archive Archives

AppWizard

April 29, 2025

How to archive Facebook messages on Android

To archive a conversation in the Facebook Messenger app, scroll through your chat list to find the specific chat, press and hold on it to bring up a menu, and select the "Archive" option. This moves the conversation to an archived folder, helping to organize your inbox while keeping messages accessible.

AppWizard

April 29, 2025

‘A Minecraft Movie’ Stays on Top as ‘Sinners’ Holds Strong and ‘Star Wars: Revenge of the Sith’ Reissue Blasts into Third at U.K. and Ireland Box Office

Warner Bros.’ “A Minecraft Movie” has topped the U.K. and Ireland box office for the fourth consecutive weekend, earning £2.4 million and a total of £10.7 million. “Sinners” secured second place with £1.2 million, totaling £3.6 million. The reissue of “Star Wars: Episode III – Revenge Of The Sith” earned £0.3 million. “The Accountant 2” debuted in fourth place with £0.2 million. “Pink Floyd at Pompeii – MCMLXXII” grossed £5,671, landing in fifth place. “Until Dawn” debuted in sixth with £2,776. “The Penguin Lessons” added £1,334 for a total of £0.9 million. Disney’s “The Amateur” earned £7,707, totaling £1.1 million. “Thudarum” debuted in ninth place with £4,346. A24’s “Warfare” generated £6,516, totaling £0.1 million. Upcoming releases include Disney’s “Thunderbolts” on May 1 and “Parthenope” on May 2.

AppWizard

April 27, 2025

I miss old PopCap like you miss old BioWare

From 2000 to 2010, PopCap Games dominated the casual gaming market, influencing the design of many subsequent mobile games. The studio's notable titles included Peggle Extreme, featured in Valve's The Orange Box, and Gyromancer, a collaboration with Square Enix. PopCap's games often drew inspiration from earlier concepts, such as Zuma from Puzz Loop and Bejeweled from the Russian game Shariki. After being acquired by Electronic Arts, PopCap shifted towards mobile and free-to-play models, leading to the decline of its original PC titles. Despite this change, the spirit of PopCap's creativity persists in the indie gaming scene, with games like Donut County and Peglin reflecting its innovative approach. Bookworm Adventures remains accessible through the Internet Archive, contributing to PopCap's lasting legacy.

AppWizard

April 25, 2025

Fallout creator laments the loss of the game’s earliest development materials: ‘I had that in digital form and was ordered to destroy it’

Tim Cain, the creator of the original Fallout, shared insights on his YouTube channel about his career and the game's origins, including the purposes of the Vaults and the game's setting in 2161. He recounted a past incident with publisher Interplay, where he was compelled to destroy a collection of early Fallout materials, including design notes and game builds, to avoid legal conflict. Cain highlighted the industry's failure in game preservation, noting that when he left Fallout, he was instructed to destroy his entire archive. A study indicated that about 87% of all games created are now unplayable without piracy or archival visits, underscoring the challenges in preserving both games and development materials.

Winsage

April 25, 2025

My favorite File Explorer replacement just got better

Files has released an update to version 3.9.7, enhancing its functionality and introducing new customization features. Key improvements include a revamped Release Notes dialog that opens automatically after updates, customizable file size units, automatic encoding detection for ZIP file extraction, and UTF-8 encoding as the default for creating ZIP archives. The app is recognized for introducing features ahead of Windows File Explorer, such as tabs and unique functionalities like diverse view modes, sorting options, and tagging capabilities.

AppWizard

April 24, 2025

Trojanized Alpine Quest app geolocates Russian soldiers

Russian soldiers are facing a digital threat from a modified Android application, Alpine Quest, which has been tampered with to track their locations and extract sensitive information. The malware, known as Android.Spy.1292.origin, was embedded in an older version of the app and distributed as a free upgrade to Alpine Quest Pro via a fraudulent Telegram channel. Once installed, the trojan collects various types of information, including geolocation, downloaded files, phone numbers, and app versions, and can download additional modules to exfiltrate specific files. Additionally, researchers at Kaspersky discovered a backdoor hidden in counterfeit software updates for ViPNet, a secure networking suite. The malware, disguised as msinfo32.exe, connects to a command-and-control server to steal files and deploy more malicious components. On the Ukrainian side, Russian operatives are conducting a phishing campaign targeting Ukrainian officials and allies, using social engineering tactics to hijack Microsoft 365 accounts. Attackers contact victims via messaging apps, invite them to video calls, and trick them into providing OAuth codes, granting access to their accounts.

