><p>Android devices keep us connected, help us navigate, and are an indispensable daily tool in our lives, but that also makes them the perfect target for stalkerware and spyware.</p><p>While some of these apps can be quite devious about how they hide on your device, our guide will help you find and remove stalkerware on Android no matter which method they try to use. So follow along and we&apos;ll make sure no one is snooping on your mobile activities.</p><h2 class="article-body__section" id="section-how-to-make-sure-you-aren-t-being-tracked-by-stalkerware-on-android"><span>How to make sure you aren't being tracked by stalkerware on Android</span></h2><p>There are a few simple ways to find and remove stalkerware from your Android device. (If you are an iPhone user, we have a guide on <a href="https://www.laptopmag.com/how-to/how-to-find-and-remove-stalkerware-on-iphone">how to find and remove stalkerware on iPhone</a>). One thing to be aware of is that the apps often won&apos;t use their full name to help them stay hidden, in that aforementioned spyware hack the "LetMeSpy" app for example showed as "LMS" on the victim&apos;s device, so keep that in mind when you are searching for spyware.</p><h2 class="article-body__section" id="section-google-play-protect"><span>Google Play Protect</span></h2><p>For Android users, the first step is to make sure Google Play Protect is active. This is a feature introduced on Android over ten years ago now that scans apps both on install and periodically on your device to ensure that they aren&apos;t doing anything malicious. It&apos;s turned on by default, so if it is turned off, that is a strong indicator right away that someone has been tampering with your device. </p><p>To check whether Google Play Protect is enabled, go to <strong>Settings > Security > Play Protect</strong>. If it&apos;s active you&apos;ll see a "Scan" button in the middle of the screen, if not you&apos;ll see a button that says "Turn on."</p><h2 class="article-body__section" id="section-device-admin-apps"><span>Device Admin apps</span></h2><p>Next up, you&apos;ll want to check for a device admin app installed on your phone. These profiles can give an app essentially full control over the device without your knowledge. This one is simple to check as well, just navigate to <strong>Settings > Security > Device admin apps</strong>. In almost all cases it should say "No active apps." The only case where there would be something here is if you have a legitimate device admin through your work, school, or a parental control app. Assuming one of those doesn&apos;t apply to you and you see a device admin app listed just tap on it to remove it from your device.</p><h2 class="article-body__section" id="section-accessibility-settings"><span>Accessibility settings</span></h2><p>Finally, you can take a peek at Accessibility, this would be an alternative path for an app to gain the kind of sweeping permissions it needs to track all of the activities on your phone. Navigate to <strong>Settings > Accessibility </strong>and ensure that you know every app listed under "Downloaded apps" or "Accessibility services." If you see anything out of the ordinary there toggle it to off and then go to <strong>Settings > Apps > See all apps</strong> and then select that app from the list and tap "Uninstall."</p><p>That&apos;s it, if you&apos;ve made it through without spotting anything nefarious then you can feel confident that your device is free of stalkerware, and if not then we&apos;ve squashed whatever app was trying to peep on your private phone pursuits. Either way, you can now enjoy your mobile privacy in peace.</p><p><em>Stalkerware is often used in cases of domestic abuse. For anonymous and confidential help, the National Domestic Violence Hotline can be reached 24/7 at 1-800-799-7233.</em></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Are you sure that's Telegram? Convincing fake app can steal your login credentials ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/are-you-sure-thats-telegram-convincing-fake-app-can-steal-your-login-credentials</link>
                                                                            <description>
                            <![CDATA[ According to researchers at Check Point, there's a malicious app masquerading as the Telegram app, and it looks legit, too. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">E7QXyfTFERcevunes5adeV</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/6gaCWNMK5KA3ur99HeDvuX-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Fri, 30 Jun 2023 22:00:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Kimberly Gedeon ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/5dnFvosdQ4xpGod6qS6KZc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/6gaCWNMK5KA3ur99HeDvuX-1280-80.jpg">
                                                            <media:credit><![CDATA[Telegram/Getty Images]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Faux Telegram app]]></media:description>                                                            <media:text><![CDATA[Faux Telegram app]]></media:text>
