It’s everywhere: Hackers uploaded a free survival game to Steam. PirateFi was live for a week on the super-popular gaming site, spreading malware. Today’s cybercriminals have too many tricks up their sleeves. You need real-time protection that’s smarter than they are. My pick, TotalAV, is $19 for the first year and works with Windows PCs, Macs, iPhones and Androids.
Your Wi-Fi was part of 2.7 billion records leaked
© Andrew Angelov | Dreamstime.com, © Denisismagilov | Dreamstime.com
I bet you’ve never heard of Mars Hydro. It’s a company headquartered in Communist China that makes Internet of Things (IoT) devices. Their speciality? LED lights and hydroponics equipment.
Security researcher Jeremiah Fowler (I had him on the show about other breaches, and he’s a smart, standup guy) was digging around and found they had a massive 1.17TB database online for anyone to see. There was no encryption and no password required.
The database contained 2,734,819,501 sensitive records. My first thought is why does a hydroponics company have so much data?
What is Mars Hydro?
Stick with me because it’s a mess. The records Fowler found belong to a California-registered company, LG-LED Solutions Limited. Within those are also database details and URLs to LG-LED Solutions, Mars Hydro and a company called Spider Farmer.
They make and sell grow lights, fans, cooling systems and other gear used for agriculture. Mars Hydro is based in Shenzhen, China, with warehouses in the U.S., U.K. and Australia.
So, why was an agriculture company collecting all this data and storing it all in an unsecured database? Probably because it’s the last place someone might look.
- Over 100 million Wi-Fi network names (SSIDs) with passwords
- IP addresses
- Device ID numbers
- All the devices connected to these Wi-Fi networks, including make, models and other details
- App error logs
When Fowler spotted the Mars Hydro code and asked if the app was involved, LG-LED dodged the question. Their only response? “This app is the official product of Mars Hydro.” Translation: They’re not denying it.
The Mars Hydro app page for Google Play (Android) shows over 10,000 downloads and an abysmal 1.9-star rating. I didn’t spot a single rating on the iPhone App Store, which is common for apps that aren’t all that popular.
Interestingly, the privacy section says no data is collected and nothing is shared with third parties. Well, we already know they lied about at least one of those things. The app store shows the same thing: “The developer does not collect any data from this app.”
Once the vulnerability was reported, the database was locked down. You can bet there are copies of the database floating around the Dark Web. But there’s a bigger picture here. This is not just about one bad data breach. It’s about negligence in the IoT industry.
How apps you use got hijacked into selling your location
Photo 48051554 © Kiosea39 | Dreamstime.com
Playing Candy Crush, swiping left on a dating app and checking your Yahoo inbox shouldn’t expose your location. I say shouldn’t, but those apps and thousands more were likely hijacked by data brokers who turned your personal info into cash.
60 million
Students and teachers impacted by a massive software breach. PowerSchool, used by 16,000 schools for grades and administration, was hacked. Cybercriminals got Social Security numbers, medical records and home addresses. In some cases, the data went back to the ‘80s. You should get a call if your info is impacted.
🚨 Hackers can steal your home without you even knowing: With just a forged signature, cybercriminals can take out loans in your name, drain your equity, and leave you with the mess. Home Title Lock monitors your title 24/7 and alerts you to any tampering because your biggest investment deserves the best protection. Click here to get a free home title history report, using code KIM250.
It’s not just bogus calls and emails
© Dr911 | Dreamstime.com
Imagine getting a call from what looks like your bank’s number, warning you about suspicious activity on your account. The caller knows just enough to make you trust them. It’s all a lie, and you’re screwed if you don’t realize that soon enough.
The crypto investment scam that’s all over social media
I’m all about using AI to get stuff done. No kidding, I use ChatGPT every day to shortcut planning and organize my work and my life.
You know who else loves AI? Cybercriminals. A new scam powered by deepfakes is all over social media. Too many people have fallen for it and lost millions of dollars in the process. I’ve got the dirty details so you don’t become a victim, too.
I warned you about this months ago: If you get a text from E-ZPass or SunPass about unpaid tolls, fines or legal trouble, delete it. Chinese cybercriminals are behind a campaign sending fake messages across America. Click the link and you’ll land on a copycat site of a real toll services company, ready to steal your payment info. Never follow a link to pay a bill; go to the official site yourself.
