Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have the size or budget to have a fully-fledged dedicated security team, it often comes down to one person that doesn’t have the time to do everything that is recommended or even required. Often security issues are just dealt with when the need arises.
There is the first issue right there. When the need arises, it’s often already too late. An infection has been found, a breach was discovered, or ransomware has disabled systems or made files unretrievable.
Small businesses also often do not consider themselves to be a target, but you don’t have to be explicitly targeted to get breached or infected. Depending on how small your business is, the tips below may be more or less important in your circumstances and for your threat model, which will depend on the line of business that you are in.
1. Enable your staff
Your staff need to know what is expected of them, and what not to do.
Make cybersecurity a company-wide issue, but also appoint a go-to person that has a responsibility, along with the time and the tools to perform that task.
Train your employees in security awareness, so they can recognize phishing attempts and know what they can and can’t do on company-issued hardware.
Consider outsourcing time-consuming and specialized tasks. In the end this may turn out to be more cost-effective than trying to do it with your own staff.
2. Know your equipment
It’s important to be aware of your networking equipment, endpoints, and devices. Not only to know what needs to be protected, but also to know where weaknesses may lie.
Pay special attention to devices that are used to work from home (WFH) or included in a BYOD program. Make it clear that mixing work and pleasure on the same device comes with security risks.
Audit your environment on a regular basis, especially if you are a fast growing small business. That way you’ll know what you are using and what may need to be upgraded, replaced, or updated.
3. Get your patches and updates asap
Once you have established the hardware and software in your environment you need to perform effective patch and vulnerability management.
If having specialized software for this task or outsourcing it is not an option, it might be a good idea to keep an eye on the Known Exploited Vulnerabilities Catalog which is maintained by the Cybersecurity and Infrastructure Security Agency (CISA). This catalog provides Federal Civilian Executive Branch (FCEB) agencies with a list of vulnerabilities that are known to be exploited in the wild and gives the agencies a due date by when the vulnerability needs to be patched in their organization. Even if your organization isn’t a FCEB agency that needs to follow the Binding Operation Directive 22-01, the CISA list acts as a good guide for your patch management strategy.
And keep an eye on security news sites in order to stay alerted to the biggest and most important updates and patches.
4. Lock things down
Having a strict policy to protect your important assets with strong passwords and multi-factor authentication (MFA) should be a no-brainer. Consider making it easier for your staff by using a single-sign-on service or alternatively by providing them with a password manager.
Very important files and documents can be encrypted or stored in password protected folders to keep them safe from prying eyes. A stolen or lost device is stressful enough without having to worry about confidential information.
5. Use a firewall and VPN
A firewall protects an entry point to a network while a VPN creates an encrypted tunnel between two networks. Both can be used to protect your network.
If your company has internet facing assets—and who doesn’t—it’s important to apply network segmentation. The process of network segmentation separates a computer network into subnetworks, and allows for each segment of the network to be protected with a different set of protocols. By separating each segment according to role and functionality, they can be protected with varying levels of security. A common step for small organizations is to separate the systems that require internet access from those that don’t.
Remote desktop protocol (RDP) is a network communications protocol that allows remote management of assets. It allows users to remotely login to systems and work on them as if they were physically there. RDP is a necessary evil sometimes, but there are ways to make it more secure.
6. Protect your systems
Make sure all your devices are protected by cybersecurity solutions. Logs should be easy to digest and easy to understand, regardless of whether the readers are your own employees or those of a provider. A lot of needless alerts will interrupt your workflow, but you do not want to miss the important ones. So balance is important, especially with a limited staff.
7. Consider your supply chain safety
Businesses need to understand what level of protection their providers or others with access to their resources have in place. Ransomware is contagious, so if your providers have it you likely will too. Supply chain attacks can come from your most trusted provider and still be disastrous.
Check for compliance and certifications. Depending on the type of supplier and the level of access to your assets, there is nothing wrong about setting some standards. For example, your IT services supplier can demonstrate a good level of cybersecurity by having achieved a cyber certification. It may also help to know that your supplier is aligned with a standard of cybersecurity deemed good enough by government organizations.
