We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

administrative tools

Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code
Winsage
March 26, 2025

Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code

Russian threat actors are exploiting a zero-day vulnerability in the Microsoft Management Console (MMC), identified as CVE-2025-26633, allowing them to bypass security features and execute harmful code. The hacking group Water Gamayun, also known as EncryptHub and Larva-208, is behind this campaign, using a weaponized version of the vulnerability called “MSC EvilTwin” to deploy various malicious payloads, including information stealers and backdoors. The vulnerability affects multiple Windows versions, particularly older systems like Windows Server 2016. The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-26633 to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch affected systems by April 1, 2025. Microsoft included this vulnerability in its March 2025 Patch Tuesday update. Recommended mitigations include applying security patches, restricting network access to MMC ports, and monitoring for unusual MMC activity.
100+ run commands that can help you work efficiently on Windows
Winsage
February 18, 2025

100+ run commands that can help you work efficiently on Windows

Windows 11 and 10 provide run commands that streamline workflow by allowing quick access to various system tools, applications, settings, and diagnostic features. Administrative Tools: - compmgmt.msc: Opens Computer Management. - devmgmt.msc: Launches Device Manager. - diskmgmt.msc: Opens Disk Management. - services.msc: Manages background services. - eventvwr.msc: Opens Event Viewer. - secpol.msc: Opens Local Security Policy. - regedit: Opens Registry Editor. - taskschd.msc: Opens Task Scheduler. - gpedit.msc: Opens Group Policy Editor (Pro & Enterprise). System Diagnostics and Troubleshooting: - msinfo32: Opens System Information. - dxdiag: Launches DirectX Diagnostic Tool. - verifier: Opens Driver Verifier Manager. - resmon: Opens Resource Monitor. - perfmon: Opens Performance Monitor. - mdsched: Runs Windows Memory Diagnostic. - msdt: Opens Microsoft Support Diagnostic Tool. - dism /online /cleanup-image /restorehealth: Repairs Windows image. - sfc /scannow: Scans and repairs system files. - chkdsk: Runs Check Disk. - winver: Checks Windows version. - cleanmgr: Opens Disk Cleanup. File and Storage Management: - cleanmgr: Launches Disk Cleanup. - dfrgui: Opens Disk Defragmenter. - chkdsk: Checks and repairs disk errors. - diskpart: Opens Disk Partition utility. - onedrive: Opens OneDrive folder. - shell:AppsFolder: Opens all apps folder. - wab: Opens Windows contacts folder. - explorer: Opens File Explorer. - recent: Opens recent files and folders. - documents: Opens Documents folder. - downloads: Opens Downloads folder. - favorites: Opens Favorites folder. - pictures: Opens Pictures folder. - videos: Opens Videos folder. - %AppData%: Opens App Data folder. - debug: Accesses Debug folder. - backup: Opens backup folder. - %systemdrive%: Opens system drive. Security and Maintenance: - firewall.cpl: Opens Windows Defender Firewall. - wf.msc: Launches Firewall with advanced security. - ms-settings:windowsdefender: Opens Windows Security. - sigverif: Verifies file signatures. - verifier: Checks driver integrity. - msconfig: Opens System Configuration. - sfc /scannow: Runs system file checker. - dism /online /cleanup-image /restorehealth: Repairs Windows image. Launching Apps: - notepad: Opens Notepad. - calc: Launches Calculator. - snippingtool: Opens Snipping Tool. - mspaint: Opens Microsoft Paint. - winword: Starts Microsoft Word. - excel: Opens Microsoft Excel. - chrome: Launches Google Chrome. - msedge: Opens Microsoft Edge. - control: Opens Control Panel. - explorer: Opens File Explorer. - powerpnt: Opens Microsoft PowerPoint. - firefox: Opens Mozilla Firefox. - wmplayer: Opens Windows Media Player. - msra: Opens Windows Remote Assistance. - outlook: Opens Microsoft Outlook. Navigating Settings: - ms-settings: Opens main Settings app. - ms-settings:network: Opens network & internet settings. - ms-settings:display: Opens display settings. - ms-settings:personalization: Opens personalization settings. - ms-settings:windowsupdate: Opens Windows Update settings. - ms-settings:privacy: Opens Privacy settings. - ms-settings:bluetooth: Opens Bluetooth settings. - ms-settings:devices: Opens Devices settings. - ms-settings:system: Opens System settings. - ms-settings:accounts: Opens Accounts settings. - ms-settings:timeandlanguage: Opens Time & Language settings. - ms-settings:gaming: Opens Gaming settings. - ms-settings:region: Opens Region settings. - ms-settings:optionalfeatures: Opens Optional Features settings. - ms-settings:storage: Opens Storage settings. - ms-settings:notifications: Opens Notifications settings. - ms-settings:taskbar: Opens Taskbar settings. - ms-settings:start: Opens Start Menu settings. - ms-settings:lockscreen: Opens Lock Screen settings. Network and Connectivity: - ncpa.cpl: Opens Network Connections. - ipconfig: Displays IP configuration. - ping: Tests network connectivity. - control netconnections: Opens Network and Sharing Center. - ms-settings:network-wifi: Opens Wi-Fi settings. - ms-settings:datausage: View data usage. - ms-settings:network-vpn: Manage VPN. - ms-settings:network-proxy: Configures proxy settings. Display and Appearance: - desk.cpl: Opens Display Settings. - control color: Customizes window colors. - dpiscaling: Opens display scaling settings. - ms-settings:personalization: Opens Personalization settings. - ms-settings:themes: Changes desktop themes. - ms-settings:display-advanced: Adjusts advanced display settings. Accessibility: - magnify: Opens Magnifier. - narrator: Launches Narrator. - osk: Opens on-screen keyboard. - utilman: Opens Ease of Access Center. - ms-settings:easeofaccess-display: Opens display accessibility settings. - ms-settings:easeofaccess-cursor: Opens cursor accessibility settings. - ms-settings:easeofaccess-mouse: Opens mouse accessibility settings. - ms-settings:easeofaccess-keyboard: Opens keyboard accessibility settings. - ms-settings:easeofaccess-narrator: Opens narrator accessibility settings. - ms-settings:easeofaccess-magnifier: Opens magnifier accessibility settings. - ms-settings:easeofaccess-colorfilter: Opens color filter accessibility settings. - ms-settings:easeofaccess-highcontrast: Opens high contrast accessibility settings. - ms-settings:easeofaccess-closedcaptioning: Opens closed captioning accessibility settings. - ms-settings:easeofaccess-audio: Opens audio accessibility settings. - ms-settings:easeofaccess-eyecontrol: Opens eye control accessibility settings. - ms-settings:easeofaccess-mousepointer: Opens mouse pointer accessibility settings. Power Management: - powercfg.cpl: Opens Power Options. - ms-settings:powersleep: Adjusts power and sleep settings. - powercfg /batteryreport: Generates a battery report. - powercfg /energy: Creates an energy efficiency report. - powercfg /hibernate: Enables or disables hibernation. - powercfg /deviceenablewake: Enables a device to wake the computer. - powercfg /devicedisablewake: Disables a device from waking the computer.
Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows
Winsage
December 17, 2024