                                <media:title type="plain"><![CDATA[Faux Telegram app]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/6gaCWNMK5KA3ur99HeDvuX-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>There&apos;s a faux Telegram app masquerading as the <em>real </em>messaging app, and according to researchers at <a href="https://blog.checkpoint.com/security/dont-be-fooled-by-app-earances-check-point-researchers-spot-hidden-malwares-behind-legitimate-looking-apps/">Check Point</a>, it&apos;s convincing, too. From the identical launch page to the authentication process, the imposter app flows similarly to the original version. "The user has no reason to suspect anything out of the ordinary is happening on the device," the Check Point report said.</p><p>Unfortunately, this Telegram app can fool the best of us, and according to Check Point, once it gets a hold of your device, it can unleash malware hell on your Android phone via a trojan called "Triada."</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1184px;"><p class="vanilla-image-block" style="padding-top:36.40%;"><img id="eAjCVwfmfgfbSfwMAnfCSD" name="Annotation-2023-06-21-143133 (1).jpg" alt="Telegram Triada Trojan" src="https://cdn.mos.cms.futurecdn.net/eAjCVwfmfgfbSfwMAnfCSD.jpg" mos="" align="middle" fullscreen="" width="1184" height="431" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="caption-text">Telegram Triada Trojan </span><span class="credit" itemprop="copyrightHolder">(Image credit: Check Point)</span></figcaption></figure><h2 class="article-body__section" id="section-triada-is-lurking-in-telegram"><span>Triada is lurking in 'Telegram'</span></h2><p>There&apos;s a malware campaign in which malicious actors are disguising Triada as Telegram Messenger version 9.2.1. Unwitting victims, believing that they&apos;re using a trusted apps, end up granting it permissions to access their call logs and phone calls. </p><p>In the background, according to Check Point researchers, the following steps are taking place:</p><p>1. The malware gathers your device&apos;s information.</p><p>2. It sets up a communication channel.</p><p>3. It downloads a configuration file and awaits the reception of a payload from a remote service.</p><p>4. The payload is decrypted and launched; Triada can now wreak havoc on your device.</p><h2 class="article-body__section" id="section-what-can-triada-do"><span>What can Triada do?</span></h2><p>Once Triada gets its claws on your Android device, it can perform the following malicious tasks:</p><ul><li><strong>Sign you up for various paid subscriptions</strong></li><li><strong>Perform in-app purchases using your SMS and phone number</strong></li><li><strong>Display advertisements, including invisible ads running secretly in the background</strong></li><li><strong>Steal login credentials</strong></li><li><strong>Snag sensitive device information</strong></li></ul><p>To keep Triada at bay, make sure to never download apps from standalone websites nor third-party app stores. There&apos;s a chance that the apps in these unofficial stores may be maliciously modified. If you want Telegram, download it directly from the Google Play Store.</p><p>If you suspect that your Telegram app isn&apos;t legit, delete it immediately and download <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps">one of the best mobile antivirus apps</a> for your device.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ Apple’s encrypted messaging is in danger in the UK — here’s why ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/apples-encrypted-messaging-is-in-danger-in-the-uk-heres-why</link>
                                                                            <description>
                            <![CDATA[ Lawmakers in the UK are seeking access to your personal messages, and companies like Apple and Meta are ready to fight. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">w9BDjM7xHV2EfM6oDpq7pR</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/2e8R7tnCbBXXLsgMbEY5cf-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Thu, 29 Jun 2023 21:01:40 +0000</pubDate>                                                                                                                                <updated>Fri, 30 Jun 2023 01:52:40 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Mark Anthony Ramirez ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/o2ksbBWvEwbexRxf4oXqCc.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/2e8R7tnCbBXXLsgMbEY5cf-1280-80.jpg">
                                                            <media:credit><![CDATA[Future]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Apple’s encrypted messaging is in danger in the UK — here’s why]]></media:description>                                                            <media:text><![CDATA[Apple’s encrypted messaging is in danger in the UK — here’s why]]></media:text>
                                <media:title type="plain"><![CDATA[Apple’s encrypted messaging is in danger in the UK — here’s why]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/2e8R7tnCbBXXLsgMbEY5cf-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>According to a report in <a href="https://arstechnica.com/tech-policy/2023/06/apple-says-uk-online-safety-bill-is-serious-threat-to-end-to-end-encryption/">arsTechnica</a>, Apple, along with other organizations and tech companies, are opposing the <a href="https://bills.parliament.uk/bills/3137">Online Safety Bill</a> brought forth by conservative members of Parliament. According to Apple, the new bill is a threat to end-to-end encryption that protects the privacy of personal messages. </p><p>Apple, in a statement given to the <a href="https://www.bbc.com/news/technology-66028773">BBC</a>, said " "End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats," The company went on to say, "It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection and could put U.K. citizens at greater risk. Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all."</p><p>The BBC quoted a U.K. government rep saying, "companies should only implement end-to-end encryption if they can simultaneously prevent abhorrent child sexual abuse on their platforms." The bill in question hasn&apos;t been finalized yet, and the U.K. regulator, who would be in charge of Ofcom, discussed its preparations for this newly expanded role stating, "the bill is in "the final stages of the parliamentary process." The bill, which <a href="https://arstechnica.com/tech-policy/2023/01/uk-lawmakers-vote-to-jail-tech-execs-who-fail-to-protect-kids-online/">includes criminal penalties</a> like imprisonment, was approved by the House of Commons in January and is nearing approval in the House of Lords."</p><p>As negotiations continue, there are changes expected to the bill. However, whether the mandatory scanning of encrypted messages will be addressed or removed from the account is unknown. However, conservatives fiercely oppose any changes, as they feel they&apos;re trying to protect the world from terrorists and child sexual predators.</p><h2 id="it-apos-s-not-just-apple-that-apos-s-concenred">It&apos;s not just Apple that&apos;s concenred</h2><p>Apple isn&apos;t alone in its opposition to the bill; WhatsApp and Signal also oppose the nose, with Signal saying they would stop offering services in the U.K. if it becomes law and they&apos;re pushed to lower the level of privacy its encryption provides. <a href="https://www.laptopmag.com/news/whatsapp-users-can-now-share-their-screen-on-a-windows-pc-how-to-do-it">WhatsApp</a>, part of Meta, told the BBC last year it would not reduce its security or encryption standards. </p><p>Oddly enough, Apple 2021 got into a heap of trouble when they said they would scan iPhones for illicit images of children, as security experts balked at such a notion, and eventually, Apple strayed from its plan. According to the Open Rights Group, the UK law would be the first to allow the scanning of people&apos;s private messages. </p><p>They said that changes could be made to the law that improves the integrity of personal privacy. One change would be in how the law is worded, stating, " Removing the word &apos;privately&apos; from the draft legislation could preserve the security and privacy of billions of messaging app users," the Open Rights Group said, referring to a requirement to identify illegal content in private messages." </p><p>The proposed U.K. law could also set off a storm of new rules the world over, which could find the users of encrypted messaging apps very uncomfortable and also create a massive landscape filled with lawsuits that will be battled out in the courts for years to come.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1600px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="c3BNUnhs3pPBxN6jsrMxaM" name="New Project (6).jpg" alt="Apple’s encrypted messaging is in danger in the UK — here’s why" src="https://cdn.mos.cms.futurecdn.net/c3BNUnhs3pPBxN6jsrMxaM.jpg" mos="" align="middle" fullscreen="" width="1600" height="900" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Future)</span></figcaption></figure><p>Especially when you consider that  Ofcom would be allowed to issue notices to service providers that will force them to "use accredited technology to identify CSEA [child sexual exploitation and abuse] content, whether communicated publicly or privately using the service, and to take down that content swiftly." </p><p>However, if the content in question is being sent between two private citizens, how did they find out in the first place? The blurry lines, loopholes, and loose definitions left open to interpretation are dangerous to personal privacy. </p><h2 id="final-thoughts-2">Final Thoughts</h2><p>The U.K. law does have some merit, as we have seen a massive upswing in child trafficking and sexual abuse. Also, the law focuses on the messages of possible terrorists, which we all hate terrorism. However, where are these conservatives regarding all speech shared and used to harm the LGBTQIA community? Where are these conservatives when encrypted messages are used to set up crimes against minorities and people of color? Racism is enormous on the internet, so I find this child sex crime and terrorism focus of conservatives in the UK or the US to be pure unadulterated nonsense and talking points they can sell to their conservative constituents. </p><p>If you create laws to protect children or prevent terrorism, you must also fight for and make laws that protect all people from these acts. It&apos;s a known fact that more minority children and children of color are abducted and are being sex trafficked the world over. It&apos;s also known that racist groups are committing crimes against minorities and using the internet to plot and execute these horrific crimes. </p><p>Also, who is to say such laws will not be abused and misused by those in power to go on witch hunts? It is a very slippery slope, and these are substantial privacy issues entangled in massive human and civil rights issues. Let&apos;s face it, neither the UK nor the US has an exemplary record. </p><p>In the end, yes, we need ways to identify terrorists and sexual abusers. Yes, we need ways to find human rights violators too. Still, when Conservatives, who are doing their level best worldwide to overturn every civil and human right possible, start pushing