blocklists Archives

AppWizard

April 28, 2026

These 3 Android Apps Can Block Ads On Your Phone

Users are increasingly seeking effective solutions to enhance their browsing experience in digital advertising, with some opting for methods beyond traditional ad-blockers, such as configuring a private DNS server to filter ads at the system level. This method can face challenges, including certain applications circumventing settings and networks blocking custom DNS configurations, which may lead to connectivity issues. DNS-based ad-blocking can disrupt app functionality or create voids where ads would typically appear. NextDNS offers customizable blocklists for ad-blocking and functions as a customizable endpoint, requiring users to set it up through Android's native DNS settings. It provides a dashboard with parental controls, tracking protection, and analytics tools, free for up to 300,000 queries per month. AdLock focuses on system-wide ad-blocking across various platforms and requires users to download the APK and subscribe for use on multiple devices, starting at .05 per month. It does not allow ads to be displayed and includes a safety check feature for potential threats. Total AdBlock, developed by Total Security Limited, offers free and premium versions, with the premium version providing full functionality, including ad-blocking on YouTube. It has a high effectiveness score on the AdBlock Tester tool and includes features like content blocking and direct support access. The curated list of ad blockers targets options that do not require root access and are cost-effective, designed to operate at the device level for Android users, as the default Chrome browser does not support extensions. Trustworthiness and reputation were key factors in the selection process, focusing on maintaining a clean browsing experience without invasive tracking mechanisms.

Winsage

April 26, 2026

I explain how to use this simple Windows 11 tool to get automatic app updates forever

Future and its syndication partners may earn a commission when users buy through links in their articles. Windows 11 users often seek efficient application management, leading to the use of the Windows Package Manager (winget). The command "winget upgrade --all" requires user initiative, while the Microsoft Store only updates Store apps. This gap led to the development of Winget-AutoUpdate (WAU), which simplifies the update process. Initially designed for users familiar with scripts, WAU now includes a graphical user interface (GUI) that makes it more accessible. The GUI allows users to toggle automatic updates, set schedules, and manage allowlists and blocklists. Users can create "excludedapps.txt" and "includedapps.txt" files for managing updates. WAU is particularly useful for those who frequently install applications via winget and want to automate updates. Once configured, WAU runs in the background, providing timely notifications without manual intervention. It is a free solution that addresses update management challenges for winget users on Windows 11, transforming manual updates into an automated process.

Winsage

April 26, 2026

“Your apps should update themselves” — Winget-AutoUpdate is the missing piece for automatic app updates on Windows 11

The Windows Package Manager (winget) traditionally requires users to manually execute commands like "winget upgrade --all" to update applications, while the Microsoft Store only provides automatic updates for Store apps. The WAU Settings GUI enhances the winget experience by introducing a graphical user interface that allows users to configure automatic updates without scripts. Users can set schedules, manage allowlists and blocklists, and receive notifications for completed updates. Winget-AutoUpdate (WAU) is designed for users who frequently install applications via winget and want a maintenance-free system, operating quietly in the background to automate updates.

Tech Optimizer

March 19, 2026

ClickFix Lures Power LeakNet’s Growing Ransomware Attack Chain

The ransomware group LeakNet has evolved its tactics, increasing its average targets from three per month and shifting from purchasing stolen network access to launching its own campaigns. They now use deceptive error screens and a new tool that executes malicious code in a computer's memory. Their strategy includes ClickFix lures, which compromise legitimate websites to display fake security checks, tricking users into executing malicious commands. This method broadens their victim reach and reduces costs. The Deno loader, part of this strategy, collects machine information and retrieves additional malicious code without leaving standard files, making detection difficult. After infiltrating a network, LeakNet checks for active user credentials and uses PsExec for lateral movement, employing Amazon S3 buckets for payload staging and data exfiltration. Defenders are advised to monitor for suspicious behavior rather than just known malicious files, focusing on unusual web commands and unexpected cloud storage connections.

AppWizard

March 17, 2026

Minecraft 26.1 Pre-Release 3

Today, the third pre-release of Minecraft: Java Edition has been released, featuring minor technical adjustments and essential bug fixes. The Data Pack version has been updated to 101.1, with the count field for Placement Modifiers now operating within a range of 0 to 4096. Bugs fixed in this pre-release include: - MC-305118: Resource packs labeled as "Broken or incompatible" now appear correctly. - MC-306240: The /fill command now adheres to the maxblockmodifications game rule. - MC-306620: Feeding a snifflet with a golden dandelion no longer resets its age incorrectly. - MC-306805: Baby zombie villagers' arm positioning has been adjusted for correct movement while holding items. - MC-306840: Dolphins no longer drown when no players are nearby. - MC-306850: Noise settings for caves and floating islands are functioning properly. - MC-306854: Discrepancies in villager trades between versions 1.21.11 and 26.1 snapshots have been clarified. - MC-306859: Clipping issues with the arms of baby zombies, baby husks, gurgles, and baby zombie villagers have been resolved. - MC-306860: Player object text components in server status messages are no longer replaced by fallback text. - MC-306898: Placed/configured features are now limited to 256 tries. - MC-306899: Inverted blocklists for the firepatch and soulfire_patch features have been fixed. The latest Pre-Releases can be installed via the Minecraft Launcher by enabling snapshots. Users are advised to back up their data as testing versions may corrupt worlds. The cross-platform server jar is also available for download.

