bypass Archives

Tech Optimizer

November 8, 2024

New malware SteelFox targets Windows users through fake software activators

A new malware named "SteelFox" is targeting Windows users by using counterfeit software activators to infiltrate systems, leading to cryptocurrency mining and data theft. Since February 2023, it has spread rapidly, primarily through torrent sites and online forums, masquerading as legitimate software cracks for programs like AutoCAD and Foxit PDF Editor. Upon installation, it deploys a risky driver called WinRingO.sys, exploiting vulnerabilities CVE-2021-41285 and CVE-2020-14979, which allows attackers to gain full access to the infected computer. The malware uses XMRig for crypto mining, causing performance issues and increased utility bills, while also stealing sensitive data from over 13 web browsers. Countries with high infection rates include Mexico, Brazil, Russia, China, and India. Kaspersky has blocked over 11,000 attempted attacks, but the actual number of infections may be much higher. To protect against SteelFox, users are advised to download software only from verified sources, maintain updated antivirus software, avoid pirated software, and keep systems current with security patches.

Winsage

November 7, 2024

This free tool ‘purifies’ Windows 11 and skips Microsoft account logins

A new PowerShell script called UnattendedWinstall allows Windows 11 users to bypass the mandatory Microsoft account login during setup. The script can be downloaded from the UnattendedWinstall GitHub releases page, with version 2.0.0 being the latest. It utilizes Windows' "response files" to automate tasks and modify system settings, effectively removing the login prompt. UnattendedWinstall offers several additional functionalities: - Bypasses Windows 11's system requirements. - Disables Windows Security services by default. - Turns off User Account Controls by default. - Permits execution of PowerShell scripts by default. - Removes most pre-installed bloatware applications. - Disables features like Copilot and Windows Recall. - Limits Windows Update to security updates for a year. - Optimizes the Windows registry for better performance. - Disables unnecessary scheduled tasks. - Enables the “Ultimate Performance” power plan. Users are advised to exercise caution when using the script and to test it in a virtual machine first. Reactivating Windows Security is recommended after execution. Microsoft may not endorse such tools, and their availability could be at risk if issues arise. However, the tool allows users to continue receiving security updates.

AppWizard

November 6, 2024

ToxicPanda Malware Targets Banking Apps on Android Devices

A new Android malware named "ToxicPanda" was first identified in late October 2024 and has been reclassified as a unique entity after initial classification under the TgToxic family. It poses a risk through account takeover via on-device fraud and primarily targets retail banking applications on Android devices. The malware has spread significantly in Italy, Portugal, Spain, and various Latin American regions, with over 1,500 devices reported as victims. ToxicPanda allows cybercriminals to gain remote access to infected devices, intercept one-time passwords, and bypass two-factor authentication. The threat actors are likely Chinese speakers, which is unusual for targeting European banking. The malware spreads through social engineering tactics, encouraging users to side-load the malicious app, and exploits Android’s accessibility services for elevated permissions. Cleafy’s analysis indicates that ToxicPanda's command-and-control infrastructure shows evolving operational strategies, and the malware may undergo further modifications. The challenges for security professionals are increasing as malware operators refine their tactics and expand their targets. Cleafy noted that contemporary antivirus solutions have struggled to detect ToxicPanda due to a lack of proactive, real-time detection systems.

AppWizard

November 5, 2024

Upcoming Google Play update could strengthen protection against harmful apps (APK teardown)

Google is developing a feature for its Play Store that allows users to temporarily pause Play Protect for one day instead of disabling it completely. This feature aims to enhance user safety by automatically reactivating Play Protect after the pause period and includes a warning prompt about potential scams when users attempt to pause or turn off the security feature. The feature is expected to be available to users in the near future.