8. Have a recovery strategy
When a security issue arises despite all of your efforts to secure your environment, you should have a plan ready to contain and deal with the consequences.
Backups. Make sure you have backups that are as recent as possible and that are easy to deploy. Create backups in an environment that can’t be ruined by the same mishap that destroyed the original (preferably on a different carrier, physical location, and network).
Know what legal body you need to inform in case of a breach. This is especially important if Personally Identifiable Information (PII)is involved. It is hard to give guidelines here, since every US state has different data breach notification laws, so plan this ahead of time for your jurisdiction. And have a critical communications plan in place that details how you will inform your customers in case of a breach.
Protect your small business
We provide cybersecurity for sole proprietors, boutique businesses, and small offices – no IT skills required. Protect yourself with Malwarebytes for Teams.
Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals.
If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, 12L, 13, 14, and 15. Android vendors are notified of all issues at least a month before publication, however, this doesn’t always mean that the patches are available for all devices immediately.
You can find your device’s Android version number, security update level, and Google Play system level in your Settings app. You’ll get notifications when updates are available for you, but you can also check for them yourself.
For most phones it works like this: Under About phone or About device you can tap on Software updates to check if there are new updates available for your device, although there may be slight differences based on the brand, type, and Android version of your device.
Keeping your device as up to date as possible protects you from known vulnerabilities that have been fixed, and helps you to stay safe.
Technical details
The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws. The CVEs that look the most important are:
CVE-2024-43047: a high-severity use-after-free issue in closed-source Qualcomm components within the Android kernel that elevates privileges. Use after free (UAF) is a vulnerability due to incorrect use of dynamic memory during a program’s operation. If after freeing a memory location a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program. Qualcomm disclosed the vulnerability in October as a problem in its Digital Signal Processor (DSP) service. The vulnerability is flagged as under limited, targeted exploitation and could allow an attacker to escalate privileges on targeted devices.
CVE-2024-43093: a high-severity escalation of privilege vulnerability impacting the Android Framework and the Google Play system updates. This is the second vulnerability that is flagged as under limited, targeted exploitation.
CVE-2024-43091: a high severity Remote Code Execution (RCE). By exploiting this vulnerability in the System component an attacker could remotely execute code on a device with no additional execution privileges needed.
CVE-2024-38408: is the only vulnerability listed as critical in this update. The problem is described as a “cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.” LMP stands for Link Manager Protocol, which is a communication system used in Bluetooth technology to set up and manage connections between devices. The “start encryption command” is a special instruction that tells Bluetooth devices to begin scrambling their communications. The issue was patched by Qualcomm, which published a long list of affected chipsets.
We don’t just report on phone security—we provide it
Budget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And no doubt that some of these actually may be mission critical. But as cybersecurity professionals, we understand that
INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation.
Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure.
“Of the approximately 30,000 suspicious IP addresses identified, 76 per cent were taken down and 59
Elections are not just a matter of casting ballots. They depend on citizens being able to register to vote and accessing information about candidates and the election process, which in turn depend on the strength and security of the Internet. Despite the risks posed by potential cyberattacks aimed to disrupt democracy, Cloudflare did not observe any significant disruptions to campaigns or local government websites from cyberattack.
Tuesday, November 5, 2024 was Election Day in the United States. It not only decided the next president and vice president but also included elections for the US Senate, House of Representatives, state governorships, and state legislatures. Results confirm that Republican Donald Trump won the presidential election.
In this blog post, we examine online attacks against election-related sites — some of which were notable but none were disruptive — and how initial election results impacted Internet traffic across the US at both national and state levels, with increases in traffic as much as 15% nationwide. We’ll also explore email phishing trends and general DNS data around news interest, the candidates, and election-related activity.
We’ve been tracking 2024 elections globally through our blog and election report on Cloudflare Radar, covering some of the more than 60 national elections around the globe this year. At Cloudflare, we support many of these efforts to ensure a secure and trustworthy election process. We worked closely with election officials, government agencies, and civil society groups across the country to ensure that groups working in the election space had the tools they needed to stay online.
