Tips

News

Cybersecurity

Is TikTok Making Young Americans Turn Against Their Own Country?

October 12, 2024

•

20 min read

Is TikTok Making Young Americans Turn Against Their Own Country?

TikTok has captured the attention of millions of young Americans, but its ownership by ByteDance, a Chinese company, has sparked growing concerns about national security and ideological influence. At the heart of the issue is the platform’s powerful algorithm, which shapes the content users see. Some fear that TikTok is doing more than just serving entertaining videos—it may be subtly fostering anti-American sentiment among its young audience.

Here’s the concern: ByteDance operates under Chinese law, meaning it could be compelled to cooperate with the Chinese government. Whether intentional or not, there is the risk that TikTok’s algorithm could be used as a soft power tool to amplify content that promotes disillusionment with American democracy, capitalism, and social institutions. The platform can reinforce negative views by repeatedly showing polarizing or critical content—leading young people to question the values that hold American society together.

Why Does This Matter?

🔹 Algorithmic Influence on Ideologies: Content that subtly criticizes American institutions or promotes distrust can shape users’ views over time, leading them to feel disconnected or even hostile toward their own country.

🔹 Echo Chambers and Polarization: Young users could get stuck in cycles of negative content, making them feel that America is irreparably broken. The more disillusioned they feel, the easier it becomes for foreign influences to undermine social unity.

🔹 Cultural Impact: Social media influences how young people perceive the world and their place in it. If TikTok promotes the narrative that American ideals like freedom, equality, and democracy are meaningless or flawed, it weakens national identity and civic engagement.

🔹 Hidden Bias and Control: With opaque moderation practices and algorithms, TikTok’s influence is hard to monitor. This creates opportunities for foreign interests to shape narratives in ways Americans might not even notice.

A Subtle but Serious Threat

Even if ByteDance isn’t explicitly pushing an agenda, the potential for ideological manipulation is real. When a foreign entity with ties to an authoritarian regime controls a platform that shapes the views of millions of young Americans, we must ask: What ideas are we allowing to take root in the minds of our next generation?

TikTok may be fun and creative, but the risks are too significant to ignore. We need to educate users and demand transparency to ensure foreign-owned platforms aren’t quietly steering our youth to reject their own values. The future of America’s national identity depends on it.

What do you think? Are these concerns legitimate, or are they overblown? How do we balance fun with vigilance in the digital age?

====================================

Follow me for mind blowing information and cybersecurity news. Stay safe and secure!

====================================

#TikTok #NationalSecurity #IdeologicalInfluence #Youth #SocialMedia #DataPrivacy #Polarization #SoftPower #AmericanValues

Cybersecurity

News

Tips

Keep your kids away from social media.

July 18, 2024

•

20 min read

Keep your kids away from social media.

Lawsuits Mount as Long Island School Districts Challenge Social Media Giants

In an unprecedented legal action, more than a dozen school districts from Long Island have initiated lawsuits against major social media platforms such as TikTok, Facebook, Instagram, and Snapchat. This collective legal challenge represents a significant stand by educational institutions against what they perceive as the negative impacts of social media on students’ mental health and well-being.

The plaintiffs, including South Huntington, Kings Park, and Jericho districts, among others, are advocating for accountability from these tech giants, citing increased spending on mental health services necessitated by the social media-induced distress among students. These districts allege that the platforms contribute to physical pain, mental anguish, and a diminished enjoyment of life among students.

Port Jefferson School District, as voiced by Superintendent Jessica Schmettan, emphasized the lawsuit’s role in advancing child safety and raising awareness about the addictive nature of social media. The district aims to spark a broader recognition of the need for regulatory measures to safeguard young users.

This lawsuit aligns with wider concerns about the role of social media in fostering environments conducive to bullying and exclusion. Joseph Salamone, founder of the Long Island Coalition Against Bullying, noted the pervasive influence of mobile devices in amplifying negative interactions among students.

As the legal proceedings gain momentum, the involved school districts hope their actions will catalyze significant changes in how social media platforms manage and mitigate their impact on young users. Meanwhile, a spokesperson from Meta reassured that the company is deeply committed to ensuring safe online experiences for teens, highlighting the various tools and features developed to protect young users on their platforms.

#socialnetworking #MentalHealthAwareness #LegalAction #Education #Cyberbullying Prevention #technology

Tips

Cybersecurity

News

Cybercriminals are now using AI-generated TikTok videos to trick users, especially teens

June 27, 2024

•

20 min read

If it sounds too good to be true… it’s probably malware.

