costs Archives

AppWizard

August 12, 2025

Remedy revenue up 63.5% despite Firebreak underperforming

Remedy Entertainment reported a 63.5% increase in revenue for the second quarter, totaling €16.9 million, due to increased game sales, royalties, and reduced development costs. The CEO, Tero Virtala, noted that the new title FBC: Firebreak contributed significantly to this growth, supported by minimum guarantees from Microsoft and PlayStation. However, the game has not met expectations on the Steam platform, with most players engaging on PlayStation and Xbox. Remedy is committed to improving the game based on player feedback and has started rolling out patches for ongoing development.

AppWizard

August 12, 2025

Android on trial

Google has approached the Supreme Court regarding an antitrust case that could significantly impact India's digital economy, particularly concerning its dominance over the Android operating system and the requirement for app developers to use Google's payment systems, which can impose commissions of 15-30%. The Competition Commission of India (CCI) found Google to be a dominant entity, concluding that its practices constituted abuse of power, resulting in a penalty of ₹936 crores. Google appealed this decision, leading to a reduced penalty of ₹217 crores from the National Company Law Appellate Tribunal (NCLAT), which did not classify Google as a "gatekeeper." Google has since filed additional appeals with the Supreme Court, which is set to hear the case in November. A study on Indian farmers revealed that extreme heat, with temperatures exceeding 43°C, significantly impacts their livelihoods, leading to increased food insecurity and undernutrition. While average calorie consumption remained stable, the incidence of "strong undernutrition" rose, affecting approximately 3 million individuals. The study found that extreme heat forces families to seek non-farm employment and adapt their food sources, often leading to a decline in job retention and increased vulnerability due to limited access to credit. The findings suggest that climate change is exacerbating challenges in Indian agriculture, necessitating policy interventions to enhance resilience and support affected households. India's cabinet approved a one-time ₹300 billion payout to state-run fuel retailers to compensate for losses from selling subsidized LPG. Tata Motors reported a 63% year-on-year drop in Q1 consolidated profit, while Nayara faced scrutiny over Russian oil imports. The Supreme Court upheld a ruling classifying telecom towers as movable property, providing tax relief for telecom companies. Tesla India signed a nine-year lease for a showroom in Delhi, marking its expansion into the Indian market.

Winsage

August 12, 2025

Web Account Manager: The Foundational Enabler of Single Sign-On for Windows Applications within the Microsoft Identity Ecosystem

Organizations are adopting cloud-first strategies for digital identity management, particularly using Microsoft identity providers and implementing Zero Trust Architecture. Microsoft's Web Account Manager (WAM), introduced with Windows 10, is central to this transformation, enabling secure access and single sign-on (SSO) across applications like Microsoft 365 Copilot, Office 365, Teams, and OneDrive. WAM addresses fragmentation issues associated with traditional authentication methods by centralizing identity management and token handling, thus enhancing security and user experience. WAM mitigates fragmentation challenges by simplifying protocol integration, managing token lifecycle, and reducing operational overhead. It provides seamless SSO for end-users, simplifies integration for developers, and supports compliance and security for organizations. WAM features two primary APIs for token acquisition: GetTokenSilently and RequestToken, which facilitate secure token requests based on device states and application needs. Future enhancements will focus on improving token protection strategies.

Winsage

August 11, 2025

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks

Security researchers have identified a "zero-click" denial-of-service (DoS) exploit that can covertly turn Microsoft Windows Domain Controllers (DCs) into a global botnet. DDoS attacks increased by 56% year-over-year in late 2024, with Cloudflare blocking an attack that peaked at 7.3 Tbps in 2025. The average minute of downtime from these attacks costs businesses approximately ,000, with incidents for small and midsize firms exceeding 0,000. The exploit, known as Win-DDoS, leverages the Lightweight Directory Access Protocol (LDAP) client in Windows, allowing DCs to automatically target victim servers through LDAP referrals without user interaction. This results in thousands of DCs inadvertently overwhelming a target with TCP traffic. Four vulnerabilities (CVEs) related to this exploit were disclosed to Microsoft in March 2025 and addressed in subsequent patch releases in June and July 2025. These vulnerabilities include: - CVE-2025-32724: LSASS (LDAP client) - None needed, causes memory exhaustion/DC crash, patched June 2025. - CVE-2025-26673: NetLogon (RPC) - None needed, causes TorpeDoS memory crash, patched May 2025. - CVE-2025-49716: NetLogon (RPC) - None needed, causes Stateless RPC DoS, patched July 2025. - CVE-2025-49722: Print Spooler (RPC) - Authenticated user needed, causes any Windows endpoint crash, patched July 2025. The vulnerabilities indicate significant architectural flaws in the LDAP client’s referral logic and RPC interfaces. SafeBreach advises administrators to apply patches promptly and limit DC exposure to the Internet. The emergence of Win-DDoS marks a shift in attack strategies, utilizing legitimate servers for amplification without leaving malware traces, complicating detection and response efforts. Enterprises are urged to enhance their threat models and implement DoS hardening measures.