AppWizard

January 26, 2026

Want to block ads on Android? Here’s why I use an app over Private DNS

A recent poll showed that 65% of Android users block ads using the Private DNS feature, 19% use third-party apps like Blokada, 12% do not block ads at all, and 5% employ alternative solutions. The Private DNS feature allows users to specify a DNS provider for content control but may face challenges like website accessibility issues. In contrast, ad-blocking apps like Blokada use multiple blocklists and Android's VPN service for real-time filtering, offering more customization and control over ad-blocking preferences, though they may consume battery and require manual restarts on some devices. The choice between Private DNS and ad-blocking apps depends on individual user preferences and needs.

Winsage

October 20, 2025

Simplewall is the Windows Firewall tuning tool everyone needs

A firewall acts as a barrier against threats to devices, with most operating systems including one for basic protection. The Windows Defender Firewall has a complex interface, but it features a powerful packet filtering engine. Simplewall is a standalone network filtering application built on the Windows Filtering Platform (WFP) that offers users straightforward control over network traffic. It includes a rules editor that allows users to manage applications and services, enabling them to block or allow specific traffic easily. Users can create custom rules based on protocol, ports, or IP addresses, which is particularly useful in home lab environments. Simplewall also provides an OS-level blacklist to limit Microsoft's data collection and can block known advertising and tracking IPs. It is compatible with various Windows versions, including Windows 7 and ARM64 architecture, and can filter traffic from the Windows Subsystem for Linux (WSL). Simplewall is available in a portable version, does not log telemetry data, and is open-source. However, users must manage rules carefully, as blocking critical services can lead to connectivity issues. The development of Simplewall is supported by a community that contributes to its improvement.

Tech Optimizer

September 2, 2025

New malware exploits trusted Windows drivers to get around security systems – here’s how to stay safe

The Chinese threat group Silver Fox has exploited the WatchDog Antimalware driver to disable antivirus and endpoint detection tools as part of a strategy called "Bring Your Own Vulnerable Driver." They have also targeted the Zemana Anti-Malware driver (ZAM.exe) to ensure compatibility across Windows 7, 10, and 11. Initial infection methods are speculated to involve phishing or social engineering. The attackers used infrastructure in China to host loader binaries with anti-analysis features, which included hardcoded lists of targeted security processes for termination and facilitated the deployment of ValleyRAT malware. Check Point Research noted that the exploitation of the WatchDog driver has evolved, prompting WatchDog to release an update for a local privilege escalation flaw, although concerns about arbitrary process termination persist. IT teams are advised to update blocklists, implement YARA detection rules, and monitor network traffic to mitigate risks.

Winsage

August 30, 2025

Silver Fox APT Hackers Leveraging Vulnerable driver to Attack Windows 10 and 11 Systems by Evading EDR/AV

In mid-2025, a campaign attributed to the Silver Fox Advanced Persistent Threat (APT) began exploiting a vulnerable Microsoft-signed WatchDog Antimalware driver (amsdk.sys, version 1.0.600) to compromise modern Windows environments. The attackers use the driver's arbitrary process termination capability to bypass endpoint detection and antivirus protections on fully patched Windows 10 and 11 systems. The attack starts with a loader that checks for virtual machines and sandboxes before dropping two drivers into a new directory. These drivers are registered as kernel services, and the loader ensures persistence. The campaign's logic then terminates security service processes by exploiting the driver's vulnerabilities, allowing the injection of a ValleyRAT downloader module that connects to Chinese-hosted C2 servers. After the vulnerability was disclosed, a patched driver (wamsdk.sys, version 1.1.100) was released, but Silver Fox adapted by modifying the driver's signature timestamp to evade detection while maintaining the signature's validity.

AppWizard

June 3, 2025

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Recent developments in browser technology have raised concerns about user privacy and data tracking by companies like Meta and Yandex. In response, several Android browsers are enhancing user privacy by blocking abusive JavaScript linked to web trackers. DuckDuckGo has implemented measures to block domains and IP addresses associated with trackers, preventing the transmission of identifiers to Meta and restricting access to Yandex Metrica. Following feedback, DuckDuckGo's developers updated their blacklist to include missing addresses. The Brave browser uses extensive blocklists to prevent identifier sharing and blocks requests to localhost without user consent. Vivaldi forwards identifiers to local Android ports by default but allows users to adjust settings to block trackers. Researchers warn that these solutions may not be foolproof and emphasize the ongoing challenge of maintaining effective blocklists. Chrome and most other Chromium-based browsers execute JavaScript as intended by Meta and Yandex, while Firefox has faced challenges with SDP munging and has not yet announced plans to address this behavior.