caution Archives

AppWizard

March 9, 2025

Google Confirms Play Store App Deletion—Check Your Phone Now

A report has revealed an extensive ad fraud scheme called "Vapor," which has infiltrated the Google Play Store with over 180 malicious applications that garnered more than 56 million downloads before being removed by Google. These apps, which mimic legitimate applications, primarily target categories like flashlight utilities, QR code readers, and horoscope generators. They initially appear functional but later remove legitimate features in updates, replacing them with intrusive advertisements that hijack the device's interface. Some vapor apps achieved over one million downloads, aided by app install schemes that inflated their rankings. Google has committed to removing violating apps and provides Google Play Protect to safeguard users. Users are advised to be cautious and avoid installing low-value applications to mitigate risks.

Winsage

March 9, 2025

8 Windows 11 features that should never have been added

Windows 11 features a centered Start menu, which can be reverted to the left through Settings. The taskbar search box can be disabled in Settings if not needed. The Widgets board can be toggled off to prevent it from opening unintentionally. The taskbar's position is restricted to center or left, and third-party applications like Start11 can provide more flexibility. Users can manage overwhelming desktop notifications in Settings and minimize the presence of Microsoft’s Copilot. The right-click context menu requires an extra click for more options, and users can explore Registry edits to restore the traditional menu. Changing default applications for file types is cumbersome, requiring individual adjustments for each type. Many features in Windows 11 may feel unnecessary and can be modified or disabled through system settings.

Winsage

March 9, 2025

Threat Actors Leverage YouTubers to Attack Windows Systems Via SilentCryptoMiner

Security researchers have identified a malware campaign targeting YouTubers to spread SilentCryptoMiner malware disguised as tools to bypass restrictions. Over 2,000 victims in Russia have been reported, with the actual number likely higher. The malware exploits Windows Packet Divert drivers, with over 2.4 million detections in the past six months. Threat actors issue copyright strikes to compel YouTubers to promote infected files, manipulating their reputations. One YouTuber with 60,000 subscribers linked to a malicious archive that was downloaded over 40,000 times. The infection starts with an archive containing a modified script that executes a malicious executable via PowerShell. If security software removes the file, users are prompted to disable their antivirus. The malware's infection chain is multi-staged, using a Python-crafted loader to retrieve payloads from specific domains. It employs anti-VM techniques, modifies defender exclusions, and stealthily mines cryptocurrencies while pausing during certain program activities. Security experts warn against using restriction bypass tools due to their association with malware distribution.

Tech Optimizer

March 8, 2025

How to Disable Antivirus on Your Computer

Antivirus software scans files for threats like viruses and malware and is generally recommended to be kept running continuously. However, it may need to be temporarily disabled in certain situations, such as to free up system resources, install a program that is being blocked, avoid false flags from the antivirus, or address privacy concerns. To disable antivirus on Windows 11, users can access Microsoft Defender through system settings and disable options like Real-time Protection and Tamper Protection. They may also need to disable the firewall if a download is blocked. On MacOS, the antivirus protection includes Gatekeeper, which cannot be disabled, and users can partially disable X-Protect but not Notarization. Before disabling antivirus, users should close non-essential programs, ensure they only download trusted files, and promptly re-enable the antivirus after completing necessary tasks. Disabling antivirus exposes the computer to potential malware threats, so caution is advised.

Tech Optimizer

March 8, 2025

Why You Should Use a PostgreSQL GUI Instead of the Command Line

PostgreSQL is a robust and reliable open-source database system. A graphical user interface (GUI) offers several benefits over the command line, including: - Easier navigation through databases without memorizing commands. - Better organization of data in structured views like tables or charts. - Simplified query creation with user-friendly editors that include syntax highlighting and suggestions. - Time-saving tools that streamline tasks with built-in shortcuts. - Visual feedback displaying query results in sortable and filterable tables. - Learning support for newcomers with tooltips and example queries. - Fewer errors by monitoring user input and flagging issues before execution. - Enhanced collaboration features for teams, including shared connections and real-time updates. - Customization options allowing users to modify layouts and save queries to fit their workflows.

