Latest news with #KURT'STHE
Yahoo
20-04-2025
- Yahoo
Hackers using malware to steal data from USB flash drives
Cybercriminals are constantly finding new ways to steal your data. As people become more aware of common threats like phishing links, fake websites, fraudulent emails and impersonation scams, attackers are becoming more creative in their approach. One of the newer methods they are using involves targeting USB flash drives. It may seem surprising that they would focus on something as simple as a flash drive, but the data it holds can be valuable. Plus, flash drives can be used to spread malware to other devices. STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW USB drives are ubiquitous in workplaces, especially in environments with air-gapped systems or restricted internet access, such as those in government and energy sectors. This makes them an easy target for data theft and malware propagation. Often, these drives store sensitive files that are not available on networked systems. What Is Artificial Intelligence (Ai)? Read On The Fox News App When infected, USB drives can spread malware not just within a single organization but also across multiple entities if shared. These attacks don't rely on network vulnerabilities, allowing them to bypass traditional security tools. 200 Million Social Media Records Leaked In Major X Data Breach As reported by Kaspersky's Securelist, a cybersecurity research platform, hackers are using USB drives to spread malware in ways that can easily bypass traditional security systems. One group, known as GOFFEE, kicks off its attacks with targeted phishing emails. These emails often carry infected RAR files or Office documents with harmful macros. Once opened, they install sneaky programs like PowerModul and PowerTaskel on the victim's system. These tools don't just sit around. They lay the groundwork for more attacks. PowerModul, in particular, plays a big role. It's a PowerShell script introduced in 2024 that talks to a command-and-control (C2) server. From there, it can download and run other tools, including two especially dangerous ones, FlashFileGrabber and USB Worm. FlashFileGrabber is made to steal data from USB drives. It can either save stolen files locally or send them back to the hacker's server. Then there's USB Worm, which infects any USB drive it finds with PowerModul, turning that drive into a tool for spreading malware to other systems. What makes this method effective is that USB drives are often shared between people and offices. That physical movement allows the malware to spread even without an internet connection. The malware hides original files on the USB and replaces them with malicious scripts disguised as normal-looking shortcuts. When someone clicks one of these, they unknowingly trigger the infection. Malware Exposes 3.9 Billion Passwords In Huge Cybersecurity Threat 1. Don't plug in unknown USB drives: It might sound obvious, but this is one of the most common ways malware spreads. If you find a USB drive lying around or someone gives you one you weren't expecting, avoid plugging it into your system. Attackers often rely on human curiosity to get the malware onto your machine. 2. Be extra cautious with email attachments: GOFFEE's campaigns often begin with phishing emails carrying malicious RAR files or Office documents with macros. Always double-check the sender's address and never open unexpected attachments, especially if they ask you to "enable macros" or come from unknown contacts. When in doubt, confirm through a different channel. 3. Avoid clicking on suspicious links and use strong antivirus software: Many attacks like GOFFEE's start with emails that look legitimate but contain malicious links. These links might lead you to fake login pages or silently download malware that sets the stage for USB-targeting tools like PowerModul. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 4. Scan USB drives before use: The USB Worm infects USB drives by hiding original files and planting malicious scripts disguised as shortcuts, which trigger PowerModul when clicked. FlashFileGrabber also steals files silently from USBs, often going unnoticed. Always scan USB drives with updated antivirus software before opening any files. Use a reputable security tool to check for hidden scripts, unusual shortcuts or unexpected executables. If files appear renamed or hidden, don't click them until verified safe. Data Removal Does What Vpns Don't: Here's Why You Need Both Cybercriminals thrive where convenience meets oversight. However, it's worth considering why USBs remain such a soft target. They're not just storage but a cultural artifact of workplaces, especially in high-stakes sectors like energy or government, where offline data transfer feels safer than the cloud. But that trust is a blind spot. Attackers like GOFFEE don't need zero days because they can exploit human habits such as sharing drives, skipping scans and clicking without thinking. How often do you plug in a USB drive without scanning it first? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover Follow Kurt on his social channels Facebook YouTube Instagram Answers to the most asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's Exclusive Coupons and Deals Copyright 2025 All rights article source: Hackers using malware to steal data from USB flash drives
Yahoo
07-04-2025
- Yahoo
How to free up space on your Android