Cybercriminals are now using AI-generated TikTok videos to trick users — especially teens and young adults — into installing malware on their own computers.

The pitch?

“Type this one PowerShell command and get Spotify Premium or Windows Pro for free.”

The result?

You just installed an infostealer that silently siphons your passwords, documents, crypto wallets, and social media logins. Some victims even reported their entire hard drives wiped.

What makes this attack so effective?

🚨 No phishing links.

🚨 No suspicious email attachments.

🚨 Just a video with a robotic AI voice and a step-by-step guide.

It slips past antivirus software.

Because there’s no malicious file — you become the delivery mechanism.

Trend Micro’s researchers uncovered this, but by then millions had already watched. Some videos reached over 500,000 views. And TikTok, to its credit, has taken them down — but not before damage was done.

This is the next evolution of social engineering:

AI-powered. Visually convincing. Mass-distributed.

If you’re not educating your teams, your clients, and your kids about this — you’re already behind.

Curiosity and greed will always be exploited.

Cybersecurity awareness is your best defense.

==================================

Follow me for mind-blowing information and cybersecurity news. Stay safe and secure!

==================================

#CyberSecurity #SocialEngineering #TikTokScam #Malware #Infostealer #AIAwareness #SecurityEducation

Cybersecurity

News

Tips

Chinese Hackers Are Turning Smartphones Into Espionage Tools1

June 26, 2025

•

20 min read

📱 Chinese Hackers Are Turning Smartphones Into Espionage Tools — FBI Warns of Mobile Security Crisis

A silent breach. No clicks. No downloads. Just a crashed phone — and full surveillance access.

That’s how investigators at cybersecurity firm iVerify described a sophisticated cyberattack campaign targeting smartphones belonging to journalists, government officials, and tech executives.

The source? According to U.S. officials, it points to China’s state-backed hacking apparatus.

“The world is in a mobile security crisis right now. No one is watching the phones.”

— Rocky Cole, former NSA and Google cybersecurity expert

What’s Happening?

The FBI and cybersecurity researchers have identified an ongoing wave of mobile cyberattacks tied to China’s military and intelligence services. Key findings:

🔍 Zero-click infiltration: Phones were infected without user interaction

📱 Mobile targets: Prominent Americans in politics, journalism, tech, and government

🎯 Objective: Real-time surveillance — voice, texts, and app activity

📡 Breach entry: Malicious apps, spoofed links, telecom backdoors, and unpatched IoT

Victims include campaign officials from the 2024 U.S. election, national security aides, and even Trump’s running mate JD Vance.

What’s at Stake for Businesses, Law Firms, Schools, and Clinics?

While this campaign targets high-profile figures, the attack surface applies to everyone:

Executives and attorneys store confidential communications on phones
Healthcare providers use mobile devices for telehealth, EHR access, and compliance alerts
Schools and staff rely on BYOD and unsecured mobile apps
SMBs often lack mobile device management (MDM) or app-level protections

One compromised phone = compromised network, contacts, credentials, and more.

The Bigger Risk: User Lapses

Even with encrypted apps like Signal, investigators found critical human errors:

Sensitive discussions on personal devices
Signal chats including the wrong contacts
Pentagon officials bypassing security for convenience
No verification of spoofed messages from fake staffers

“It doesn’t matter how secure the device is if the user doesn’t follow basic protocols.”

8 Things You Must Do Right Now

At Gigabit Systems, we help organizations secure mobile endpoints with zero-trust protection. Start here:

✅ Enforce Mobile Device Management (MDM)

✅ Block unauthorized apps and sideloading

✅ Educate users on spoofing, phishing, and social engineering

✅ Require MFA for mobile app access

✅ Patch phones, apps, and IoT firmware regularly

✅ Remove outdated or unused apps

✅ Restrict sensitive work from personal phones

✅ Avoid messaging platforms not approved for secure data

If mobile devices are now the front line of cyber warfare—who’s guarding yours?

👇 Comment if your organization uses smartphones for critical data access.

🔁 Share this with leadership or staff who may be unaware of the mobile threat landscape.

====================================

Follow me for mind-blowing information and cybersecurity news. Stay safe and secure!

Because 70% of all cyberattacks target small businesses—

I can help protect yours.

‍

#CyberSecurity #MobileThreats #ChinaHackers #Infosec #ManagedITServices

‍

Cybersecurity

News

Tips

You don’t need a military budget to defend against this

June 26, 2025

•

20 min read

Digital War Games: Iranian Hackers Aim for U.S. Soft Targets

The bombs hit Iran’s bunkers — now their hackers are targeting ours.

