controls Archives

Tech Optimizer

April 3, 2025

1,500+ PostgreSQL Servers Compromised With Fileless Malware Attack

A cryptojacking campaign has targeted over 1,500 organizations by exploiting inadequately secured PostgreSQL database servers. The attackers, identified as JINX-0126, use advanced techniques including credential brute-forcing and fileless execution to deploy Monero (XMR)-mining malware. Approximately 30% of cloud-hosted PostgreSQL servers are affected due to weak or default credentials. The attackers execute commands using PostgreSQL’s COPY FROM PROGRAM function, bypassing standard detection mechanisms. They have been linked to three cryptocurrency wallets with around 550 active mining workers, generating a hashrate of 4.04 GH/s and approximately €10.40 per hour in XMR revenue. The attack begins with credential spraying against default accounts, followed by an SQL injection to fetch the payload. The malware operates in memory, modifies PostgreSQL’s configuration to maintain persistence, and creates cron jobs for reactivation. The campaign reveals significant security gaps in cloud environments, with recommendations for improved access controls and monitoring.

Winsage

April 3, 2025

Is Windows 11 Finally Better Than Windows 10 For Gaming?

Windows 11 has introduced several gaming-focused enhancements that are not present in Windows 10, including: - DirectStorage: Optimized for Windows 11, this technology allows games to load data directly from an NVMe SSD to the GPU, reducing load times. - Auto HDR: Enhances older games by automatically applying high dynamic range lighting effects for users with HDR-capable monitors. - Improved Scheduling for Hybrid CPUs: Offers better task scheduling for Intel's 12th or 13th generation CPUs, resulting in smoother frame rates during CPU-intensive gaming sessions. Benchmark tests show minimal performance differences between Windows 10 and Windows 11, with slight FPS improvements in some titles on Windows 11, especially when using advanced hardware and DirectStorage. As of March 2025, over 55% of Windows users on Steam have transitioned to Windows 11, indicating growing confidence in the operating system among gamers. Windows 11 has addressed many early bugs and driver issues, providing robust stability on compatible systems. Windows 11 has stricter hardware requirements than Windows 10, including the need for TPM 2.0 and UEFI secure boot. Windows 10 remains supported until October 2025, making it a viable option for users with older hardware. Windows 11 features a redesigned interface with a centered Start Menu and Taskbar, rounded corners, and expanded personalization options. It also simplifies the update process with annual feature updates and smaller, faster security updates. Windows 11 enhances integration with Microsoft services, supports Android apps through the Amazon Appstore, and introduces productivity tools like Snap Layouts and improved Task View. Security improvements include mandatory TPM 2.0, enhanced Windows Defender, and a redesigned privacy dashboard for better user control over app permissions. Despite its advancements, Windows 11 has limitations such as ongoing stability issues, driver compatibility concerns, and a simplified taskbar that lacks certain functionalities from Windows 10. Windows 11 is available as a free upgrade for eligible Windows 10 devices through Windows Update.

Winsage

April 3, 2025

Windows 8 tiles were ahead of their time — The Xbox handheld could be the perfect place for a similar interface

Microsoft plans to launch its next-generation Xbox hardware, including an Xbox handheld device, in 2027. The handheld is expected to be more integrated with Windows, potentially using a design similar to the "Metro" interface from Windows Phone and Windows 8. This new approach aims to streamline game development by aligning Xbox consoles more closely with Windows, allowing for easier porting of PC games. The design of the handheld is still in development, with a focus on comfort and functionality, and it will need to compete with other devices like the Nintendo Switch and Steam Deck. The operating system will play a crucial role in user experience, with a simpler interface being a priority to enhance accessibility for gamers.

Winsage

April 1, 2025

First signs of dedicated Xbox interface for Windows 11 PCs spotted in latest preview

Microsoft is enhancing Windows 11 to better support gaming handhelds by developing a dedicated interface for gamepad controls. Recent Windows 11 preview builds have revealed references to a "full screen experience" that users may set as their default home experience upon startup. Specific phrases such as "Boot into the Full screen experience at device startup" suggest users will have options for multiple game-focused interfaces. Microsoft is also rumored to be collaborating with ASUS on a gaming handheld called Project Kennan, which will be the first Windows-powered handheld under the Xbox ecosystem. An official announcement regarding this new Xbox ecosystem is anticipated, with the ASUS handheld expected to launch later this year.

AppWizard

April 1, 2025

The Last of Us Part II Remastered Coming to PC On April 3, 2025

“The Last of Us Part II Remastered” will be released on PC on April 3, 2025, available on Steam and the Epic Games Store. This marks the first time Windows users can access the game, which previously received over 300 Game of the Year awards on PlayStation. The remastered edition includes enhancements such as improved graphics, performance, and new content, including a roguelike mode called “No Return.” Pre-orders are currently available. The PC version will support customizable graphics settings, ultrawide monitor support, and full DualSense controller features. New playable characters Bill and Marlene will be introduced in the “No Return” mode, alongside a Guitar Free Play mode and restored cut content. The game will require a minimum of an Intel Core i3-8100 or AMD Ryzen 3 1300x processor and 16GB RAM.