In the 24 hour period from October 31 – November 1, Cloudflare automatically mitigated over 6 billion HTTP DDoS requests that targeted US election-related websites–such as state and local government election sites and political campaigns. There were no significant disruptions to the targeted websites during this time period.
The day before the election, DNS traffic to Trump/Republican and Harris/Democrat websites peaked, with daily DNS traffic rising 59% and 4% respectively.
On election day, states in the midwest saw the highest traffic growth across the US, as compared to the previous week.
Internet traffic in the US peaked after the first polling stations closed, with a 15% increase over the previous week.
DNS traffic to news, polling, and election websites also saw large traffic jumps. Polling services were up 756% near poll closures and news sites were up 325% by late evening.
How Cloudflare assists with election infrastructure
Cloudflare’s goal is to ensure that sites that enable democracy — such as voter registration sites, election information portals, campaign websites, and results reporting platforms — remain secure and accessible, especially under heavy traffic periods or cyberattacks. Through our Impact programs, we provide essential cybersecurity resources to more than 800 websites that work on election infrastructure.
Project Galileo: Launched in 2014, Project Galileo provides free Business level services to media organizations, human rights defenders and non-profit organizations around the world. We protect more than 65 Internet properties related to elections in the United States that work on a range of topics related to voting rights, promoting free and fair elections, and posting election results. These organizations include Vote America, Decision Desk HQ, US Vote Foundation, and Electionland.
Athenian Project: Launched in 2017, the Athenian Project provides state and local governments that run elections with free Enterprise level services to ensure that voters can access accurate and up-to-date information about voter registration, polling places, and election results without interruption. We currently protect 423 websites in 33 states under the project.
Cloudflare for Campaigns: Launched in 2020, in partnership with Defending Digital Campaigns, Cloudflare for Campaigns provides a package of products to address the increasing risks posed by cyberattacks on political campaigns and state parties. We currently protect more than 354 campaigns and 34 state-level political parties in the United States.
Since 2020, we’ve strengthened our partnerships with election officials, government agencies, and nonprofits to provide essential protections. Throughout 2024, we’ve collaborated with CISA (Cybersecurity and Infrastructure Security Agency) and the Joint Cyber Defense Collaborative, briefing over 300 election officials on emerging threats and conducting 50+ calls with state and local governments to review security practices. Additionally, we held webinars on cyber threats to election groups and strategies for protecting election infrastructure.
With Defending Digital Campaigns, we worked to onboard more than 90 campaigns and parties weeks before election day. As part of this, we also worked with political vendors managing campaign infrastructure to provide insight on emerging threats and how to mitigate. Under Project Galileo, we onboarded more than 60 local media and journalism sites reporting on elections to ensure they can provide timely, accurate information on voting processes, candidate platforms, and election results.
Political and election-related cyber attacks
As we’ve seen several times this year, specific DDoS (Distributed Denial of Service) attacks often target political party or candidate websites around election day. While online attacks are frequent and not always election-related, we saw recent DDoS incidents in France, the Netherlands, and the U.K. focused on political parties during election periods.
In the US, we saw a similar uptick in attacks immediately prior to the election. Cloudflare blocked cyberattacks targeting websites affiliated with both parties, attempting to take the sites offline. Although some attacks had high volumes of traffic, the targeted websites remained online.
DDoS attacks targeting US political or elections-related Internet properties in particular clearly picked up starting in September, with the more than 6 billion HTTP DDoS requests seen during the first six days of November exceeding the volume seen during all of September and October.
Some campaign websites drove most of the malicious HTTP request traffic as part of DDoS attacks, with a clear increase since October 1, compared to minimal DDoS activity earlier in 2024.
Let’s look at a few examples of specific DDoS attacks, as these are easier to track.
High-profile campaign website, October 29 – November 6
Cloudflare blocked a series of DDoS attacks targeting a high-profile campaign website. The attacks began on October 29, with a four-minute spike reaching 345,000 requests per second. On October 31, more intense attacks followed, with the first lasting over an hour, peaking at 213,000 requests per second. Hours later, on November 1, a larger attack reached 700,000 requests per second, followed by two more waves at 311,000 and 205,000 requests per second.