In the wake of U.S. airstrikes on Iranian nuclear facilities, Iranian-backed hackers have begun launching cyberattacks on American banks, defense contractors, and oil and energy firms. While no widespread infrastructure damage has occurred yet, the warning lights are flashing: we’re not just in a kinetic conflict — we’re in a digital one.

Denial-of-service attacks have already been claimed by pro-Iranian groups. But intelligence agencies are warning that more aggressive activity is imminent — and it won’t just hit the big guys.

Small businesses are the perfect target.

Iran’s cyber strategy has always thrived on disruption, fear, and asymmetric warfare. Their playbook includes psychological operations, data theft, and digital espionage. They’re not always aiming to destroy — sometimes, they just want to show they can.

And that’s exactly what makes small and mid-sized businesses vulnerable.

A New York law firm.

A suburban school district.

A medical billing service in Ohio.

An HVAC company managing building controls for 30 sites.

Each of these represents a high-value, low-defended gateway into larger ecosystems — and that’s exactly what today’s threat actors are looking for.

This is not theory. It’s happening now.

CISA has issued alerts. The Department of Homeland Security has flagged an “elevated threat environment.” And more than 60 Iranian-affiliated groups — ranging from formal military units to rogue hacktivists — are already in motion.

But most small businesses haven’t responded. Many haven’t even heard.

Here’s what should worry you:

Iran has used emergency alert systems to trigger false missile warnings.
Hackers have impersonated executives, redirected payroll, and stolen legal records.
Spear phishing campaigns are actively harvesting credentials from small orgs.
Infrastructure providers and supply chain vendors are being quietly surveilled.

This is no longer about “maybe.” The digital front line now includes your office.

What should you do today?

Implement multi-factor authentication (MFA) across every system — especially email and payroll.
Require admin approval for all financial transfers.
Check your logs and SIEM dashboards for unusual activity.
Update, patch, and restrict access to critical software.
Train staff on phishing detection — not once a year, but right now.

You don’t need a military budget to defend against this. But you do need to act.

America may win in the air. But in cyberspace? The battle’s just beginning — and small businesses are directly in the crosshairs.

====================================

Follow me for mind-blowing information and cybersecurity news. Stay safe and secure!

70% of all cyber attacks target small businesses, I can help protect yours.

#cybersecurity #MSP #IranianHackers #infosec #databreach #criticalinfrastructure #ransomware #smallbusiness

News

Did the Massive Bunker Busters work

June 25, 2025

•

20 min read

America Drops Massive Bunker Busters on Iran — But Did They Work?

In a dramatic escalation of the ongoing conflict between Israel and Iran, the United States launched “Operation Midnight Hammer” over the weekend, marking the first-ever use of its 30,000-pound Massive Ordnance Penetrator (MOP) in combat. These bunker-busting bombs were dropped by B-2 stealth bombers on three of Iran’s most fortified nuclear sites: Fordow, Natanz, and Isfahan.

While former President Trump declared the operation a complete success, early satellite imagery and U.S. intelligence suggest otherwise — indicating the attack may have only set Iran’s nuclear program back by a few months.

The Bomb vs. the Bunker

This high-stakes confrontation highlights a less visible but critical arms race — not between nations, but between materials: steel versus concrete.

For decades, military engineers have been refining bunker-busting weapons. Modern penetrators are made from hardened alloys like Eglin Steel, designed to punch through reinforced targets with minimal explosive payloads. But Iran, as well as other military powers, has been investing in the opposite side of the equation: Ultra High Performance Concrete (UHPC), a fiber-reinforced material capable of withstanding 40,000 psi — far beyond the strength of conventional concrete.

Military insiders believe that Iran’s underground bunkers may be fortified with UHPC or even more advanced layered concrete technologies such as Functionally Graded Cementitious Composite (FGCC), which combines hard outer shells, energy-absorbing middle layers, and anti-spall inner coatings. If confirmed, this would help explain the MOP’s limited effect on the nuclear facilities.

A History of Escalation

This isn’t the first time U.S. bunker-busting technology has been challenged. During the Gulf War in 1991, Iraq’s heavily fortified command centers required a crash program to build stronger bombs — leading to the infamous 5,000-pound BLU-113. Today’s MOP is the spiritual successor, and at 30,000 pounds, it’s nearly the largest weapon the U.S. can drop without resorting to nuclear payloads.

However, experts warn that even the MOP may not be enough.

Where Does the Arms Race Go From Here?