for laws that would invade your privacy, it&apos;s a major red flag. If you&apos;re a student of history and have ever read up on the <a href="https://en.wikipedia.org/wiki/McCarthyism">"Red Scare" or McCarthyism,"</a> this should frighten you to death. All they have to do is accuse you or anyone, hack into your phone or device, and create messages. Hell, they can have AI make a video of you committing crimes if they want. </p><p>I&apos;m not siding with giant corporations either, as they need to be held accountable for not having the courage and infrastructure to regulate the content shared on their sites or via harmful messaging apps. </p><p>We have reached a level of technological advancement that our legal system and laws have not kept up with, and it is time for the generations of us who grew up with the technology to start crafting and creating the legal structure to protect each and every one of us now and in the future.  </p><p><br></p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This hidden spyware app was hacked revealing thousands of users' data — was it on your phone? ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/this-hidden-spyware-app-was-hacked-revealing-thousands-of-users-data-was-it-on-your-phone</link>
                                                                            <description>
                            <![CDATA[ A popular spyware app distributed on almost 250,000 Android devices has been hacked according to its developer, revealing data on both the app's customers and those being monitored by it. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">4cruRLdD7EFszxt2StZyZQ</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/mByAc2TjCUHKCra5Fdj5MC-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Wed, 28 Jun 2023 17:40:32 +0000</pubDate>                                                                                                                                <updated>Wed, 28 Jun 2023 17:40:36 +0000</updated>
                                                                                                                                            <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/mByAc2TjCUHKCra5Fdj5MC-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Malte Mueller]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[spyware victim depicted with GPS pointer and giant eye]]></media:description>                                                            <media:text><![CDATA[spyware victim depicted with GPS pointer and giant eye]]></media:text>
                                <media:title type="plain"><![CDATA[spyware victim depicted with GPS pointer and giant eye]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/mByAc2TjCUHKCra5Fdj5MC-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Define irony: This hidden spyware app was hacked revealing its snooping customers&apos; data. </p><p>Apps for tracking what someone is doing on their phone are a big business, typically they are marketed to parents or companies for monitoring their children&apos;s or employees&apos; activities on their devices. However, these apps are also ripe for abuse by domestic partners and spouses, which is why these apps are sometimes called "stalkerware" or "spouseware."</p><p>LetMeSpy is a tracking app on Android that seems designed for this kind of misuse as it deliberately tries to avoid detection on the device and then quietly sends all of the text messages, call logs, and location data from the phone to the account holder. But now those account holders need to worry about being watched as LetMeSpy reported on June 21 that it was hacked and among the leaked data is information on 26,000 customers that used the free or paid version of the app (via <a href="https://techcrunch.com/2023/06/27/letmespy-hacked-spyware-thousands/">TechCrunch</a>).</p><h2 id="what-exactly-was-leaked">What exactly was leaked?</h2><p>Unfortunately, the leak included not only the data regarding the app&apos;s customers but also its victims. For the customers, it appears to be simply the email address associated with their account, although given the use case for this app that is still something many of them don&apos;t want to get out.</p><p>For the victims, the leaked data set includes text messages, call logs, and location data from at least 13,000 distinct devices. The call logs and text messages in some cases go all the way back to 2013, so it&apos;s a considerable trove of information regarding these individuals. While LetMeSpy has notified law enforcement and the Polish Data protection authority (that is where the developer is based), it is unclear at the moment whether the company can or will notify the victims of the data breach.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1968px;"><p class="vanilla-image-block" style="padding-top:56.25%;"><img id="mWXUV6Bqo8fD4ntNPyEckn" name="GettyImages-1344272149 Cropped.jpg" alt="Spyware" src="https://cdn.mos.cms.futurecdn.net/mWXUV6Bqo8fD4ntNPyEckn.jpg" mos="" align="middle" fullscreen="" width="1968" height="1107" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: Getty Images)</span></figcaption></figure><h2 id="how-to-make-sure-you-aren-apos-t-being-tracked-by-stalkerware-on-android">How to make sure you aren&apos;t being tracked by stalkerware on Android</h2><p>There are a few simple ways to find and remove stalkerware from your Android device. (If you are an iPhone user, we have a guide on <a href="https://www.laptopmag.com/how-to/how-to-find-and-remove-stalkerware-on-iphone">how to find and remove stalkerware on iPhone</a>). One thing to be aware of is that the apps often won&apos;t use their full name to help them stay hidden "LetMeSpy" for example only shows as "LMS" on the victim&apos;s device, so keep that in mind as we go spyware hunting.