Over 16 hours, Cloudflare blocked more than 6 billion malicious HTTP requests between October 31 and November 1. Additional attacks continued on November 3, with peaks at 200,000 requests per second (rps); on November 4, at 352,000; on Election Day, November 5, at 271,000 around 14:33 ET (11:33 PT); and on November 6, at 108,000.
Our data shows that the attacker(s) randomized user agents, attempted cache-busting techniques (methods to bypass cached content and overload servers with unique requests), and employed a geodiverse approach.
The DDoS attack on November 1 reached peak bandwidth of over 16 Gbps sent to Cloudflare and maintained over 8 Gbps throughout the main attack, which lasted more than two hours.
US campaign infrastructure website, November 3
Attackers also expanded their attacks beyond campaign sites, to political parties and their infrastructure, attempting — unsuccessfully — to disrupt services. For example, on November 3, 2024, a DDoS attack targeted infrastructure associated with a major campaign, lasting two minutes and reaching 260,000 malicious HTTP requests per second.
US state political party, October 29
On October 29, 2024, a high-volume DDoS attack targeted a U.S. political party website from a specific state. The attack lasted over four hours, from 12:00 to 17:29 ET (09:00 to 14:29 PT), and peaked at 206,000 requests per second. In total, over 2 billion malicious HTTP requests were blocked that day as part of this DDoS attack.
The same method used in the November 1 attack on one of the main campaign websites, mentioned above, was also used in this case. Here, the DDoS attack reached a peak of 5.7 Gbps sent to Cloudflare by the attacker, and sustained over 3 Gbps for most of its four-and-a-half-hour duration.
US counties as a target, September 13
Since September, US state and local websites protected by Cloudflare under the Athenian Project have experienced increased DDoS attacks, particularly targeting specific counties. These types of sites have seen over 290 million malicious HTTP requests since September 1, with 4% of all requests blocked as threats. These attacks were less frequent and intense than those on US political campaigns infrastructure.
On September 13, 2024, a DDoS attack targeted a county website from 19:29 UTC to 22:32 UTC (15:29 to 18:32 ET), lasting three hours and peaking at 46,000 of malicious HTTP requests per second.
These rates of DDoS attacks are already significant, even more so when we compare it with the 2020 US presidential election. In 2020, we saw more varied blocked cyberattack HTTP requests, split between WAF (Web Application Firewall) and firewall rules, and DDoS attacks. There were also significantly fewer blocked requests related to DDoS and WAF, with nearly 100 million in the whole month of October 2020 and close to 25 million in November 2020, the month of the election. In contrast, during November 1-6, 2024, alone, we observed over 6 billion malicious HTTP requests in DDoS attacks targeting campaigns.
It’s also important to note that even smaller attacks can be devastating for websites not well-protected against such high levels of traffic. DDoS attacks not only overwhelm systems but also serve, if successful, as a distraction for IT teams while attackers attempt other types of breaches.
Internet traffic in the US grows after polls closed
Generally, election days do not lead to drastic changes in Internet traffic. Traffic usually slightly dips during voting hours, though not as sharply as on national holidays, and rises in the evening as results are announced.
In the US, a similar pattern was observed on November 5, 2024, with increased Internet traffic at night. However, traffic throughout the day was generally 6% higher than the previous week, starting as early as 09:15 ET (06:15 PT). This may also be because, unlike in other countries, Election Day in the US is on a weekday rather than a weekend and is not a national holiday. Internet traffic peaked after the first polls closed, around 21:15 ET (18:15 PT), as TV news stations displayed countdown clocks. At that moment, traffic was 15% higher than the previous week.
Note: The previous 7 days line that appears in the next chart is one hour behind due to the Daylight Saving Time change over the weekend in the US. All growth calculations in this post take that change into account.
