attacks Archives

Tech Optimizer

June 17, 2026

NordVPN celebrates record security scores, including 99.8% detection rate against “high-threat” malware

NordVPN has achieved the "highest possible" AAA rating from West Coast Labs for its protection suite, with a 99.8% detection rate against high-threat malware in real-world Windows 11 environments. It also secured a 96% detection rate with zero false positives in the AV-Comparatives Anti-Phishing test, making it the first VPN provider to earn a protection badge from AV-Comparatives. NordVPN has launched dedicated private VPN servers that offer dedicated hardware, a static IP address, and port forwarding for enhanced user control. Additionally, a recent survey by NordVPN involving over 20,000 participants across 20 countries revealed significant insights into global screen time habits.

BetaBeacon

June 17, 2026

Kings Do Not Fall – Coming Soon to Android on Google Play !

Players take control of King Alden in the game "Kings Do Not Fall" as he fights through six levels against monsters like goblins, orcs, and the undead. The game features classic arcade-inspired visuals, fast-paced side-scrolling combat, and the ability to unlock achievements and compete on a leaderboard.

Winsage

June 17, 2026

Windows and Linux users: The deadline to update Secure Boot keys is near

In 2012, a novel bootkit targeting Mac OS X systems emerged, infiltrating the EFI firmware. A basic bootkit for Windows 8 also appeared, compromising the UEFI bootkit. By 2013, a more sophisticated UEFI bootkit named Dreamboat was introduced for Windows. The first documented real-world UEFI attack occurred in 2018 with the malware LoJax, linked to a Kremlin-backed hacking group. In 2020, the second known UEFI malware, MosaicRegressor, was discovered, which verified the presence of a malicious file upon each reboot. New UEFI bootkits like ESpecter, FinSpy, and MoonBounce have since emerged. In response to the threat of UEFI bootkits, Microsoft collaborated with manufacturers to implement Secure Boot, a protocol that uses cryptographic signatures to ensure the integrity of firmware during startup.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

Tech Optimizer

June 17, 2026

Best antivirus software 2026: free and paid picks

Viruses and malware have become more sophisticated, with phishing emails, AI-generated scams, and deepfake videos posing significant threats. In 2025, Americans lost .9 billion to online scams, affecting even tech-savvy individuals. Built-in malware protections on devices have improved, but the need for additional antivirus software depends on individual usage and risk tolerance. Microsoft Defender, integrated into Windows 11, scored 18/18 on AV-Test and provides real-time protection against various threats. XProtect on Mac updates malware signatures but may miss newer threats, while iPhone users generally do not need antivirus software due to iOS's sandboxing. Android users face higher malware risks and should consider dedicated antivirus solutions. Paid antivirus solutions often include features like VPN services, password managers, identity theft monitoring, and multi-platform coverage, justifying their cost. Many antivirus providers offer steep discounts for the first year, followed by significant price increases upon renewal, so it's advisable to disable auto-renewal and seek new customer rates. Bitdefender Total Security is recommended for its malware detection and light system impact, while McAfee+ Premium offers unlimited device coverage for families. Norton 360 Deluxe provides a comprehensive feature bundle, and Microsoft Defender is the only recommended free antivirus, achieving a perfect score on AV-Test without intrusive ads or upsells.

Winsage

June 16, 2026

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Cybersecurity researchers have identified two new Windows variants of the SprySOCKS backdoor, named WINDRV and WINPLUS, which were previously thought to be exclusive to Linux systems. Both variants feature hard-coded command-and-control configurations and can communicate via TCP, UDP, and WebSocket protocols. They support over 30 commands for operations such as system information collection and file management. WINDRV employs kernel drivers for stealth, obscuring network connections and allowing TCP traffic diversion. SprySOCKS was first documented by Trend Micro in September 2023, linked to the Chinese state-sponsored threat actor Earth Lusca, also known as FishMonger. The Windows variants belong to version 1.8 of SprySOCKS and utilize a kernel driver named RawWNPF for enhanced stealth. The attack chain begins with an initial access method that drops a batch script, leading to the installation of the backdoor. Evidence suggests these variants may have been used in attacks against government organizations in Honduras, Taiwan, Thailand, and Pakistan between 2023 and 2024. The WINPLUS variant was first detected in July 2024 in Pakistan. There are indications of a potential UEFI bootkit involvement exploiting CVE-2023-24932, a vulnerability in the Windows Boot Manager.

