Android apps and games that are free for a short time include Evertale, Defense Zone 3 Ultra HD, Sphaze, Last Plant on Earth, Rooftop Snipers, Dino Rush, and Out There Chronicles - Ep. 2.
McAfee+ Premium is a security suite that includes a highly accurate antivirus system for unlimited devices, a comprehensive VPN, a password manager, and data breach monitoring for sensitive information. It features a scam detector in mobile apps, privacy tools for social media settings, and online account cleanup. In malware tests, it blocked 88% of threats but performed less effectively than competitors in ransomware simulations. The VPN offers unlimited access but has connectivity issues and slow connection times. True Key, the password manager, lacks advanced features. The Online Account Cleanup tool works only with specific email providers, while the Personal Data Cleanup feature identifies data broker information without direct removal assistance. The Social Privacy Manager provides privacy recommendations for social media accounts, and dark web monitoring tracks personal data but lacks actionable insights. Additional features include a basic firewall, file shredder, and tracker remover. Overall, McAfee+ Premium excels in antivirus and dark web monitoring but may not match competitors in other areas.
Cybersecurity experts have identified a new variant of the Octo Android malware, named Octo 2, which targets Android users by disguising itself as trusted applications like Google Chrome. This malware is designed for fraudulent activities, specifically targeting bank accounts and sensitive information. Discovered by the Amsterdam-based firm ThreatFabric, Octo 2 is spreading across Europe and features advanced mechanisms that make it harder to detect. Its capabilities include remotely locking and muting the device's screen, launching applications without user consent, sending malware-laden messages to contacts, and intercepting SMS messages to capture verification codes, posing a significant risk for unauthorized access to secure accounts.
McAfee Total Protection Essential offers antivirus and browsing protection for up to five devices, includes a password manager, and provides comprehensive data breach monitoring for email addresses, phone numbers, credit cards, and bank accounts. It features a scam detector in its mobile app and provides a full and unlimited VPN service. In malware tests, McAfee achieved an 88% success rate, which is lower than competitors like Avira, Avast, and Bitdefender. The Safe Connect VPN has decent coverage across 48 countries but sometimes struggles with connection issues and slower speeds compared to competitors. True Key, McAfee's password manager, allows secure storage of logins but lacks advanced features. The dark web monitoring feature can track up to ten email addresses and phone numbers, surpassing many competitors. The advanced firewall primarily monitors outgoing connections and relies on the Windows Firewall for incoming threats. The File Shredder securely deletes documents, but occasionally fails, and the Tracker Remover deletes cookies and browser history but lacks configurability and speed.
Android users are advised to uninstall two applications, Wuta Camera and Max Browser, which have been found to contain a new variant of Necro malware. These apps have over 11 million downloads combined and can install harmful payloads, including adware, tools for subscription fraud, and mechanisms for routing malicious traffic. Wuta Camera has over 10 million downloads, while Max Browser has 1 million. Google has removed Max Browser from its platform, but Wuta Camera is still available after a recent update that eliminated the malware. Users are encouraged to delete these apps and consider using antivirus software to check for infections.
The Permanent Account Number (PAN) card is issued by the Income Tax Department and records all financial transactions of individuals, trusts, or organizations. It is essential for activities such as opening bank accounts, filing tax returns, investing, and applying for loans or credit cards. The application process for a PAN card can be completed online through the NSDL (Prot) or UTIITSL portals.
To apply online, one must visit the official website, select the option for New PAN, choose PAN Card Form 49A, fill out the required details, and pay the processing fee. A unique 15-digit receipt number is generated upon payment. Applicants can either e-sign the application using Aadhaar OTP or send the completed form and documents to the NSDL or UTIITSL office within 15 days. The PAN number is verified, and upon successful validation, the PAN card is dispatched within approximately 15 days.
Required documents include:
**Identity Proof (any one):**
- Government-issued identity card (Aadhaar, Driving License, Voter ID, etc.)
