confidentiality Archives

AppWizard

April 27, 2026

Signal isn’t broken — so how are hackers targeting the world’s ‘most secure’ chat app?

On April 26, hackers allegedly linked to Russian groups targeted the Signal messaging app with phishing attacks aimed at senior politicians. These attacks did not compromise Signal's end-to-end encryption; rather, they deceived users into providing access to their accounts through fake messages. Signal is operated by the non-profit Signal Foundation, founded in 2012 by Moxie Marlinspike with funding from Brian Acton, a co-founder of WhatsApp. Signal distinguishes itself by rendering metadata invisible to its operators, unlike WhatsApp, which shares user data with its parent company. Signal's president, Meredith Whittaker, advocates for data privacy.

Tech Optimizer

April 20, 2026

Databricks Postgres Gets Customer Key Control

Databricks has introduced customer-managed keys (CMK) for its Lakehouse Postgres offering, allowing users to control their data encryption and utilize their own Key Management Service (KMS) from major cloud providers like AWS KMS, Azure Key Vault, or Google Cloud KMS. The Lakehouse Postgres architecture features a hierarchical envelope encryption model with three tiers: the customer-managed root key (CMK), a Key Encryption Key (KEK) used by Databricks' Key Manager Service, and unique Data Encryption Keys (DEKs) for each data segment. If a CMK is revoked, access to the data is denied, and active compute instances are terminated, serving as a failsafe for high-compliance workloads. The implementation allows for granular control over key management and supports seamless key rotation without data re-encryption or downtime. All cryptographic operations are logged within the customer's cloud audit services, available to Databricks Enterprise tier customers.

AppWizard

April 14, 2026

If you ever need truly private photos on Android, this is the camera app to use

Smartphone manufacturers have focused on improving megapixels and zoom capabilities in camera technology while neglecting user security features. Major camera apps from companies like Google and Samsung lack immediate methods to protect sensitive information at the point of capture. A recent poll indicated that 71% of respondents believe privacy-focused features are necessary in camera apps. SnapSafe is an application designed to enhance privacy by operating without internet permissions, allowing for encrypted image capture, editing, and storage. Users must set a PIN to secure the app, and it includes features like a "Poison Pill" for deleting images with a secondary PIN, decoy photographs for security, and automatic face obfuscation. Despite some shortcomings, such as delays in image capture and limited image management features, SnapSafe is recognized as a leading private camera app for Android, highlighting the demand for privacy-centric technology in photography.

AppWizard

March 30, 2026

A programmer with terminal brain cancer was caught in Epic’s mass layoff, but CEO Tim Sweeney says the studio ‘will solve the insurance for them’

Mike Prinke, a technical writer at Epic Games with seven years of service, was among the 1,000 employees laid off while undergoing treatment for terminal brain cancer. His wife, Jenni Griffin, shared their situation on Facebook, seeking assistance as losing his job also meant losing health insurance. Epic Games announced that affected employees would receive paid healthcare coverage for six months. Griffin noted that Prinke's health issues were known within the studio, as he attended appointments for treatments crucial for his cognitive abilities. Epic CEO Tim Sweeney stated that the company is in contact with Prinke's family to resolve their insurance issues and acknowledged the oversight in recognizing the severity of his situation before the layoffs.

AppWizard

March 27, 2026

Guardian source messaging tech bringing in ‘much higher quality’ of tips

The Guardian's secure messaging technology, launched in June, has significantly improved the quality of tips from sources, utilizing advanced encryption techniques to ensure confidentiality. The app allows messages to vanish after 14 days and is designed to protect sources' anonymity better than many other encrypted services. It has been recognized as a finalist for a major award and has led to a notable increase in story tips, particularly from the U.S. and Australia, despite its primary user base being in the UK and Europe. The app operates independently of The Guardian's paywall, enabling non-paying users to submit tips freely. The platform encourages contributions from users who may have felt intimidated by other secure methods. The technology enhances communication quality and allows sources to provide context to existing stories. As of September, the app has one million daily active users, with features that obscure genuine communications among automated messages, contributing to source protection. The Guardian has invested in guiding sources on crafting effective tips and has made the secure messaging technology open source for other newsrooms to adopt, aiming to improve source protection across the industry. Collaborations with organizations like The Signals Network and the University of Cambridge are ongoing to gather feedback and enhance the technology further.

Winsage

March 17, 2026

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft is implementing a two-phase initiative to disable the hands-free deployment feature in Windows Deployment Services (WDS) due to a critical remote code execution vulnerability (CVE-2026-0386) identified on January 13, 2026. This vulnerability arises from improper access control related to the Unattend.xml file, which is transmitted over an unauthenticated RPC channel, allowing attackers on the same network segment to exploit it. Successful exploitation could grant SYSTEM-level privileges and compromise OS deployment images. The initiative includes: - Phase 1 (January 13, 2026): The hands-free deployment feature will remain operational but can be disabled. New Event Log alerts and registry key controls will be introduced to enforce secure practices. - Phase 2 (April 2026): The hands-free deployment feature will be completely disabled by default for administrators who have not modified registry settings. Administrators can temporarily re-enable the feature by setting AllowHandsFreeFunctionality = 1, but this is not secure. Recommendations include reviewing WDS configurations, applying security updates, setting registry keys for secure behavior, monitoring Event Viewer for alerts, and considering alternative deployment methods. Microsoft’s KB article 5074952 provides further guidance for impacted organizations.

Tech Optimizer

March 16, 2026

How to Avoid Getting Scammed Online in 2026

The Qantas data breach highlights vulnerabilities in online information security. Regularly changing passwords every few months is recommended, and tools like Bitdefender’s Password Manager can help manage complex passwords. Users should be cautious of suspicious links and attachments, as hackers often use phishing tactics. Implementing two-factor authentication (2FA) adds an extra layer of security to accounts. Keeping devices updated is crucial for protecting against vulnerabilities. Investing in reliable antivirus software, such as Bitdefender Antivirus Plus or Bitdefender Ultimate Security, is essential for safeguarding personal data. Staying informed about cybersecurity measures is important to prevent data breaches.

AppWizard

March 14, 2026

Instagram says your chat privacy is going away, as its encryption vanishes soon

Instagram's end-to-end encryption (E2EE) for direct messages will be removed on May 8, 2026, resulting in decreased privacy for user chats. The platform is also enhancing protections for younger users by implementing advanced AI to manage Teen Accounts, which will have restrictions on unsolicited contacts and curated content.

AppWizard

March 13, 2026

FBI Investigating After Malware Found Lurking in Steam PC Games

The FBI is investigating malware hidden in several video games on the Steam platform, targeting users from May 2024 to January 2026. The investigation includes games like BlockBlasters, Chemia, Dashverse, DashFPS, Lampy, Lunara, PirateFi, and Tokenova, with some previously removed from Steam for malicious content. Steam had over 132 million monthly active users and more than 117,000 games in 2025. The FBI is reaching out to affected gamers, ensuring victim confidentiality and potential eligibility for services under federal and state law. This incident is part of a broader trend of malware targeting gamers, with previous cases involving fan games and cheat software affecting millions of accounts.

AppWizard

March 5, 2026

Fortnite Insider Who Leaked Kingdom Hearts, Minecraft, And More Is Being Sued By Epic

AdiraFNInfo, known for leaking information about games like Game of Thrones and Sonic the Hedgehog, has disappeared from online platforms, leading to speculation that Epic Games has taken action against them. Epic Games has confirmed that it has initiated legal proceedings against AdiraFNInfo, a former contractor.