</p><p>For Android users, the first step is to make sure Google Play Protect is active. This is a feature introduced on Android over ten years ago now that scans apps both on install and periodically on your device to ensure that they aren&apos;t doing anything malicious. It&apos;s turned on by default, so if it is turned off that is a strong indicator right away that someone has been tempering with your device. </p><p>To check whether Google Play Protect is enabled just go to <strong>Settings > Security > Play Protect</strong>. If it&apos;s active you&apos;ll see a "Scan" button in the middle of the screen, if not you&apos;ll see a button that says "Turn on."</p><p>Next up, you&apos;ll want to check for a device admin app installed on your phone. These profiles can give an app essentially full control over the device without your knowledge. This one is simple to check as well, just navigate to <strong>Settings > Security > Device admin apps</strong>. In almost all cases it should say "No active apps." The only case where there would be something here is if you have a legitimate device admin through your work, school, or a parental control app. Assuming one of those doesn&apos;t apply to you and you see a device admin app listed just tap on it to remove it from your device.</p><p>Finally, you can take a peek at Accessibility, this would be an alternative path for an app to gain the kind of sweeping permissions it needs to track all of the activities on your phone. Navigate to <strong>Settings > Accessibility </strong>and ensure that you know every app listed under "Downloaded apps" or "Accessibility services." If you see anything out of the ordinary there toggle it to off and then go to <strong>Settings > Apps > See all apps</strong> and then select that app from the list and tap "Uninstall."</p><p>That&apos;s it, hopefully you didn&apos;t find anything, but if you did we&apos;ve got your device spyware-free again now.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
                                <item>
                                                            <title><![CDATA[ This sneaky Android trojan is stealing from victims' bank apps — do you have it on your phone? ]]></title>
                                                                                                                                                                                                <link>https://www.laptopmag.com/news/this-sneaky-android-trojan-is-stealing-from-victims-bank-apps-do-you-have-it-on-your-phone</link>
                                                                            <description>
                            <![CDATA[ The malicious Anatsa trojan returned to Google Play in March after a six-month hiatus and once again is infecting unsuspecting users and stealing their banking credentials to send money to the hackers. ]]>
                                                                                                            </description>
                                                                                                                                <guid isPermaLink="false">xFHLCkJkuyeoM3LEDwf5Xk</guid>
                                                                                                <enclosure url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" type="image/jpeg" length="0"></enclosure>
                                                                        <pubDate>Tue, 27 Jun 2023 10:30:00 +0000</pubDate>                                                                                                                                                                                                                                <category><![CDATA[Antivirus &amp; Cyber-security]]></category>
                                                    <category><![CDATA[Software]]></category>
                                                                                                                    <dc:creator><![CDATA[ Sean Riley ]]></dc:creator>                                                                                    <dc:source><![CDATA[ https://cdn.mos.cms.futurecdn.net/ApPanW9KEHmaKJg4bksTFd.jpg ]]></dc:source>
                                                                <dc:description><![CDATA[ null ]]></dc:description>
                                                                                                                                                                                                                                                <media:content type="image/jpeg" url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg">
                                                            <media:credit><![CDATA[Getty Images/Feodora Chiosea]]></media:credit>
                                                                                                                                                                                                                                    <media:description><![CDATA[Android banking trojan]]></media:description>                                                            <media:text><![CDATA[Android banking trojan]]></media:text>