Hackers Exploit Microsoft Management Console to Drop Backdoor Payloads on Windows

The Securonix Threat Research team has identified a phishing campaign called the “FLUX#CONSOLE campaign,” which targets tax-related themes using Microsoft Common Console Document (MSC) files to deliver a backdoor payload. The attack begins with a phishing email containing a decoy PDF titled “Income-Tax-Deduction-and-Rebates202441712.pdf,” which conceals an MSC file that executes malicious payloads. The campaign employs various tactics, including tax-themed lures, exploitation of MSC files, DLL sideloading using DISM.exe, persistence through scheduled tasks, and advanced obfuscation techniques. The attack chain involves tricking users into opening a malicious MSC file disguised as a PDF, which contains XML commands to download or extract a malicious DLL named DismCore.dll. The DLL is sideloaded using Dism.exe, and the malware communicates with a Command-and-Control server at “hxxps://siasat[.]top,” exfiltrating data via encrypted HTTPS traffic. The attackers maintained access for about 24 hours, targeting victims in Pakistan. The tactics used do not align with known advanced persistent threat groups, highlighting the growing threat of MSC files as a delivery method for malware. Indicators of Compromise (IOCs) include the C2 address siasat[.]top and analyzed file hashes for the malicious files involved in the campaign.
Get Windows working the way YOU want with Super God Mode
Winsage
August 29, 2024

Get Windows working the way YOU want with Super God Mode

God Mode in Windows is a feature that consolidates administrative tools into a single interface, but it requires creating a specially named folder to access. Super God Mode, developed by YouTuber ThioJoe, is an enhanced version that uses a PowerShell script to create shortcuts to various Windows components, including CLSID-based shell folders, named special folders, task links, system settings, deep links, URL protocols, and hidden app links. It also generates CSV files with shortcut details, stores XML content from shell32.dll, and features a user-friendly GUI. The script can be executed manually or via a .Bat launcher for easier use. Instructions for downloading and running the script are provided, along with a YouTube video for further guidance.
Search