The biggest spike in traffic growth (compared to the previous week) of Election Day occurred at around 01:30 am ET (22:30 PT), when projections began to favor Trump for the presidential victory and Fox News called Pennsylvania in his favor, with traffic rising 32% compared to the previous week. Later, during Donald Trump’s speech between 02:30 and 02:45 am ET (23:30 and 23:45 PT), Internet traffic was 31% higher than the previous week.
On Election Day, daily Internet traffic in the US reached its highest level of 2024 in terms of requests, showing a 6% increase compared to the previous week.
As expected for a typical election day, considering what we observed in other countries, the share of traffic from mobile devices was also slightly higher on Election Day at 43%, compared to 42% the previous week.
State-level traffic growth peaks at 21:00 ET (18:00 PT)
State-level traffic shifts on Election Day, compared to the previous week, reveal more detail than country-level data. The map below highlights the biggest traffic changes, peaking at 21:00 ET (18:00 PT) after polling stations began to close. Notably, traffic increased nationwide and at the state level on Election Day, unlike during the two-hour presidential debates, which were broadcast on nationwide TV.
The most significant traffic increases were observed in Maine (44%), South Dakota (44%), and Montana (44%). Interestingly, central states saw higher percentages of Internet traffic growth than coastal ones. More populous states, such as California (8%), Texas (19%), New York (22%), and Florida (23%), also experienced notable traffic increases.
The seven swing states that are considered to have been decisive in the election — Georgia, Michigan, Nevada, North Carolina, Pennsylvania, and Wisconsin (we’re not considering Arizona due to data issues) — each saw traffic growth between 17% and 36%. Here’s a more focused view of those swing states for easier consumption:
State
Growth in traffic
Local time
(in each state)
Georgia
25%
21:15
Michigan
34%
21:15
Nevada
17%
18:15
North Carolina
14%
21:15
Pennsylvania
33%
21:15
Wisconsin
36%
20:15
DNS trends: from news outlets to polling services
Switching our focus to domain trends, our 1.1.1.1 resolver DNS data reveals a clear impact during the US elections when analyzing specific categories.
Analysis of DNS traffic for US news media outlets shows that traffic from the United States rose significantly right after 09:00 ET (06:00 PT), increasing around 15%, compared to the previous week. Traffic continued to climb throughout the day, peaking between 22:00 and 23:00 ET (19:00 and 20:00 PT) with DNS request traffic volume 325% higher than the previous week. There was also a brief spike on Wednesday, November 6, at 05:00 ET (02:00 PT), showing a 117% increase.
We observed significantly higher DNS traffic for polling services websites — websites of platforms or organizations that conduct and publish polls — on Election Day, peaking at 13:00 ET (10:00 PT) with a 206% increase from the previous week, and again at 22:00 ET (19:00 PT), after the polls started to close, with a 756% increase. Daily traffic to this category was up 145% on Election Day, and 36% the day prior.
Election and voting information-related websites also saw a notable rise in DNS traffic around Election Day. Traffic clearly began to increase the day before the election, and peaked on November 5, 2024, at 12:00 ET (09:00 PT), with a 313% increase from the previous week. Daily traffic was 139% higher on Election Day, and 68% higher the day before.
Social media sites/applications, especially microblogging platforms like X and Threads, were also impacted during Election Day. DNS traffic for these microblogging platforms peaked at 22:00 ET (19:00 PT), aligning with spikes for news organizations and polling services, showing a 91% increase compared to the previous week. In this microblogging category, daily DNS traffic on Election Day rose by 12% from the previous week.
Regarding the two main presidential candidates, DNS traffic for their websites and their parties’ websites was much higher the day before the election than on Election Day. On November 4, 2024, daily DNS traffic to Trump and Republican websites was up 59% compared to the previous week, while traffic to Harris and Democrat websites, which had a more significant increase in DNS traffic the previous week, rose by 4%.
Candidate-related email phishing trends
From a cybersecurity perspective, trending events, topics, and individuals often attract more emails, including malicious, phishing, and spam messages. Our earlier analysis covered email trends involving “Joe Biden” and “Donald Trump” since January. We’ve since updated it to include Kamala Harris after the Democratic Convention and the Harris-Trump debate.