As military concrete gets tougher, steel-based bomb casings are hitting their physical limits. The future may lie in hypersonic penetrators — non-explosive missiles made from tungsten or similar materials, relying purely on kinetic energy to crack through hardened targets at speeds exceeding Mach 5. Some call them “rods from God.”

Alternatively, soft-target strategies may dominate. Rather than penetrate a bunker directly, attackers might aim to destroy entrances, communications lines, or surrounding infrastructure — rendering the facility inoperable without needing to physically break through.

Final Thoughts

Whether Iran’s bunkers survived the weekend’s attack remains unclear. But one thing is certain: in the shadowy competition between bombmakers and bunker builders, neither side holds permanent advantage. As concrete becomes “smarter” and more resistant, and as weapons systems evolve in size, material, and velocity, the balance continues to shift.

The world is watching — not just for explosions, but for what comes after the dust settles.

News

Cybersecurity

Tips

WhatsApp Banned from U.S. House Devices Due to Security Risks

June 24, 2025

•

20 min read

🚫 WhatsApp Banned from U.S. House Devices Due to Security Risks

‍

In a bold cybersecurity move, the United States House of Representatives has officially banned the use of WhatsApp on all government-issued devices.

An internal email from Catherine Szpindor, Chief Administrative Officer of the House, instructed staffers to remove WhatsApp from all mobile, desktop, and browser-based platforms. The decision comes after the Office of Cybersecurity flagged WhatsApp as a “high risk” application, citing:

Lack of transparency around data handling practices
No encryption for stored data
Potential vulnerability to surveillance and breaches

This aligns with earlier Congressional bans on apps like DeepSeek, ByteDance products (e.g., TikTok), and even ChatGPT, due to data privacy and national security concerns.

💬 Why This Matters for the Private Sector

While the ban applies to federal staff, the concerns raised echo issues every business should consider when choosing communication tools. For example:

End-to-end encryption only covers live message transit—not cloud backups.
Meta’s track record on privacy has made regulators uneasy for years.
Group chats and media files often reside unencrypted in cloud backups, posing risks if endpoints are compromised.

If U.S. lawmakers are banning an app like WhatsApp, should your company be relying on it for client communications or sensitive data?

✅ Safer Alternatives Permitted

The House has endorsed platforms with stronger security protocols and transparency, including:

Signal
Wickr (by Amazon)
iMessage / FaceTime
Microsoft Teams

These platforms either offer full end-to-end encryption or are supported by organizations with clearer security frameworks and controls.

‍

Tips

News

Cybersecurity

NSA says one of the best ways to protect your phone from spyware is…

June 24, 2025

•

20 min read

Turn It Off to Shut Hackers Out

The NSA says one of the best ways to protect your phone from spyware is… turning it off and back on.

Surprised? You’re not alone. But in a recent advisory, the National Security Agency urged mobile users — especially those at risk of targeted attacks — to power cycle their smartphones at least once per week. It’s a surprisingly effective tactic against a growing wave of silent, zero-click malware that can hijack your phone without you clicking a single thing.

What Are Zero-Click Exploits?

These attacks exploit hidden software vulnerabilities to silently infect your phone. No downloads. No phishing links. No clues.

Once compromised, attackers can:

Spy on calls, messages, and emails
Steal passwords and MFA tokens
Track your location
Access corporate data via synced accounts

Why This Matters for Small Businesses

Most business owners rely on mobile phones for email, client chats, file sharing, and login verification.

If a device is compromised:

Hackers can pivot into your cloud accounts (Microsoft 365, Google Workspace, etc.)
Phishing campaigns can be launched from your account
Stored credentials and business data are exposed
You may not even realize it’s happening

A breached phone is more than a privacy issue — it’s a backdoor into your business.

NSA’s Top Tips for Mobile Security

The NSA and FCC recommend the following measures:

✅ Restart your phone once a week – disrupt memory-resident spyware

✅ Enable automatic software updates – patch vulnerabilities quickly

✅ Use a strong 6+ digit PIN and auto-lock after 5 minutes

✅ Never jailbreak or root your device – you’re disabling key protections

✅ Turn off Bluetooth and Location when not in use

✅ Avoid public Wi-Fi and charging stations – they can be tampered with

✅ Enable 2FA on all key accounts – especially email and financial

✅ Be wary of social engineering – especially calls or texts posing as support

Good Habits That Take Seconds

Restarting your phone weekly won’t solve everything — but it’s fast, easy, and disrupts many forms of malware.

And when layered with strong passwords, endpoint protection, and training, it’s one more barrier between attackers and your network.

70% of all cyber attacks target small businesses. I can help protect yours.