Winsage

March 6, 2025

Cybercriminals Exploit YouTubers to Spread SilentCryptoMiner on Windows Systems

A malware campaign has emerged, exploiting the popularity of Windows Packet Divert drivers. The SilentCryptoMiner malware, disguised as legitimate tools, has affected over 2,000 victims in Russia. Cybercriminals manipulate YouTubers to share malicious links, with one YouTuber having 60,000 subscribers attracting over 400,000 views on infected videos. Compromised files were hosted on gitrok[.]com, with over 40,000 downloads. Attackers issue copyright strikes to content creators, threatening channel shutdowns to propagate malware. The infection begins with a modified script that executes an executable via PowerShell, using a Python-crafted loader to fetch the payload. SilentCryptoMiner, based on XMRig, mines various cryptocurrencies stealthily, employing techniques to evade detection and dynamically adjust its behavior. This campaign highlights the evolving tactics of cybercriminals, leveraging demand for bypass tools to distribute malware. Users are advised to be cautious when downloading tools from untrusted sources.

AppWizard

March 6, 2025

‘GTA 5’: How To Keep Your Progress And Transfer Your Save To The Enhanced Edition

Players of Grand Theft Auto 5 on PC can now access the GTA 5 Enhanced update, which includes graphical enhancements such as ray-traced reflections, improved load times for SSD users, ambient occlusion, global illumination, enhanced framerate scalability, and support for Nvidia DLSS and AMD FSR. The save transfer process allows players to transfer saves only between the Legacy PC version and the Enhanced version, requiring a Rockstar Social Club account. Accounts with bans or suspensions, or those with insufficient progress on the Legacy version, are ineligible for transfers. Players can upload their single-player save by launching the Legacy version, pausing the game, and selecting "Upload Save Game." To download the save in the Enhanced version, players must launch the Enhanced game, navigate to the Game tab, and select "Download Save Game." Transferring online progress is simpler; players just need to start GTA: Online in the Enhanced version and select their character to migrate progress. The Enhanced version is treated as a separate game, preventing players from joining friends who have not upgraded.

Tech Optimizer

March 5, 2025

Cybercriminals are distributing a miner disguised as a restriction-bypassing toolCybercriminals are distributing a miner disguised as a restriction-bypassing tool

In recent months, the use of Windows Packet Divert drivers in Russia has surged, nearly doubling between August 2023 and January 2024, primarily for tools that bypass access restrictions to foreign resources. Cybercriminals are exploiting this trend by distributing malware disguised as these tools, with some bloggers unknowingly promoting such malicious programs. An investigation revealed that a YouTube channel with 60,000 subscribers posted videos on bypassing restrictions, linking to a malicious archive that had been downloaded over 40,000 times. The malware, a variant of SilentCryptoMiner, is designed to mine cryptocurrencies while evading detection. Users are advised to ensure their devices have trusted protection, avoid obscure downloads, and be cautious of even reputable bloggers who may inadvertently share malware.

TrendTechie

March 4, 2025

Из Final Fantasy 16 убрали Denuvo — игра скоро появится на торрентах

Square Enix has removed the Denuvo anti-piracy protection from Final Fantasy 16 with a recent patch, reducing the game's executable file size by 253 megabytes. This change may lead to the emergence of pirated versions on torrent sites, prompting players to avoid downloading from unverified sources. Final Fantasy 16, launched on PlayStation 5 in 2023, has received over 20,000 reviews on Steam, with 79% positive feedback, and is scheduled for a PC release in 2024.

Winsage

March 4, 2025

CISA Alerts on Active Exploitation of Cisco Small Business Router Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert about a command injection vulnerability (CVE-2023-20118) affecting Cisco Small Business RV Series Routers, which are end-of-life. This vulnerability, rated 6.5 on the CVSSv3.1 scale, allows authenticated attackers to execute arbitrary commands with root privileges. The affected models include RV016, RV042, RV042G, RV082, RV320, and RV325, running firmware versions released before April 2023. Cisco will not provide patches for these devices. CISA mandates that federal agencies either implement mitigations or stop using the routers by March 24, 2025. Private organizations are also encouraged to address the issue, especially due to exploitation attempts linked to the PolarEdge botnet campaign. Administrators are advised to restrict administrative access, monitor logs for unusual activity, and consider decommissioning affected devices. The continued use of unpatched routers poses significant risks to critical infrastructure, particularly in small business and remote work environments.