Public WiFi Warning Issued For All iPhone And Android Users
There's no subject guaranteed to rile cybersecurity experts more than public WiFi security — not even the mythological horrors of juice jacking. Any suggestion users should beware connecting to one of the tens of millions of airport, hotel, mall and coffee shop hotspots will always spawn a tirade of sarcastic posts on social media.
But sometimes the threat is real. Your devices can become 'serious liabilities,' the security team at Zimperium has just warned, 'especially during travel, when vigilance is low, free public-WiFi are everywhere, and attackers know exactly how to strike.'
Let's be very clear. Public WiFi is broadly fine. As long as the network is real, you are using encrypted apps or websites, and you don't download any software or overshare any information with the captive portal that pops up asking you to connect.
The FTC says as much: 'Because of the widespread use of encryption, connecting through a public Wi-Fi network is usually safe.'
But even government advice is divisive on this subject, and TSA has a different message: 'Don't use free public WiFi, especially if you're planning to make any online purchases. Do not ever enter any sensitive info while using unsecure WiFi.'
Zimperium says there have been 'over 5 Million Public Unsecured Global Wi-Fi networks found since beginning of 2025, with 33% of users connecting to public unsecured networks.' And that 'during travel, these risks multiply.'
Its warning is aimed at enterprises whose employees will be taking summer vacations with devices that connect to corporate email and other IT systems. 'Airports, hotels, ride-share hubs, and cafés all offer rich hunting grounds for attackers.'
Public WiFi warning.
Zimperium says 'employees, often multitasking or in a hurry, are far more likely to click, install, or connect without thinking twice.' The researchers list four types of attack that users should beware, even as they continue to connect on the go:
Attacks are especially prevalent overseas, but Zimperium also warns that 'major U.S. cities like Los Angeles, New York, Portland, Miami, and Seattle are seeing increased mobile malware activity—particularly during peak travel months.'
Staying safe is fairly straightforward — follow these five golden rules:
You should also avoid installing apps from outside official stores and ensure your OS is up-to-date with the latest security patches. If you're running one of the billion phones with an OS no longer eligible for these updates, you should go get an upgrade.
'Whether you're heading to Southeast Asia or a European business hub,' Zimperium says, 'mobile malware doesn't discriminate by location—but it thrives on opportunity. And summer travel creates plenty of it.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Vogue
an hour ago
- Vogue
The Best Hotels in London for Your Next English Adventure
Fifty-seven Whitehall in London's Westminster has had a long and storied history, having played host to Tudor royalty, the locus of the military brainpower behind Britain's victories in the two World Wars, and even as the stomping ground of Ian Fleming, providing ample inspiration for his Bond novels. This September, however, the storied address entered a new era as Raffles London at The OWO (short for 'Old War Office'). The hotel's opening followed a six-year renovation, overseen by the late French architect Thierry Despont, resulting in 120 guest rooms across seven floors, 2.5 miles of corridors, and a 65-foot subterranean pool alongside a Guerlain Spa. Here, oak doors have brass push plates adorned with the royal cipher of Edward VII, and the 13 decorative fireplaces were salvaged from other London landmarks. The wide hallways—designed to accommodate couriers ferrying confidential MI5 and MI6 correspondence—have too been preserved. And the hotel has also kept its discreet entrance off of Whitehall Court, marked by EVIIR (Edward VII) insignia—perfect for spies, or perhaps, today, a privacy-seeking celebrity. —E.T. Photo: Nick Rochowski As far as location goes, One Aldwych is hard to beat. Not only is it a few minutes walk to London hotspots like the Covent Garden Piazza, Trafalgar Square, and an endless number of West End theaters, it's also a hop, skip, and a jump from the Thames pathway and the vast array of cultural attractions along the South Bank. Yet once you're happily ensconced in one of its 105 rooms and suites overlooking the likes of Waterloo Bridge and the London Eye, you'll feel a world away from the clamor of the city. Luxuriously-appointed rooms feature crisp Frette sheets and sleek, minimal interiors that further foster the feeling you're in your very own tranquil haven, while the hotel's Indigo restaurant—with its convivial atmosphere and seasonal menu of inventive British classics—is esteemed enough to attract locals alongside One Aldwych guests. Bonus points too for the health club and indoor pool located in the basement, meaning you can get a few laps in before a long day of walking to see all the nearby sights—or retreat to the sauna to decompress on your return. —L.H. When you buy something through our retail links, we may earn an affiliate commission.