Is your Android running out of storage space again? Let's fix it with three simple tricks that can free up valuable space on your device. IPhone users, here's how to free up space on your device. Hidden files and folders often consume significant storage space. Here's how to clean them up: STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW Settings may vary depending on your Android phone's manufacturer. Read On The Fox News App Open your File Manager (it might be called "My Files"). Tap the three dots in the top-right. Select Settings. Enable "Show Hidden System Files". Now, let's go to the ".thumbnails" folder by tapping on the folder that says "My Files". Next, select "Internal Storage". Tap the Pictures folder. Then, click .thumbnails. Select "All" images. Then tap Delete. Confirm by clicking Move to Trash. By deleting the thumbnail folder, you'll free up valuable storage space on your Android by removing the small preview images of photos and videos stored on your device. Note, the file or folder will come back automatically as you browse photos again, so if you're constantly low on storage, clearing the .thumbnails folder every so often can help — but it's just a temporary fix. The system will rebuild it as needed. Now, go back twice by clicking the back arrow. Open "Movies" or "Downloads", and repeat the above steps to clear more space. Finally, find the Trash and click on it. Select "All". Tap Delete all. Confirm your decision by clicking Delete. Space Running Low? Securely Store Your Heavy Files With These Free Cloud Storage Solutions Google Photos offers a seamless way to manage photo storage without losing your memories. Here's how to free up space using Google Photos: Settings may vary depending on your Android phone's manufacturer. Open the Google Photos app. Tap your profile picture in the top-right corner. Choose Free up space on this device. Review the files and tap the blue bar at the bottom of the screen. Click Allow to clear local copies of photos already backed up. Your photos stay safe, but won't take up your phone's storage. Now, before deleting files in your downloads, movies, or .thumbnails folders, take a moment to review them. These may contain files you've saved intentionally, including important documents or personal media. While cleaning up unused files can free up space, be sure not to remove anything you still need. What To Do When Your Phone Storage Is Full Uninstalling unused apps can significantly free up storage space on your Android device. Here's how to uninstall unused apps: Settings may vary depending on your Android phone's manufacturer. Open Settings on your Android. Click on Apps or Apps and Notifications. Click the Filter and sort icon. Tap Uninstalled by you, then tap OK. What Is Artificial Intelligence (Ai)? Review your installed apps and identify those you no longer use. Uninstall these apps to free up space by clicking on the app. Click App details in store. Then, tap Uninstall. It'll ask you to confirm your decision by clicking Uninstall. Best Antivirus For Androids — Cyberguy Picks 2025 You can also delete unused files and images on Android. These are files or images you haven't edited in the past 30 days. Settings may vary depending on your Android phone's manufacturer. Navigate to Settings on your Android. Tap Device Care. Click Storage. Click Review old files. Tap All in the upper left-hand corner of the screen to free up space. Click Delete at the bottom of the screen. Confirm your decision by clicking Delete. By incorporating these steps, you can efficiently manage your Android device's storage and maintain optimal performance. Subscribe To Kurt's Youtube Channel For Quick Video Tips On How To Work All Of Your Tech Devices Running out of storage on your Android can be frustrating, but these tricks provide quick solutions to reclaim space without compromising essential data. By implementing simple strategies like deleting hidden clutter, leveraging Google Photos to free up space, and uninstalling unused apps, you can significantly improve your device's performance. Additionally, regularly reviewing and deleting old files can help maintain a clutter-free phone. What's the most surprising thing you've found taking up space on your device? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover. Follow Kurt on his social channels: Facebook YouTube Instagram Answers to the most-asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's Exclusive Coupons and Deals Copyright 2025 All rights article source: How to free up space on your Android
Yahoo
15-03-2025
- Yahoo
FBI warns of dangerous new ‘smishing' scam targeting your phone
Smishing is a type of phishing scam that works through text messages. The name comes from a mix of "SMS" and "phishing," since scammers use fake messages to trick people into giving away personal information. It's been around for a while, but lately, it's gotten so bad that even the FBI and several U.S. cities have started warning people. Hackers have set up over 10,000 fake websites to keep these scams going, targeting both iPhone and Android users with texts designed to steal their personal and financial information. STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW Cities across the United States are warning residents about an ongoing mobile phishing campaign in which scammers impersonate parking violation departments. The fraudulent text messages claim recipients have unpaid parking invoices and threaten a $35 daily fine if left unpaid. As reported by cybersecurity publication BleepingComputer, the latest wave of phishing texts has prompted alerts from multiple cities, including Annapolis, Boston, Greenwich, Denver, Detroit, Houston, Milwaukee, Salt Lake City, Charlotte, San Diego and San Francisco. The campaign, which began in December, remains active. The smishing texts claim to be from a government authority and instruct recipients to click a link to pay an alleged overdue fine. Read On The Fox News App "This is a final reminder from the City of New York regarding the unpaid parking invoice. A $35 daily overdue fee will be charged if payment is not made today," one