alert Archives

AppWizard

March 21, 2026

FBI, CISA issue PSA on Russian intelligence campaign to target messaging apps

The FBI and CISA issued a joint public service announcement about Russian hackers targeting commercial messaging applications like Signal and WhatsApp. The hackers use social engineering tactics to deceive users into giving up account access, including impersonating support personnel and prompting users to click on malicious links or provide sensitive information. Although the hackers have not yet bypassed the apps' end-to-end encryption, compromised accounts can lead to serious consequences, such as reading messages and launching further phishing attacks. The agencies recommend that users enhance their cybersecurity measures to protect against these threats. This campaign is part of a broader trend to undermine the security of messaging apps, with previous warnings about spyware and attempts to infiltrate Signal users, especially in conflict zones.

AppWizard

March 20, 2026

Google introduces a new way for users to sideload Android apps that still protects against scams

Google has announced a new "advanced flow" setting that simplifies the process for Android users to install applications from sources outside the Play Store by allowing them to disable a verification requirement. This change responds to user demand for more flexibility in app installation, despite the associated risks of unverified applications. Previously, Google required all Android apps to be registered by verified developers to prevent malware and fraud. The new setting involves enabling developer mode, followed by a verification check to ensure users are not being scammed, a phone restart, and a protective waiting period of one day before confirming the change. Users can choose to enable the option to install apps from unverified developers for seven days or indefinitely, with a warning provided for unverified apps. Additionally, Google is offering free distribution accounts for students and hobbyists to share apps with a small group without ID verification. These changes follow a legal settlement with Epic Games, resulting in reduced Play Store commissions to 20% on in-app purchases.

AppWizard

March 19, 2026

Google To Impose 24-Hour Safety Wait To Activate Android App Sideloading

Google is introducing a mandatory 24-hour waiting period for sideloading apps from unverified developers on Android devices to enhance security and combat scams and malware. This new measure is part of an "advanced flow for sideloading" and follows a reconsideration of Google's previous policy requiring all app installations to come from verified developers. Users must enable developer mode, receive a warning prompt about potential scams, restart their devices, and then wait 24 hours before installing apps from unverified sources. This delay is intended to counteract the urgency exploited by scammers. The 24-hour delay applies only to unverified developers, while verified developers remain unaffected. The new sideloading process is set to roll out in August, initially in Brazil, Indonesia, Singapore, and Thailand, with a broader global implementation planned for 2027. In response to criticism, Google will offer free, limited distribution accounts for students and hobbyists to share apps without requiring identification or fees.

Tech Optimizer

March 19, 2026

How AI And Hacking Professionalism Are Overwhelming Endpoint Security

The digital landscape is transforming due to the professionalization of cybercrime, which is now a significant part of organized crime, second only to drug trafficking. Malware includes various types such as viruses, browser hijackers, password stealers, Trojans, botnet malware, and ransomware. Traditional antivirus solutions rely on signature-based detection, heuristic analysis, and behavior monitoring, but these methods can lead to false positives and negatives. The evolution of cybersecurity has seen the rise of "Ransomware-as-a-Service" (RaaS) and the use of polymorphic malware that changes its signature, making traditional defenses ineffective. Hackers are also using AI and machine learning to evade behavioral monitoring. New defense strategies include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR), which focus on monitoring for breaches rather than preventing them. Leading vendors in this space include CrowdStrike, SentinelOne, Microsoft, and Palo Alto Networks. The zero trust security framework treats all access attempts as potentially hostile and emphasizes the integration of various security technologies. Emerging startups like FinalAV Security are developing zero trust solutions for consumers and small businesses, focusing on prevention rather than detection.

