commands Archives

Winsage

June 5, 2025

5 Windows terminal tricks I use to improve my productivity

Windows Terminal is a productivity tool in Windows 11 that allows users to manage multiple profiles, such as Windows PowerShell and Linux distributions, within the same window. Users can rename and recolor tabs for easier navigation. The Command Palette, activated by Ctrl+Shift+P, provides a searchable interface for commands, simplifying execution without needing to memorize shortcuts. Focus mode hides the title bar and tabs for distraction-free use and can be set as the default launch option. The split pane feature enables users to display multiple profiles simultaneously, enhancing multitasking. Quake mode keeps the terminal visible at the top of the screen, minimizing distractions and allowing easy access to other applications.

Tech Optimizer

June 4, 2025

Migrate Google Cloud SQL for PostgreSQL to Amazon RDS and Amazon Aurora using pglogical

PostgreSQL is a popular open-source relational database used by enterprise developers and startups, enabling rapid prototyping and supporting mission-critical applications. Amazon RDS for PostgreSQL and Amazon Aurora PostgreSQL-Compatible Edition facilitate easy setup, operation, and scaling of PostgreSQL deployments in the AWS Cloud, automating administrative tasks like software installation, storage management, and backups. The pglogical extension, compatible with PostgreSQL versions 9.4 and higher, allows for asynchronous replication and is supported on RDS for PostgreSQL and Aurora PostgreSQL from version 12. It uses a publisher/subscriber model for logical streaming replication. To migrate a PostgreSQL database from Google Cloud SQL to RDS for PostgreSQL or Aurora PostgreSQL, users must configure the primary database in Cloud SQL, create a PostgreSQL user with replication privileges, enable logical replication parameters, and create the pglogical extension. The RDS instance also requires a special user for replication, enabling logical replication parameters and creating the pglogical extension. Known limitations of pglogical include the inability to replicate primary key changes directly, the need to manually transfer extensions, and the lack of support for materialized views and large objects. Workarounds involve using surrogate keys for primary keys, manually creating extensions, and converting large objects to bytea columns or storing them in Amazon S3. DDL statements are not automatically replicated, but can be queued using the pglogical.replicate_ddl_command function.

AppWizard

June 4, 2025

Meta Pixel halts Android localhost tracking after disclosure

Security researchers have found that Meta and Yandex used native Android applications to access localhost ports, allowing them to link web browsing data with user identities and bypass privacy protections. Following these findings, Meta stopped its data transmission to localhost and removed much of the tracking code to comply with Google Play policies. A report from researchers at IMDEA Networks, Radboud University, and KU Leuven detailed how apps like Facebook and Instagram collected web cookie data via the loopback interface. This method allowed the companies to associate browsing sessions with user identities, undermining privacy measures. Meta's tracking process involved the Meta Pixel script, which transmitted cookies to native apps through various protocols. Meta began using this technique in September 2024 but ceased these practices by June 3rd, 2025. Yandex's localhost tracking dates back to 2017, and while they did not respond to inquiries, browser vendors have implemented mitigations against these practices. Proposed solutions include a new permission for local network access to prevent such tracking in the future.

Tech Optimizer

June 3, 2025

Misspell one word and you’re infected: New malware campaign fools developers on both Windows and Linux

Cybersecurity experts have highlighted the risks of typosquatting, where developers accidentally download malicious packages due to typographical errors. A report from Checkmarx reveals that attackers exploit this trust by creating counterfeit packages that can grant unauthorized access to systems. Malicious packages have been found in the Python Package Index (PyPI) and can enable remote control, posing serious threats to system integrity. Attackers employ a cross-platform strategy, mixing names from different programming environments to target unsuspecting users. On Windows, malware can create scheduled tasks and disable antivirus protections, while on Linux, certain packages facilitate encrypted reverse shells for data exfiltration. Although the malicious packages have been removed, the threat remains, prompting developers to verify package sources and spellings. Checkmarx recommends organizations conduct audits of deployed packages and scrutinize application code to enhance security.