Winsage

April 19, 2025

Windows vulnerability with NTLM hash abuse exploited for phishing

A vulnerability in Windows, identified as CVE-2025-24054, is being exploited in phishing campaigns targeting government and private organizations. Initially considered low-risk, it was addressed in Microsoft's March 2025 Patch Tuesday updates. Following the release of these patches, Check Point observed a rise in exploitation attempts, particularly linked to the Russian group APT28. Attackers sent phishing emails with Dropbox links containing .library-ms files, which, when accessed, connected to an external SMB server controlled by the attackers, allowing interception of NTLM hashes. A subsequent wave of attacks involved .library-ms files sent as direct attachments, requiring minimal user interaction to exploit the vulnerability. The malicious ZIP archive also contained files exploiting older NTLM vulnerabilities. Check Point identified the attackers' SMB servers with specific IP addresses. Despite being classified as medium-severity, the vulnerability's potential impact is significant, prompting organizations to apply the March 2025 updates and consider disabling NTLM authentication if not essential.

Winsage

April 17, 2025

Windows NTLM hash leak flaw exploited in phishing attacks on governments

A vulnerability in Windows, identified as CVE-2025-24054, is being actively exploited in phishing campaigns targeting government and private sectors. Initially addressed in Microsoft's March 2025 Patch Tuesday, it was not considered actively exploited at that time. Researchers from Check Point reported increased exploitation activities shortly after the patches were released, particularly between March 20 and 25, 2025. Some attacks were linked to the Russian state-sponsored group APT28, but definitive attribution is lacking. The vulnerability allows attackers to capture NTLM hashes through phishing emails containing manipulated .library-ms files that trigger the flaw when interacted with. Check Point noted that subsequent attacks involved .library-ms files sent directly, requiring minimal user interaction to exploit. The malicious files also included additional components that exploit older vulnerabilities related to NTLM hash leaks. The attacker-controlled SMB servers were traced to specific IP addresses. Although rated as medium severity, the potential for authentication bypass and privilege escalation makes it a significant concern, prompting recommendations for organizations to install updates and disable NTLM authentication if not necessary.

Winsage

April 17, 2025

Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems

Cybercriminals are exploiting a vulnerability in Windows systems known as CVE-2025-24054, which involves NTLM hash disclosure through spoofing techniques. This flaw allows attackers to leak NTLM hashes, leading to privilege escalation and lateral movement within networks. It is triggered when a user extracts a ZIP archive containing a malicious .library-ms file, causing Windows Explorer to initiate SMB authentication requests that expose NTLMv2-SSP hashes. Exploitation of this vulnerability began shortly after a security patch was released on March 11, 2025, with campaigns targeting government and private institutions in Poland and Romania. These campaigns utilized spear-phishing emails containing malicious ZIP archives, which, when interacted with, leaked NTLM hashes. The malicious files included various types designed to initiate SMB connections to attacker-controlled servers, allowing for pass-the-hash attacks and privilege escalation. The stolen hashes were sent to servers in several countries, indicating potential links to state-sponsored groups. One campaign involved Dropbox links that exploited the vulnerability upon user interaction. Microsoft has recommended immediate patching, enhancing network defenses, user education, network segmentation, and regular security audits to mitigate risks associated with this vulnerability.

Winsage

April 17, 2025

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054 is a vulnerability that allows attackers to capture NTLMv2-SSP hashes from a victim's machine during authentication requests to an attacker-controlled SMB server. Active exploitation of this vulnerability has been observed since March 19, 2025, targeting government and private sectors in Poland and Romania. The attacks involve phishing emails that lead victims to download an archive file containing exploits designed to leak NTLMv2-SSP hashes. Microsoft has released patches for this vulnerability, but users on older, unsupported versions may need to consider micropatching.