Winsage

November 3, 2024

We tried Windows 11 LTSC. It comes with your classic apps, no AI or modern UI

Windows 11 LTSC version 24H2 is designed for enterprise users and does not support personal Microsoft accounts during setup. The installation process requires a work or school account, but users can bypass this by using a command prompt trick to set up a local account. The operating system is free from adware and promotional content, presenting a clean interface. It includes the new Outlook web app and retains legacy versions of some applications like Snipping Tool and Paint, which have been updated with modern features. Customization options are limited in the unactivated version, and users must download applications manually without access to the Microsoft Store. File Explorer has enhancements like tab duplication and support for various compression formats. A list of pre-installed applications includes various Microsoft Visual C++ runtimes, Microsoft Edge, Outlook, Paint, and Notepad.

Winsage

November 3, 2024

Your Windows 10 PC can’t be upgraded? You have 5 options before support ends in 2025

Windows 10 will reach its end-of-support date on October 14, 2025, after which it will no longer receive updates, including security patches. Users can choose to continue using Windows 10, buy new hardware, switch to a Linux distribution or ChromeOS Flex, pay for Extended Security Options (ESUs) from Microsoft, or attempt to upgrade incompatible hardware to Windows 11 despite potential risks. The final version of Windows 10, 22H2, will receive monthly security updates until the end-of-support date.

Winsage

November 1, 2024

This simple trick bypasses New Outlook for Windows install on your PC

Microsoft has changed its policies regarding the enablement and disablement of the New Outlook for Windows and Outlook for the web, leading to user dissatisfaction, particularly among those who prefer the Classic Outlook. A Reddit user discovered a method to bypass the installation of the New Outlook by uninstalling it, pausing its installation in the Microsoft Store, and closing the Store, creating a loop that prevents the New Outlook from appearing upon restarting the computer. However, this workaround may not be a permanent solution, as Microsoft could address it in future updates.

Winsage

November 1, 2024

Windows 10: Microsoft reveals ESU price tag for home users and a big catch

Microsoft will end support for Windows 10 in October 2025 and has announced costs for extending updates. Businesses can enroll in the Extended Security Updates (ESU) program for up to 0 per device for a three-year extension. Home users can extend support for one year at a cost of . Education license holders benefit from lower fees: for the first year, for the second, and 0 for the third, totaling 5 for three years. An alternative service, 0Patch, offers security patches for Windows 10 post-support for approximately per year, committing to support until at least 2030.

AppWizard

October 31, 2024

Android Studio getting more Gemini to help app development

Google has introduced several updates for developers, enhancing Android Studio and the Play Store. Key features in Android Studio include Gemini Code Transforms for code modification, automatic commit message generation, a tool for renaming classes and variables, a prompt library for frequently used prompts, composable preview generation, documentation assistance, unit test scenario generation, build/sync error insights, and app quality insights. These features are available in the Android Studio canary channel and will be rolled out in stable form with the upcoming Ladybug Feature Drop in late December. In the Google Play Store, a fullscreen portrait video player for app listings is being introduced, which has shown to increase total watch time by 7%, video completion rates by 9%, and conversions by 5%. Google has encouraged users to set up payment methods, resulting in a doubling of purchase-ready accounts this year, exceeding half a billion users. Biometric authentication for purchases has tripled in adoption in 2024. The introduction of Cash App eWallet will offer an additional payment option for U.S. users, and inline reminders will prompt users browsing products in games. On the security front, Google is enhancing the Play Integrity API for improved app and device verification on devices running Android 13 and above, making it more difficult for attackers to bypass security measures.

Winsage

October 31, 2024

New Microsoft Password Hack Uses Windows Themes 0-Day

Researchers from 0patch discovered a new zero-day vulnerability, CVE-2024-38030, while developing a micropatch for an existing Windows security flaw, CVE-2024-21320, which allowed attackers to extract NT Lan Manager user credentials through malicious Windows theme files. Microsoft’s patch for CVE-2024-21320 did not fully address all potential credential leakage scenarios, prompting the identification of the new vulnerability. 0patch created a more general patch for Windows theme files that covers all execution paths leading to credential leakage. Microsoft has acknowledged the new vulnerability and is working on a fix, but an official patch has not yet been released. Meanwhile, 0patch users can install a micropatch to protect their systems.