Tech Optimizer

March 31, 2025

Fileless XMRig-C3 Cryptominer Targets PostgreSQL Servers

Wiz Threat Research has reported a new variant of a malicious campaign targeting misconfigured and publicly exposed PostgreSQL servers, attributed to the threat actor JINX-0126. This actor exploits vulnerable PostgreSQL instances with weak login credentials to gain unauthorized access and deploy XMRig-C3 cryptominers. The campaign has evolved to include advanced evasion techniques, such as using unique hashes for binaries and executing payloads in a fileless manner to avoid detection. The analysis indicates that the threat actor assigns unique mining workers to each victim, with three distinct wallets identified, suggesting over 1,500 affected victims. Nearly 90% of cloud environments host PostgreSQL instances, with about one-third publicly exposed. The threat actor scans for poorly configured services, exploiting default weak credentials to gain access and execute malicious payloads. Upon successful login, the actor performs reconnaissance and executes a dropper script to deploy an obfuscated Golang binary, which contains an encrypted configuration with critical system information. The malware establishes persistence by creating cron jobs and modifying access controls. The actor also creates high-privilege roles for continued access and weakens the default admin user. The analysis identified three wallets associated with the campaign, with each wallet having around 550 workers. The Wiz Dynamic Scanner can identify exposed PostgreSQL services, while the Wiz Runtime Sensor detects malicious activities associated with this threat. The report includes specific wallet addresses, a file hosting service, and file hashes related to the malware. Techniques used by the malware align with various MITRE ATT&CK® techniques, including credential access, defense evasion, and resource hijacking.

AppWizard

March 31, 2025

ONLY WAY IS DOWN [PC Game Review]

ONLY WAY IS DOWN is a platforming game developed and published by Jilted Generation Productions, available on Steam. Players control a cat that must navigate down from a construction site, facing various challenges along the way. The game features nine lives for the cat and allows customization of its appearance, including coat color and accessories. Gameplay encourages careful movement with mechanics that can slow down the cat's actions. There are multiple levels with different pathways and a hint button to assist players. The game includes various difficulty modes, enhancing replayability. Visuals are paired with a soothing piano soundtrack, though some sound effects may be jarring. Players may experience display issues on the Steam Deck, which are expected to be fixed in future updates.

BetaBeacon

March 30, 2025

Prince of Persia: The Lost Crown Coming to Mobile Devices on April 14

Prince of Persia: The Lost Crown is set to debut on Android and iOS devices on April 14. Players take on the role of Sargon, a warrior on a mission to rescue Prince Ghassan. The game features fast-paced combat, parkour moves, and puzzles, with time-manipulating abilities. Developed by Ubisoft Da Nang, the game runs at 60 frames per second and offers touch screen or external controller options. The mobile version includes features like auto-potion, auto-parry, and slow time options, as well as accessibility features that won an award. Pre-registration is now open on the iOS App Store and Google Play Store.

Winsage

March 29, 2025

Hackers Bypass Windows Defender Security—What You Need To Know

Elite red team hackers have revealed a significant vulnerability in the Windows ecosystem, specifically a method to bypass Windows Defender Application Control (WDAC), which is designed to restrict application execution to trusted software. Bobby Cooke from IBM X-Force Red confirmed that the Microsoft Teams application was successfully targeted to bypass WDAC, allowing the execution of a Command and Control payload. The techniques used included utilizing "Living Off The Land Binaries" (LOLBINS), side-loading a trusted application with an untrusted dynamic linked library, exploiting a custom exclusion rule from a client WDAC policy, and discovering a new execution chain within a trusted application. Microsoft acknowledged awareness of the WDAC bypass report and stated they would take action as needed to protect customers.

Winsage

March 29, 2025

How to restore a more classic Start menu to Windows 11

The Open-Shell-Menu utility allows users to restore the classic Start menu in Windows 11, reminiscent of Windows 7. It is lightweight and free to use, but may trigger browser warnings during installation. To install, users can run the command winget install --id Open-Shell.Open-Shell-Menu in an elevated Command Prompt. After installation, users can configure the Start menu by accessing Open-Shell Menu Settings, where they can choose from different styles, including Classic, Classic with two columns, and Windows 7 style. Users can also customize the Start button and select a skin, with the Windows Aero option recommended for a cohesive desktop experience. The utility includes features for modifying the Start menu items and reintroduces the classic bar for File Explorer. Users can disable the Classic Explorer Bar if desired.