                                <media:title type="plain"><![CDATA[Android banking trojan]]></media:title>
                                                    </media:content>
                                                    <media:thumbnail url="https://cdn.mos.cms.futurecdn.net/x2NVZWuaKVKnbQ3eVvjyzS-1280-80.jpg" />
                                                                                                                                                                    <content:encoded >
                            <![CDATA[
                            <article>
                                <p>Despite the many safeguards in the Google Play Store, it is once again playing host to a dangerous Android trojan posing as legitimate productivity apps to escape detection — once installed the hackers deploy their malware. This time the threat was identified by security researchers at <a href="https://www.tomsguide.com/news/these-android-apps-can-steal-your-banking-info-by-recording-your-screen-delete-them-now">ThreatFabric</a>, who revealed the latest incarnation can take over nearly 600 different banking apps to siphon off money from victims.</p><p>That&apos;s one of the most dangerous aspects of this particular trojan — it isn&apos;t just stealing your login credentials — it is taking over the banking apps on your Android phone so the transactions appear to be coming from you (via <a href="https://www.bleepingcomputer.com/news/security/anatsa-android-trojan-now-steals-banking-info-from-users-in-us-uk/">Bleeping Computer</a>).</p><p>The targeted apps include numerous major banks and stock trading apps like TD Bank, J.P. Morgan, Capital One, E-Trade, Schwab Mobile, and hundreds more, so the threat is substantial.</p><h2 id="delete-these-five-apps-now">Delete these five apps now!</h2><p>Per Bleeping Computer, Google reached out to confirm that it has removed the following apps from Google Play and the developers have been banned, but it is worth confirming that you didn&apos;t have any of these apps installed on your phone prior to their removal.</p><p>Not the most exciting list of apps, but the hackers are counting on a PDF reader being something that a user may need to quickly download to read a document without vetting the app carefully.</p><p>Once installed on the Android phone the dropper apps then download the actual Anatsa malware which begins stealing your credit card details, bank account information, and payment information through a combination of phishing pages and keylogging.</p><p>That information is in turn used to gain access to any of the almost 600 financial apps detected on the user&apos;s device. The security researchers at ThreatFabric indicated that "Since transactions are initiated from the same device that targeted bank customers regularly use, it has been reported that it is very challenging for banking anti-fraud systems to detect it." </p><p>The stolen money is converted into cryptocurrency and distributed through a network of accounts that keep a smaller portion before sending the rest on to the hackers.</p><figure class="van-image-figure  inline-layout" data-bordeaux-image-check ><div class='image-full-width-wrapper'><div class='image-widthsetter' style="max-width:1162px;"><p class="vanilla-image-block" style="padding-top:49.23%;"><img id="AsTNggLNRNGMr6GkMvPAsf" name="targeted-apps.jpg" alt="Part of the list of banking apps targeted by the Anatsa banking trojan" src="https://cdn.mos.cms.futurecdn.net/AsTNggLNRNGMr6GkMvPAsf.jpg" mos="" align="middle" fullscreen="" width="1162" height="572" attribution="" endorsement="" class=""></p></div></div><figcaption itemprop="caption description" class=" inline-layout"><span class="credit" itemprop="copyrightHolder">(Image credit: ThreatFabric)</span></figcaption></figure><h2 id="how-to-avoid-becoming-a-victim-of-a-banking-trojan">How to avoid becoming a victim of a banking trojan</h2><p>We still stress that downloading your apps from Google Play is far safer than any other source, but as the apps in question came from Google Play, here&apos;s what to look for even when downloading from Android&apos;s official app store.</p><p>Make sure you are downloading apps from known publishers that have substantial downloads and positive reviews. The truth is that apps like this do not typically last long in the Google Play Store and once they are caught, Google removes them and bans the developer as seen in this case. Will they pop up again? Of course, but it means that they don&apos;t have the time to build up a substantial track record so even if they pay for fake reviews they won&apos;t have years of positive reviews.</p><p>It&apos;s also important to note that Google Play Protect, which is on any device with Google Play Services, doesn&apos;t just try to detect malware when you install an app, but runs periodic scans of your apps to ensure that none of them have become infected with malware. If it detects a threat it can either disable or remove the app automatically from your device.</p><p>Combine this advice with one of the <a href="https://www.laptopmag.com/best-picks/best-antivirus-apps">best antivirus apps</a> and you should be able to keep your device safe from almost any malware threat.</p>
                                                            </article>
                            ]]>
                        </content:encoded>
                                                </item>
            </channel>
</rss>