Tech Optimizer

June 16, 2026

Subscription twist: Norton 360 Deluxe adds more than just antivirus

Norton 360 Deluxe is a mid-tier security subscription from Gen Digital that offers antivirus protection, a VPN, a password manager, dark web monitoring, and parental controls for up to five devices. It includes real-time threat protection, a firewall, ransomware shielding, and cloud backup of up to 50 GB for Windows users. The parental controls, known as Norton Family, allow monitoring of children's online activities. The Secure VPN encrypts internet traffic on public Wi-Fi and masks IP addresses. The package also features PC SafeCam for webcam security and a smart firewall. Norton 360 Deluxe is marketed with a promotional first-year rate, with higher renewal prices, and is available through digital subscriptions, app stores, and major retailers. The product is designed for households and individuals seeking comprehensive security solutions.

AppWizard

June 15, 2026

Soulslike Game The Relic: First Guardian Sets July 31 PC and PS5 Launch, with Xbox and Switch 2 to Follow

Publisher Perp Games and developer Project Cloud Games announced that The Relic: First Guardian will be released on July 31 for PC (Steam) and PlayStation 5, moving up from its initial 2025 release date. Ports for Xbox Series S and X, as well as Nintendo Switch 2, are expected later in the summer. An exclusive retail version for PlayStation 5 will be available on September 4. The game is set in the world of Arsiltus, where players act as a First Guardian to combat a blight. It features over 70 boss encounters, five weapon types, and twelve skill trees, allowing for personalized builds. The stamina system is designed for dodging and blocking only, freeing players to attack without resource constraints. Progression is based on collectible items called Relics, which offer over 70 passive effects that enhance combat dynamics. PC system requirements have not yet been disclosed.

Winsage

June 15, 2026

Microsoft released the Windows 11 Secure Boot update for all PCs, how to verify yours

Microsoft has expanded the rollout of the Secure Boot 2023 certificate update to more Windows 11 and Windows 10 devices with the June 2026 Patch Tuesday update (KB5094126). This update aims to ensure that most supported consumer PCs are classified as high confidence, meaning necessary certificates are either installed or will be applied automatically. Secure Boot is a firmware security feature that verifies the software attempting to load during the startup process, blocking unauthorized software. The certificates supporting Secure Boot, issued in 2011, are expiring in stages starting June 24, 2026, prompting Microsoft to deploy replacement certificates. Most home users do not need to take manual action as the updates will occur automatically via Windows Update. Users can check their Secure Boot certificate status in the Windows Security app. A yellow warning indicates pending compatibility data, while a red alert suggests a firmware incompatibility requiring a BIOS update. Multiple reboots during the update process are normal, and a new SecureBoot folder in Windows is for staging cryptographic files. Older PCs may experience longer update times, and some may not receive updates due to firmware issues. HP users should check for BIOS updates if encountering BitLocker recovery loops. IT administrators should monitor device classifications and manually initiate updates for devices not in the high confidence category. Devices with Secure Boot disabled cannot receive updates, leaving them vulnerable. The expiration of the Microsoft Corporation KEK CA 2011 certificate on June 24 does not immediately affect device functionality, but it limits Microsoft's ability to sign new bootkit blacklist updates.

Tech Optimizer

June 14, 2026

Avast Free Antivirus: classic security staple for everyday PCs

Avast Free Antivirus is a free antivirus solution for Windows PCs developed by Avast (Gen Digital). It provides essential malware protection, real-time scanning, and web safety features without requiring a paid subscription. Users in the U.S. can download it from the official Avast website and install it on compatible Windows systems. The software identifies and blocks viruses, spyware, ransomware, and other forms of malware using signature-based detection and cloud-assisted analytics. It includes features such as real-time protection, on-demand scanning, an email shield, a Wi-Fi inspector, and behavior shields. Avast Free Antivirus offers automatic updates to ensure current protection against emerging threats. It serves as a gateway product to Avast's paid tiers, which offer additional features. The software is primarily aimed at home users who need basic antivirus protection and is available for free personal use.