fraudulent message says. The same phishing template has been observed in similar scams targeting residents of other cities. The FBI has also raised concerns about a broader smishing campaign affecting U.S. residents. In a recent alert, the agency warned that scammers have expanded beyond parking fines and are now impersonating road toll collection services. What Is Artificial Intelligence (Ai)? "Since early March 2024, the FBI Internet Crime Complaint Center (IC3) has received over 2,000 complaints reporting smishing texts representing road toll collection services from at least three states," the agency stated. "IC3 complaint information indicates the scam may be moving from state to state." Is The Ftc Calling You? Probably Not. Here's How To Avoid A New Phone Scam Targeting You A new report from cybersecurity firm Palo Alto Networks' Unit 42, the company's cybersecurity division specializing in threat intelligence and incident response, has uncovered that these scams are designed to steal sensitive information, including credit card and bank account details. What started as a scheme involving fraudulent toll payment notifications has now expanded to include fake delivery service alerts, tricking users into clicking malicious links. The scam appears to be operated by local cybercriminals using a toolkit developed by Chinese hacking groups. Notably, research from Unit 42 shows that many of the scam's root domains and fully qualified domain names use the Chinese .XIN top-level domain (TLD). The Dark World Of Facebook Ads Where Scammers Are Trying To Steal Your Money 1. Verify before you trust: Treat unsolicited texts with caution. If a message claims to be from a government agency or company, don't click any links or act immediately. Instead, verify the claim by contacting the organization directly using an official phone number or checking their verified website. 2. Avoid clicking suspicious links and use strong antivirus software: Scammers use links to direct you to fake websites that can steal your personal or financial information. Instead of clicking on any link in an unexpected text, manually type the known URL into your browser or search for the organization's official website. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 3. Keep your devices secure: Regularly update your devices' operating systems and apps to ensure you have the latest security patches. Consider installing reputable security software that can help detect phishing attempts and warn you about potentially dangerous websites or messages. 4. Use a password manager: A trusted password manager can help protect your sensitive information by automatically filling in credentials only on verified sites. This minimizes the risk of entering details on fraudulent websites and can alert you if a site doesn't match what's expected. Get more details about my best expert-reviewed Password Managers of 2025 here. 5. Report suspicious activity: If you receive a text that seems off, report it immediately to your mobile carrier, local law enforcement or the FBI's Internet Crime Complaint Center (IC3). Reporting helps authorities track down scammers and prevent further attacks. 6. Consider using a personal data removal service: Personal data removal services can help reduce your exposure to smishing attacks by removing your sensitive information — like phone numbers, addresses and email details — from data broker websites. Scammers often rely on these publicly available databases to target victims with personalized phishing texts. These services aren't foolproof, but they can make it harder for cybercriminals to find and exploit your information. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Energy-saving Scam Uses Elon Musk's Name – Here's The Truth I've been tracking these smishing scams, and it's clear they're evolving fast, from fake parking fines to bogus toll notifications. With the FBI and cities like New York, San Francisco and others sounding the alarm, I'm stepping up my own security game. As a general rule, if you receive a text from an unknown number or email address that's an out-of-the-blue greeting, asks you to click a link, pay a bill or respond in any way, just block it and report the number. It's better to be safe than sorry when it comes to protecting your personal information. Do you feel that mobile phone providers and tech companies are doing enough to protect users from these types of scams? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover Follow Kurt on his social channels Facebook YouTube Instagram Answers to the most asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's Exclusive Coupons and Deals Copyright 2025 All rights article source: FBI warns of dangerous new 'smishing' scam targeting your phone
Yahoo
18-02-2025
- Yahoo
Mac users beware: AI-powered malware threats are on the rise
Apple devices are believed to be pretty secure, and that's what the company will tell you. You might have seen the tagline "Privacy. That's Apple." in their promotions. However, the tech landscape is changing, and even Apple products aren't beyond cybercriminals' reach. A new report suggests Mac users will need to be more vigilant this year because AI advancements are helping hackers breach even the most secure systems. I have consistently reported on how Mac malware is targeting users, and experts now believe this will only get worse. STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT'S THE CYBERGUY REPORT NOW Mac malware is not what it used to be. For years, the biggest threats were annoying adware and browser hijackers, more of a nuisance than a real danger. But that is changing fast. As highlighted by Malwarebytes, a new wave of information stealers is taking over, and they are far more dangerous, going after