Security tip: Next time you stay at a hotel, turn on your VPN
Did you know the average American spends more than 24 hours each week online? That is a considerable chunk of time.
If you’re one of many with multiple devices regularly accessing the internet, you probably know you need a secure connection to protect sensitive data. A virtual private network or VPN is the best way to do this.
Security tip: 3 dumb mistakes putting you at risk online
There are countless cybersecurity threats you need to watch out for. The AV-TEST Institute says it detects over 450,000 new malicious programs every day.
We’ve compiled some easy mistakes you could be making right now. You may discover a weakness that puts your digital life in danger. Thanks to our sponsor, TotalAV, you can scroll down to stay safe!
Yes, you can add a VPN to your TV - Here are a few reasons you should
© Spaxia | Dreamstime.com
You can use many methods to protect against cyberattacks, including strong passwords, antivirus software, a virtual private network (VPN), privacy-focused browsers and more. Tap or click here for our list of essential privacy tools that help you stay safe online.
Area codes and numbers that are probably spam
© Kukurund | Dreamstime.com
Whew, the election’s over. The onslaught of robocalls and texts is over, too … right? Nope.
There are fewer political calls and messages, sure, but there are always scammers and spammers. It may be easier for these creeps to get a hold of us now that our phones aren’t constantly lighting up with election-related notifications.
Protect all your devices with the best antivirus software
Photo 230930944 © Milkos | Dreamstime.com
When it comes to antivirus software, there’s no better choice than our sponsor, TotalAV. For one, it’s available for your phone and computer, so all your devices are protected.
This security suite protects all your devices from the scariest online threats, such as ransomware, spyware, adware and (of course) malware. Its WebShield browser extension provides advanced protection against malicious websites and even blocks bad guys from stealing your data.
Protect up to 5 devices from malware, viruses and more - Just $20 for an entire year
© Rawpixelimages | Dreamstime.com
There’s nothing wrong with looking for ways to save money. Cutting back on things like your cable or electric bill is just good business. But you need to be smart about where to cut corners. Protecting your devices and critical files should not be skimped with all the cybercriminals and digital threats lurking.
3 security steps every small business needs to take right now
© Denisismagilov | Dreamstime.com
Business accounts can be hacked as easily as personal accounts. Imagine all your hard work being held at ransom by a hacker or your data falling into the hands of someone who can sell it to the competition.
You need to secure your business as best you can, and here are three crucial tips to get started. This tip is brought to you by our sponsor, NetSuite.
5 common antivirus mistakes to avoid at all costs
Photo 36737936 © Flynt | Dreamstime.com
Computer viruses can ruin everything. Systems that once worked well grind to a halt as your computer struggles to recover. That’s why antivirus programs are non-negotiable: They keep your digital life safe if you avoid the most common mistakes.
How to stay safe on public Wi-Fi
You don’t leave your front door unlocked. So why would you use public Wi-Fi networks without protection? Defend your private data from cybercriminals in public places with these five tips.
If you listen to The Kim Komando Show and Kim’s podcasts, you know about digital dangers. Accessing the internet via public Wi-Fi networks can heighten these risks even more.
Why you need a VPN (even if you're not tech-savvy)
When surfing the web, you might encounter a few confusing acronyms. Take VPN, for example. You might shrug and scroll past it if you don’t know what it means. Just like that, you could miss out on the best internet privacy tool.
The danger of free VPNs
If you want to stay safe, you need a solid self-defense plan. This applies to both the real world and our digital lives. One of the best ways to stay safe online is by using a VPN or a virtual private network.
As a quick recap, a VPN is a cybersecurity tool you download onto your devices. You can hide your IP address, encrypt internet traffic and protect your browsing history. VPNs even help you get around geoblocking, which refers to content barriers based on your location.
Ticket heist: Cybercriminals are selling fake tickets online for the upcoming Paris Olympics. It’s a large-scale effort with over 700 fake domains. Telltale signs? Spelling and grammar mistakes and super inflated prices. Stick to the official sales platform.