archive Archives

Tech Optimizer

July 5, 2025

Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware

Cybercriminals are using legitimate software installer frameworks like Inno Setup to distribute malware, taking advantage of its trusted appearance and scripting capabilities. A recent campaign demonstrated how a malicious Inno Setup installer can deliver information-stealing malware, such as RedLine Stealer, through a multi-stage infection process. This process includes evasion techniques like detecting debuggers and sandbox environments, using XOR encryption to obscure strings, and conducting WMI queries to identify malware analysis tools. The installer retrieves a payload from a command-and-control server via a TinyURL link and creates a scheduled task for persistence. The payload employs DLL sideloading to load HijackLoader, which ultimately injects RedLine Stealer into a legitimate process to steal sensitive information. RedLine Stealer uses obfuscation techniques and disables security features in browsers to avoid detection. The Splunk Threat Research Team has developed detection methods focusing on indicators such as unsigned DLL sideloading and suspicious browser behaviors. Indicators of Compromise (IOC): - Malicious Inno Setup Loader Hash 1: 0d5311014c66423261d1069fda108dab33673bd68d697e22adb096db05d851b7 - Malicious Inno Setup Loader Hash 2: 0ee63776197a80de42e164314cea55453aa24d8eabca0b481f778eba7215c160 - Malicious Inno Setup Loader Hash 3: 12876f134bde914fe87b7abb8e6b0727b2ffe9e9334797b7dcbaa1c1ac612ed6 - Malicious Inno Setup Loader Hash 4: 8f55ad8c8dec23576097595d2789c9d53c92a6575e5e53bfbc51699d52d0d30a

Winsage

July 2, 2025

When Microsoft finally pulls the plug on Windows 10 its successor will be four years old, and for three of those, it was never the OS of choice amongst Steam users

Valve's hardware survey data shows that Windows 10 remains the dominant operating system among PC gamers, with a slow decline expected despite Microsoft's upcoming support cessation. Windows 11 has not surpassed 60% in any Steam survey sample, and its growth has been stagnant. Windows 7 currently holds a mere 0.1% share, and projections suggest it could take about 82 months for Windows 10 to reach that level if trends continue. Linux's share has increased from around 1% to over 2.5% in three years, while Windows 11's growth has only seen a 3.7x increase during the same period. The survey indicates that the launch of the Steam Deck has had a limited impact on Linux adoption.

AppWizard

June 30, 2025

Android users getting a Gmail upgrade so useful we wonder why it’s never happened before

Google is exploring a new feature for Gmail on Android that allows users to "mark as read" directly from notifications. This feature is currently being rolled out to a select group of users and is not universally available. Traditionally, Gmail notifications offered options to "delete" or "reply" to emails. Users can also mark emails as read using swipe gestures within the app, which can be customized in the Settings menu. Default swipe actions include Archive, Delete, Mark as read/unread, Move to, Snooze, and None.

AppWizard

June 27, 2025

How to Change the Language in Specific Apps on Android

To change the language on an app on Android, follow these steps: 1. Open the Settings app on your device. 2. Scroll down and select System. 3. Select Languages & input. 4. Select App Languages. 5. Choose the specific app you want to change the language for, click on it, and select the desired language. Additionally, Android offers a Google Play Auto Archiving feature that allows you to free up storage space while preserving user data and settings.

AppWizard

June 26, 2025

Newzoo: Top 20 PC/Console Games of May 2025 by Revenue and MAU

In May, three new titles entered the revenue rankings: Elden Ring Nightreign (4th place), DOOM: The Dark Ages (9th), and FANTASY LIFE i: The Girl Who Steals Time (20th). Elden Ring Nightreign sold over 3.5 million copies across six markets. Clair Obscur: Expedition 33 returned to the top 10, while Destiny 2 jumped 30 positions to 11th place due to pre-orders for its expansion. On PlayStation, F1 25 debuted at 15th place, and on Xbox, RoadCraft entered at 18th. Clair Obscur: Expedition 33 was not listed on Xbox due to Game Pass availability. On PC, Helldivers II returned to the top 20 at 19th place after an update. For Nintendo Switch, FANTASY LIFE i: The Girl Who Steals Time was the only newcomer, with ten Nintendo titles remaining in the top 20. In MAU rankings, DOOM: The Dark Ages reached 16th place, and Elden Ring Nightreign appeared in the top 20 on PC. Star Wars: Battlefront II re-entered the top 20 due to promotional discounts, and Helldivers II climbed to 14th place in MAU rankings.