passwords, authentication cookies, credit card details and even cryptocurrency. This shift started in mid-2023 with the arrival of Atomic Stealer, also known as AMOS, a piece of malware that looked much more like something you would see on Windows than the typical Mac threats. AMOS was not just effective. It was easy to use and sold as a service for $1,000 a month with a slick web-based control panel. That success led to the rise of even more dangerous variants. Read On The Fox News App What Is Artificial Intelligence (Ai)? One of them, Poseidon, launched in mid-2024 and quickly became the dominant Mac stealer, responsible for 70% of infections. It can drain over 160 different cryptocurrency wallets, steal passwords from browsers and password managers and even grab VPN credentials. At the same time, cybercriminals have doubled down on malvertising, using fake ads on Google and Bing to trick users into downloading malware instead of real software. These campaigns are highly targeted, allowing attackers to pinpoint Mac users and serve fake downloads based on their searches. With AI now being used to create and execute many of these attacks, they are likely to increase in scale. 4.3 Million Americans Exposed In Massive Health Savings Account Data Breach While Mac malware is evolving, the situation on Android is even more alarming. Phishing attacks on the platform have reached staggering levels, with thousands of malicious apps designed to steal credentials and bypass security measures. So far in 2024, researchers have detected 22,800 phishing-capable apps, alongside 3,900 apps designed to read OTPs from notification bars and 5,200 apps capable of extracting OTPs from SMS messages. These numbers highlight how widespread and effective Android phishing malware has become. Just like phishing emails, phishing apps trick users into handing over their usernames, passwords and two-factor authentication codes. Once stolen, these credentials can be sold or used for fraud, identity theft or further cyberattacks. Because phishing apps require minimal code and fewer permissions than traditional malware, they are much easier to sneak onto app stores, including Google Play. Many phishing apps look like regular, fully functional software. Some impersonate games or utilities, while others appear as cracked versions of popular apps like TikTok, WhatsApp or Spotify. Some stay dormant for days to avoid detection before launching their attacks. Others rely on ad functionality to redirect users to phishing sites, making the malicious code harder to trace. Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices. Massive Security Flaw Puts Most Popular Browsers At Risk On Mac Follow these essential tips to safeguard your devices from the latest malware threats, including the notorious info stealer malware. 1. Have strong antivirus software: The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 2. Be cautious with downloads and links: Only download software from reputable sources such as the Mac App Store, Google Play Store or official websites of trusted developers. Be wary of unsolicited emails or messages prompting you to download or install updates, especially if they contain links. Phishing attempts often disguise themselves as legitimate update notifications or urgent messages. 3. Keep your software updated: Ensure that both macOS, Android and all installed applications are up to date. Apple and Android frequently release security patches and updates that address vulnerabilities. Enable automatic updates for macOS, Android and your apps to stay protected without having to manually check for updates. If you need more help, see my guide on keeping all your devices updated. 4. Use strong and unique passwords: To protect your Mac from malware, it's also crucial to use strong, unique passwords for all your accounts and devices. Avoid reusing passwords across different sites or services. A password manager can be incredibly helpful here. It generates and stores complex passwords for you, making them difficult for hackers to crack. It also keeps track of all your passwords in one place and automatically fills them in when you log into accounts, so you don't have to remember them yourself. By reducing the number of passwords you need to recall, you're less likely to reuse them, which lowers the risk of security breaches. Get more details about my best expert-reviewed Password Managers of 2025 here. 5. Use two-factor authentication (2FA): Enable 2Fa for your important accounts, including your Apple ID, Google account, email and any financial services. This adds an extra step to the login process, making it harder for attackers to gain access even if they have your password. How To Remove Your Private Data From The Internet The days when Mac users could assume they were safe are long gone. Cybercriminals are evolving their tactics, with Mac malware shifting from simple adware to advanced information stealers. Android phishing apps are also becoming harder to detect and more widespread than ever. From stealing passwords and authentication cookies to intercepting OTPs and draining cryptocurrency wallets, these threats are growing in both sophistication and scale. No platform is immune, and as cybercriminals continue refining their techniques, users and organizations must stay ahead with strong security measures. Do you trust official app stores like the App Store and Google Play, or do you think they need to do more to prevent malware? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover Follow Kurt on his social channels Facebook YouTube Instagram Answers to the most asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) Copyright 2025 All rights article source: Mac users beware: AI-powered malware threats are on the rise