#cybersecurity #smallbusinesssecurity #mobilesecurity #infosec #manageditservices

Tips

Cybersecurity

News

16 Billion Logins Leaked - what this means to you

June 24, 2025

•

20 min read

🔐 16 Billion Logins Leaked: Why This Massive Breach Should Terrify Every Business Owner

A newly discovered trove of 16 billion stolen credentials has sent shockwaves through the cybersecurity world. Discovered by researchers at Cybernews, this massive breach isn’t just an archive of old, recycled data — it’s a blueprint for targeted cybercrime that’s unfolding in real time.

While a previous breach in 2024 exposed 26 billion records, what makes this latest leak so dangerous is the structure, freshness, and accessibility of the data. Spread across 30 unsecured databases accidentally left online, the breach includes not only usernames and passwords, but also session cookies, authentication tokens, and metadata that can bypass even multi-factor authentication (2FA).

🧠 Why Should This Matter to You?

Because this isn’t just some abstract, corporate security concern. This leak threatens everyday individuals, freelancers, small businesses, schools, healthcare offices, and law firms — especially those with limited IT infrastructure and little to no cybersecurity training.

🔓 What Can Hackers Do With a Stolen Password?

Let’s break it down.

Credential Stuffing

When people reuse passwords across different sites (a very common mistake), hackers can take a login from one service (like Netflix or Gmail) and try it on other sites like:

Bank logins
Amazon or eBay accounts
Business email platforms (Microsoft 365, Google Workspace)
Payroll and accounting software (QuickBooks, Gusto)

Example: A small business owner uses the same password for their Shopify store and personal email. A hacker finds the credentials in the breach and logs into the email, resets the Shopify password, takes control of the store, and reroutes payouts.

Account Takeover (ATO)

If an attacker can gain access to one critical account — like an email — they can quickly take over multiple systems. Why? Because your email inbox is the gateway to password resets for almost every online service.

Example: An attacker logs into your email, resets your 2FA-enabled bank account, and drains it. They also reset your Dropbox, downloading sensitive legal documents or client information.

Phishing & Impersonation

With access to real login data, hackers can impersonate employees or business owners, launching targeted phishing attacks within your organization or against your clients.

Example: An attacker sends a spoofed invoice to a law firm’s clients from the actual paralegal’s email account, tricking clients into wiring money to a fraudulent account.

Session Hijacking via Cookies

This breach includes session cookies, which are like digital keys left under your doormat. With them, attackers may not even need your password.

Example: You’ve secured your account with 2FA, but if a hacker steals your cookie data (especially if you’ve logged in from an infected browser), they can bypass security and access your session as if they were you.

Targeting Small Business Vendors

Most small businesses rely on third-party tools — for invoicing, marketing, inventory, etc. If any of those are compromised, the attacker may gain indirect access to your data.

Example: A breached account on Canva or Mailchimp lets a hacker send out malicious newsletters from your business. One click by a customer, and malware is deployed.

🛡️ Why Small Businesses Are the Easiest Targets

Unlike large corporations, most small businesses don’t have:

Dedicated security teams
Endpoint protection across all devices
Formal cybersecurity training
Centralized password management or policies

This makes them low-hanging fruit for attackers, especially in credential-based breaches. Once one small business is breached, attackers often pivot laterally to vendors, clients, and supply chain partners — expanding the damage exponentially.

📋 What Can You Do

Right Now

to Protect Yourself?

✅ 1.

Stop Reusing Passwords

Use a password manager like 1Password, Keeper, Bitwarden, or Dashlane to generate unique, strong passwords for every account.

✅ 2.

Change Critical Logins Immediately

Prioritize your:

Email
Bank and payment accounts
Cloud storage
Business platforms (e.g., Square, QuickBooks, Shopify)

✅ 3.

Enable 2FA Everywhere

Use apps like Authy or Google Authenticator instead of just SMS codes. This gives an extra layer of security even if your password leaks.

✅ 4.

Run a Malware Scan

Install or update antivirus software to scan for infostealer malware, which may be the source of stolen credentials.

✅ 5.

Check for Breaches

Use https://haveibeenpwned.com to see if your email or password has been compromised.

💥 Final Thought: You Don’t Have to Be Paranoid — Just Prepared

Cybersecurity isn’t about locking everything down and living in fear. It’s about raising your defenses enough that hackers move on to easier targets. Most attacks are opportunistic. With a few smart steps — unique passwords, 2FA, basic hygiene — you make yourself a much harder target.

This 16-billion-record breach is a wake-up call. Will you hit snooze, or will you take action?