Winsage

June 24, 2025

Microsoft will start removing legacy drivers from Windows Update

Microsoft is shifting its approach to driver management in Windows to improve the quality and security of drivers available through Windows Update. The initiative will phase out legacy drivers and focus on providing only fresh, tested, and compatible drivers. Expired drivers will no longer be available through Windows Update, streamlining the user experience and enhancing system integrity. Manufacturers and developers can republish expired drivers with justification. After an initial cleanup targeting legacy drivers, Microsoft will allow a six-month period for feedback before permanently removing drivers. This process will continue with subsequent batches of drivers. Concerns have been raised about the impact on users of older devices and the potential loss of a valuable resource for reliable drivers.

BetaBeacon

June 23, 2025

Wikipedia introduces a daily quiz game for Android users

Wikipedia has introduced a new history quiz game called Which Came First? on its official Android app.

Winsage

June 20, 2025

Microsoft Axes Old Drivers, Sparks Compatibility Debate

Microsoft is removing outdated drivers from Windows Update to enhance system reliability and reduce security vulnerabilities. This initiative may disrupt users who rely on legacy hardware, as many older devices lack updated driver support from manufacturers. IT administrators face challenges in finding alternative drivers or workarounds for critical systems, as not all hardware vendors provide timely updates. The move reflects a broader trend of prioritizing security and efficiency over backward compatibility, raising concerns about the implications for users with integrated legacy systems. Critics suggest that Microsoft should offer clearer guidance and transitional support for affected users.

Winsage

June 20, 2025

Microsoft readies new Windows 11 feature drop for next month — here’s what’s coming, and when

Microsoft is set to release a new update for Windows 11 on July 8, coinciding with Patch Tuesday updates. Key enhancements include: - Taskbar improvements with dynamically resizing icons and a wider indicator pill for open applications. - A visual preview feature for sharing links and web content, along with adjustable image compression levels. - A new PC-to-PC migration experience for transferring files and settings during new device setup. - Performance enhancements in File Explorer for extracting archive files. - The Screen Curtain feature in Narrator for enhanced privacy by blacking out the screen while content is read aloud. - An improved Narrator experience with guided prompts for discovering features. - Voice access now supports navigation and dictation in Simplified and Traditional Chinese and allows adding custom words to the dictionary. - Tailored enterprise-focused settings for IT-managed PCs. - Region settings will display the selected country or region during device setup. These features are currently in testing through the Windows Insider Release Preview Channel, with general availability expected on July 8. Users who opt for early updates may experience some features as a non-security preview update in late June.

Winsage

June 18, 2025

XDSpy Threat Actors Leverages Windows LNKs Zero-Day Vulnerability to Attack Windows System Users

A cyber espionage campaign attributed to the XDSpy threat actor has been discovered, exploiting a zero-day vulnerability in Windows shortcut files identified as “ZDI-CAN-25373.” This vulnerability allows attackers to conceal executed commands within specially crafted shortcut files. XDSpy has primarily targeted government entities in Eastern Europe and Russia since its activities became known in 2020. Researchers from HarfangLab found malicious LNK files exploiting this vulnerability in mid-March, revealing issues with how Windows parses LNK files. The infection begins with a ZIP archive containing a malicious LNK file, which triggers a complex Windows shell command to execute malicious components while displaying a decoy document. This command extracts and executes a first-stage malware called “ETDownloader,” which establishes persistence and downloads a second-stage payload known as “XDigo.” The XDigo implant, written in Go, collects sensitive information and employs encryption for data exfiltration. This campaign represents an evolution in XDSpy's tactics, combining zero-day exploitation with advanced multi-stage payloads.