Associated Press
an hour ago
- Associated Press
CREST introduces a staged pathway for advancement to globally-recognised CREST cybersecurity accreditation
UNITED KINGDOM, July 23, 2025 / / -- The CREST Pathway and Pathway+ options make cybersecurity accreditation accessible to all organisations that aspire to provide cyber security services at the highest levels of quality but would benefit from additional resources and guidance to reach their goal. International cybersecurity not-for-profit, CREST, has expanded its application process with the introduction of the Pathway and Pathway+ stages. Designed for organisations building toward full accreditation through the ongoing development of capability, processes, and alignment with accreditation expectations, the two stages will help companies to advance against internationally recognised standards and begin their journey to reach full CREST accreditation. The CREST Pathway welcomes an organisation into the CREST ecosystem, where participants benefit from resources to help them reach full accreditation and access to CREST communities that will help keep them abreast of new cybersecurity developments and threats. Pathway+ organisations will further benefit from a toolset that enables them to self-assess against CREST's accreditation standards to identify their areas of strength and development needs. This stage may also unlock opportunities for mentoring from CREST members and access to government funded development programmes in selected countries. Organisations begin their Pathway journey by sharing essential company details and committing to the CREST Code of Conduct. For Pathway+, they must also self-assess against organisational standards and a CREST cybersecurity service area. By expanding options to include organisations at earlier stages of development and alignment with standards, CREST advances its mission to build capacity and capability across the cybersecurity industry. It also promotes consistency, transparency, and trust in the delivery of cyber services globally. Through a structured framework, Pathway and Pathway+ organisations are supported in progressing their cybersecurity services, aiming for full CREST accreditation within two years of Pathway+ recognition and within four years for those starting at Pathway. CREST accreditation serves as a recognised trustmark for buyers of cybersecurity services, offering assurance that accredited organisations meet rigorous, independently verified standards. Full accreditation and membership involve an in-depth review of an organisation's service delivery, security practices, workforce competence, and overall governance. Engaging with a CREST-accredited provider offers confidence that services are delivered consistently, securely, and by professionals with up-to-date training and skills. This is especially valuable in disciplines such as penetration testing, threat intelligence, red teaming, security operations centres, and incident response and exercising, where alignment to CREST standards promotes consistent and repeatable services enabling meaningful year-on-year comparisons. Jonathan Armstrong, Head of Product at CREST said: 'The importance of working with a trusted and capable cybersecurity service provider cannot be overstated. With millions of pounds at risk, whether through regulatory fines, extortion, business disruption, or lost revenue, cybersecurity is simply too critical to be left to chance with inconsistent or unrecognised vendors. 'CREST provides assurance and elevates professionalism in the cybersecurity sector. Buyers can be confident when buying services from a CREST member company that they are being supported by a company which has been assessed against the most stringent standards available globally in their areas of technical competence. Pathway and Pathway+ are the latest additions to our framework, designed specifically for organisations that are committed to accreditation but may not yet meet the full criteria, or are actively working to demonstrate their readiness.' 'These programmes offer a structured pathway for progression, enabling organisations to showcase their commitment to high standards while developing the capabilities needed for full CREST accreditation. In doing so, they gain access to tools and guidance that enhance service quality, accelerate their journey toward membership, and contribute to our shared mission of building trust and strengthening the global cybersecurity ecosystem.' To learn more and begin the application process for Pathway or Pathway+, click here. Editor's notes About CREST CREST is an international, not-for-profit membership body representing the global cybersecurity industry. Since 2006, CREST has led the cybersecurity community in raising professional and organisational standards across the sector. By accrediting cybersecurity service providers and certifying individual professionals through rigorous, industry-leading examinations, CREST provides confidence to buyers, governments, and regulators alike. CREST has accredited nearly 500 member companies which operate globally, and have been independently assessed against demanding technical, process, and governance criteria. In addition to company accreditations, we certify thousands of professionals worldwide, putting them through their paces in industry-leading examinations. JENNIFER MORRIS Morris Tate Ltd +44 7866 361936 email us here Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Yahoo
an hour ago
- Yahoo
SentinelOne (S) Partners with Abstract to Boost AI-Powered Threat Detection
SentinelOne, Inc. (NYSE:S) is one of the top AI stocks with huge upside potential. On July 17, the company announced a strategic partnership with Abstract Security to integrate its Singularity™ Platform with Abstract's real-time data pipeline, aimed at transforming cybersecurity operations. This collaboration enhances threat detection, reduces alert noise, and streamlines operations using AI-driven analytics, while offering no-code integration and scalable migration for organizations looking to modernize their security stack. Den Rise/ By enabling data filtering before ingestion, the joint solution cuts storage and processing costs while improving detection accuracy. Abstract's standardized feeds ensure high-quality data inputs for SentinelOne's AI models, positioning the company more competitively in the SIEM market and helping enterprises shift away from outdated infrastructure with greater confidence and security agility. SentinelOne, Inc. (NYSE:S) is a global cybersecurity company that provides AI-powered solutions to detect, prevent, and respond to cyber threats across endpoints, cloud environments, and identity systems. Its flagship Singularity Platform delivers autonomous protection and includes features like Purple AI, a generative AI security agent, along with tools for SIEM, vulnerability management, and threat intelligence. While we acknowledge the potential of S as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: 10 Best Chemical Stocks to Buy According to Billionaires and 7 Most Undervalued Pot Stocks To Buy According To Analysts. Disclosure: None. This article is originally published at Insider Monkey. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