- Arms license
- Pensioner card with photograph
- Photo identity card from Central/State Government or Public Sector Undertaking
- Central Government Health Scheme card or Ex-Servicemen Contributory Health Scheme photo card
- Original bank certificate on bank letterhead with photograph and account number.
**Address Proof (any one):**
- Utility bills (Electricity, landline, broadband)
- Postpaid mobile phone bill
- Water bill
- LPG or Piped Gas Connection Bill
- Bank account statement
- Credit Card Details
- Deposit Account Details
- Post Office Account Passbook
- Passport
- Voter ID Card
- Driving License
- Property Registration Documents
- Residence certificate from the Government of India
- Aadhaar card
- Original employer certificate from a reputable corporation.
**Birth Certificate (any one):**
- Birth certificate from municipal authority or authorized body
- Matriculation certificate
- Pension Payment Order
- Passport
- Marriage certificate from marriage registrar
- Driving License
- Residence certificate from the Government of India
- Affidavit before the Magistrate stating the date of birth.
SafeBreach's Hacker’s Playbook highlights emerging threats identified by SafeBreach Labs, allowing customers to run simulations against advanced threats.
1. Windows Downdate Attacks: Downgrade attacks can revert updated software to older versions, exploiting patched vulnerabilities. Research by Alon Leviev revealed a tool, Windows Downdate, that can commandeer the Windows Update process for undetectable downgrades. Two CVEs were issued: CVE-2024-21302 and CVE-2024-38202.
2. Quick Share Vulnerability Exploit: Research identified ten vulnerabilities in Google’s Quick Share, which could lead to remote code execution attacks. Two CVEs were issued: CVE-2024-38271 and CVE-2024-38272. Vulnerabilities include unauthorized file write and denial of service.
3. SafeBreach Coverage: SafeBreach has included attacks related to these vulnerabilities in its Hacker’s Playbook, such as Windows Downdate attacks and Quick Share download file accept bypass attacks.
4. Additional Threats: Coverage was added for threats like MagicRAT, Hesperbot Trojan, and Timitator Trojan, each with specific attack vectors documented.
5. Ransomware Assessment: SafeBreach offers a complimentary ransomware assessment, RansomwareRx, which includes training, assessment, attack simulation, and a custom report.
Tencent is expanding its Venture Lab initiative to support emerging game developers by providing resources in investment, publishing, marketing, and consulting. The program currently has a team of about 20 professionals dedicated to guiding new talent. Juno Shin, head of Venture Lab, noted that many early-stage studios face common pitfalls due to a lack of managerial experience among founders. The initiative aims to help reduce risks and increase the success rate of new game developers.
Researchers at Cleafy have identified a new strain of Android malware called BingoMod, classified as a remote access trojan (RAT), which can siphon funds from users' bank accounts. BingoMod uses "smishing" to trick users into downloading it by masquerading as a legitimate antivirus application, specifically imitating AVG Antivirus & Security. Once installed, it prompts users to activate Accessibility Services, granting the malware extensive permissions to infiltrate devices. BingoMod captures login credentials, takes screenshots, and intercepts text messages, enabling on-device fraud (ODF) and unauthorized transactions. It can also disable existing security applications and uninstall them, increasing its operational effectiveness. The malware can spread further via text messages and is actively being developed to evade antivirus detection, with indications that its creator may be based in Romania. Users are advised to avoid links from unknown sources and to download applications only from reputable platforms like the Google Play Store, where Play Protect can detect and block BingoMod.
The author installed over ten pieces of malware on their machine within half an hour and anticipates adding more software. They discovered a puzzle game called Malware, which is disguised as a cybersecurity challenge, and involves avoiding malware installations while navigating installation wizards. The game features a narrative about time pirates draining bank accounts, and the author has incurred a fictional debt of 0,000 in the game, which can be recovered in chunks of by avoiding malware. The game is priced at .40 (£2) on Steam and evokes nostalgia for early online gaming experiences.