Tech Optimizer

March 18, 2026

Stop! These 5 Antivirus Misconceptions Could Leave You Unprotected

Engaging with a computer exposes it to potential threats like trojans, ransomware, and malware. Antivirus software is essential for protection, but misconceptions exist about its use. 1. Antivirus subscriptions typically expire after a trial period of three to six months, requiring renewal, which can be checked in the software's 'About' section or 'Account' tab. Users should renew or install antivirus software if they haven't done so. 2. Setting antivirus subscriptions to auto-renew is advisable to prevent lapses in protection, with notifications sent before renewal dates. Some providers offer additional benefits with auto-renewal. 3. Disabling antivirus while gaming is risky; instead, users should look for a "game mode" feature that minimizes interruptions. 4. Antivirus alerts should not be dismissed as nuisances; they may contain important information regarding defenses or necessary actions. 5. Antivirus software alone does not ensure complete safety; additional tools like password managers and VPNs are recommended for enhanced security and privacy.

Tech Optimizer

March 17, 2026

Up to 86% Off Surfshark One — Lock in This All-in-One Cybersecurity Deal

Surfshark has launched the Surfshark One bundle, which includes a VPN, antivirus protection, data breach monitoring, alternative ID features, and private search capabilities. The 24-month plan offers significant savings, costing approximately .49 per month, while the 12-month plan costs .99 per month. The antivirus tool scans for malware and provides real-time monitoring. It also alerts users if their personal information appears in data breach databases, allowing them to take action. The private search tool ensures searches are not tracked or linked to personal profiles. All plans come with a 30-day money-back guarantee.

AppWizard

March 15, 2026

Meta rolls out scam warnings on Facebook, Messenger, WhatsApp

Meta has launched a suite of AI-driven tools to enhance security on Facebook and Instagram, responding to challenges from scammers. In 2025, Meta removed over 159 million fraudulent ads and collaborated with law enforcement, resulting in the disabling of more than 150,000 accounts and 21 arrests. New features include real-time warnings for suspicious friend requests on Facebook, a WhatsApp alert system for fraudulent device linking, and expanded scam detection in Messenger. No new security measures have been announced for Instagram, which is experiencing a rise in password reset emails. Meta aims to increase verified advertisers in high-risk ad categories to 90% of ad revenue by the end of 2026, up from 70%.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.

AppWizard

March 12, 2026

Fake Red Alert app used in Android spyware smishing

Acronis' Threat Research Unit has discovered a targeted campaign against Android users involving a counterfeit version of Israel's Red Alert rocket warning app that distributes spyware. The malicious software is spread through SMS messages that appear to be official communications from the Home Front Command, prompting users to download an "update." The fraudulent app mimics the legitimate safety tool, maintaining its rocket alert functionality to avoid detection. Once installed, the spyware collects sensitive data such as SMS messages, contacts, location information, device accounts, and a list of installed applications. This tactic, termed "smishing," combines SMS and phishing techniques. The malware uses sophisticated methods like certificate spoofing and runtime manipulation to bypass Android's signature checks, and it consists of a loader and a secondary component that executes the real alert application while the spyware operates in the background. The spyware monitors user permissions and can harvest SMS messages, contacts, and location data, adjusting its behavior based on the user's geographical position. It sends collected data to a remote command-and-control server, with the exfiltration endpoint identified as ra-backup[.]com. Acronis suggests this campaign may be linked to the group Arid Viper (APT-C-23), known for targeting Israeli interests with trojanized Android applications. Researchers recommend users only download apps from official sources, avoid sideloading packages from SMS links, and review app permissions carefully. They advise checking for the package name com.red.alertx on devices and performing a factory reset if found, along with changing credentials for any accessed accounts.

AppWizard

March 12, 2026

MediaDailyNews: Meta Launches Scam Detection, Parent-Linked WhatsApp Accounts

Meta has introduced a new feature for WhatsApp aimed at pre-teens, allowing parents to create parent-linked accounts to enhance control over their children's messaging and calling capabilities. Parents will need to link their devices with their children's phones, enabling them to manage who can contact their child and which groups they can join. Parents can also review message requests from unknown contacts and adjust privacy settings, secured by a parent PIN. This initiative responds to legal scrutiny regarding child safety and includes enhanced scam-detection tools across Meta's platforms, alerting users to potential scams and encouraging reporting of suspicious accounts.