AppWizard

June 2, 2025

So You’re Thinking About Starting a Minecraft Server… Here’s Why You Should

In Minecraft, sharing the experience with friends enhances gameplay, making dedicated servers, like those from Apex Hosting, valuable for multiplayer interactions. Players are increasingly interested in creating their own servers for collaborative play and customization. Hosting a server allows players to set their own rules, choose between public or private access, and introduce various mods and plugins for enhanced gameplay. With a personal server, the world remains accessible even when the host is offline, enabling continuous play and regular backups. Building a community takes time, but it can lead to shared experiences and memorable interactions. Apex Hosting offers an easy setup process and support for players looking to create their ideal Minecraft server.

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

Tech Optimizer

June 2, 2025

Postgres Pro OpenTelemetry сollector

Alexey has developed the pgpro-otel-collector, an OpenTelemetry collector by PostgresPro, designed to gather metrics and logs from PostgreSQL databases. It collects PostgreSQL metrics using an internal metrics library, OS-level metrics such as CPU and memory usage, and PostgreSQL logs in CSV and JSON formats. The collector includes internal processors for batch processing and supports exporting to OTLP-compatible backends like Elasticsearch and Prometheus. Installation is straightforward, requiring configuration of the Postgres connection and data destination. The collector can gather a range of PostgreSQL statistics and supports advanced features like CFS and pg_wait_sampling. Future enhancements include support for additional system views, integration with Shardman and BiHA, collection of custom query-based metrics, and a Grafana dashboard. Alexey's background includes experience with various monitoring tools and a focus on PostgreSQL, leading to the creation of this collector.

Winsage

June 2, 2025

Microsoft ships emergency patch to fix Windows 11 installation issues

Microsoft has addressed a significant issue affecting certain Windows 11 systems after the installation of the KB5058405 security update from May 2025. Users reported encountering 0xc0000098 recovery errors linked to ACPI.sys, indicating that the operating system could not be loaded. This problem primarily affects Windows 11 versions 22H2 and 23H2 in enterprise settings, particularly among Azure Virtual Machines, Azure Virtual Desktop, and on-premises virtual machines hosted on platforms like Citrix or Hyper-V. Microsoft has released the KB5062170 non-security out-of-band update to resolve the installation and boot problems, which can be manually installed from the Microsoft Update Catalog. For Azure customers facing difficulties after implementing the May 2025 update, Microsoft recommends using Azure Virtual Machine repair commands as a temporary workaround. Users of Windows Home or Pro editions in home environments are unlikely to encounter these issues.

Winsage

May 31, 2025

New Malware Compromise Microsoft Windows Without PE Header

A new strain of malware has been operating undetected on Windows systems for several weeks, utilizing advanced evasion techniques that corrupt its Portable Executable (PE) headers to avoid detection. Security researchers discovered this malware embedded in the memory of a compromised system during an investigation, using a 33GB memory dump that revealed its presence in a dllhost.exe process with process ID 8200. The malware, classified as a Remote Access Trojan (RAT) by Fortinet, employs batch scripts and PowerShell commands for its attack and has capabilities for screenshot capture, remote server functionality, and system service manipulation. Its command and control infrastructure uses encrypted communications, complicating detection efforts. The malware's distinctive feature is the deliberate corruption of DOS and PE headers, which hinders reverse engineering and complicates the reconstruction of the executable from memory dumps. Researchers had to manually locate the malware’s entry point and resolve complex import tables for it to function in a controlled environment.

Winsage

May 31, 2025

Microsoft Debuts Windows Update Orchestration Platform For Updating All Apps From A Single Place

Microsoft has introduced the Windows Update Orchestration Platform, which aims to centralize the management of line-of-business (LOB) and third-party applications through a single interface, enhancing the app update process for developers and users. Currently in private preview, the platform invites developers to explore its features, which include eco-efficient scheduling, consistent notifications, centralized update history, and unified troubleshooting tools. Developers can integrate their applications using Windows Runtime APIs and PowerShell commands to manage various aspects such as registration and update definitions. The initiative addresses challenges like CPU and bandwidth spikes, conflicting notifications, and increased support costs faced by users and IT administrators.