From June 1 through November 4, 2024, Cloudflare’s Cloud Email Security service processed over 19 million emails with “Donald Trump” or “Kamala Harris” in the subject line — 13.9 million for Trump and 5.3 million for Harris. Nearly half of these emails (49%) were sent since September. In the last 10 days of the campaign (since October 24), Harris was named in 800,000 email subject lines and Trump in 1.3 million.
Since June 1, 12% of emails mentioning Trump were marked as spam, and 1.3% were flagged as malicious or phishing. This rate has dropped since September 1, with only 3% marked as spam and 0.3% as malicious. For emails mentioning Harris, the rates were lower: 0.6% were marked as spam and 0.2% as malicious since June, increasing slightly to 1.2% spam and 0.2% malicious since September 1. Trump was mentioned more frequently in email subjects than Harris and was found in higher overall percentages of spam and malicious emails.
Conclusion: keeping track of elections
Although Cloudflare observed a notable increase in DDoS attacks on political and election-related sites, blocking billions of malicious requests, these attacks resulted in no significant disruption due to planning and proactive defenses. We share the Cybersecurity and Infrastructure Security Agency’s view that “our election infrastructure has never been more secure” and concur with their conclusion that “We have no evidence of any malicious activity that had a material impact on the security or integrity of our election infrastructure.” Keeping our elections secure and resilient is critical to the functioning of democracy, and Cloudflare is proud to have played our part.
If you want to follow more trends and insights about the Internet and elections in particular, you can check Cloudflare Radar, and more specifically our new 2024 Elections Insights report, which will be updated as elections take place throughout the year.
Meta has been fined 21.62 billion won ($15.67 million) by South Korea’s data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent.
The country’s Personal Information Protection Commission (PIPC) said Meta gathered information such as
Google’s cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security.
“We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll out to all users worldwide during 2025,” Mayank Upadhyay, vice president of engineering and distinguished engineer at
The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities.
“An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed
The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up.
Here’s how it works.
Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID. This session ID is stored in a session cookie (or a “Remember-Me cookie” as the FBI calls it) on your browser, which is typically valid for 30 days.
Every time you return to that website within the time frame, you don’t need to log in. That’s really convenient… unless someone manages to steal that cookie from your system.
If someone steals the session cookie, they can log in as you—even if you have MFA enabled.
This is particularly relevant for email handlers that have an online—webmail—component. This includes major players like Gmail, Outlook, Yahoo, and AOL.
With access to your email account, a cybercriminal can find a lot of useful information about you, such as where you bank, your account numbers, your favorite shops, and more. This information could then be used for targeted cyberattacks that mention information that’s relevant to you only, leaving you more likely to fall for them.
Cybercriminals could use your account to spread spam and phishing emails to your contacts. And perhaps most worrying of all, once an attacker is in your email account they can reset your passwords to your other accounts and login as you there too.
How do these criminals get their hands on your session cookies? There are several ways.
On very rare occasions, session cookies can be stolen by you visiting a malicious website, or via a Machine-in-the-Middle (MitM) attack where a cybercriminal can intercept traffic and steal cookies if they’re not protected by HTTPS on an unsecured network.
However, session cookies are usually stolen by malware on the your device. Modern information-stealing malware is capable of, and even focuses on, stealing session cookies as part of its activity.
How to keep your email account safe
There are a few things you can do to stay safe from the cookie thieves:
Keep your devices and the software on them up to date, so there aren’t any known vulnerabilities on them.
Decide whether you think it’s worth using the Remember me option. Is convenience worth the risk in this situation?
Delete cookies, or—even better—log out when you are done. That should also remove or invalidate the session ID from the server, so nobody can use it to log in, even if they have the session cookie.
Only visit sites with a secure connection (HTTPS) to protect your data from being intercepted during transmission.
For important accounts regularly check the log in history where you can see which devices logged in when and from where. You should be able to find this option in your account settings.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions.
“ToxicPanda’s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF),” Cleafy researchers Michele Roviello, Alessandro Strino