AppWizard

August 11, 2025

New Free Steam Game Is One of the Best of 2025 So Far

A new free game, Summer in Mara, is being offered through Fanatical for 48 hours, expiring on August 13, contingent on stock availability. It is a cozy farming adventure developed by Chibig, originally released in 2020, and has received over 1,300 user reviews with a 76% approval rating. This is the first time the game has been available for free on Steam or any other platform. The game typically costs a certain amount and offers 20 to 30 hours of gameplay. Its compatibility with the Steam Deck is currently listed as “Unknown,” indicating potential performance variability. To access the free game, players must sign up for the Fanatical newsletter.

Winsage

August 11, 2025

Win-DoS Epidemic: New DoS and DDoS Attacks Start with Microsoft Windows

During DEF CON 33, Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic.” They identified four significant Windows DoS vulnerabilities, all categorized as “uncontrolled resource consumption,” including: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in the Windows print spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints and servers, including domain controllers (DCs), which are essential for managing authentication and resources in enterprise networks. The researchers also revealed a new DDoS attack method, termed Win-DDoS, which exploits a flaw in the Windows LDAP client referral process, allowing attackers to redirect DCs to a victim server and continuously repeat this redirection, creating a large-scale DDoS botnet using public DCs without leaving forensic traces.

Winsage

August 11, 2025

New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Servers/Endpoints, Domain Controllers Into DDoS Botnet

Researchers Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic” at DEF CON 33. They identified four new vulnerabilities in Windows DoS and one zero-click distributed denial-of-service (DDoS) flaw, classified as “uncontrolled resource consumption.” The vulnerabilities include: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in Windows Print Spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints or servers, including Domain Controllers (DCs), potentially allowing for the creation of a DDoS botnet. The researchers also discovered a DDoS technique called Win-DDoS that exploits a flaw in the Windows LDAP client’s referral process, enabling attackers to redirect DCs to a victim server for continuous redirection. This method can leverage public DCs globally, creating a large, untraceable DDoS botnet without specialized infrastructure. Additionally, the researchers examined the Remote Procedure Call (RPC) protocol and found three new zero-click, unauthenticated DoS vulnerabilities that can crash any Windows system. They also identified another DoS flaw exploitable by any authenticated user on the network. The researchers released tools named “Win-DoS Epidemic” to exploit these vulnerabilities, highlighting the need for organizations to reassess their security measures regarding internal systems and services like DCs.

AppWizard

August 11, 2025

‘You’ll now be at the mercy of what loot you can find’: Rust’s latest update brings back hardcore mode tougher than ever, removing the ability to craft guns entirely

The "Hardcore update" for the survival game Rust reintroduces elements that increase gameplay intensity, including the fog of war on the map, requiring players to explore without a detailed layout. Players must craft a compass to mark their location, which only shows their position. Respawn cooldowns have increased to 15 minutes for sleeping bags and 10 minutes for beds, while base upkeep costs have doubled. Firearm crafting is completely banned in hardcore mode, with ammunition crafting costs significantly higher. The update also includes a redesigned game menu, optimized loading times (up to 65% faster), improved metal detector functionality, and visual upgrades. Additionally, the price of Rust has been halved from £35 to £17.50 to attract new players.

Winsage

August 9, 2025

California man sues Microsoft for discontinuing Windows 10 — says company is doing this to “monopolize the generative AI market”

Lawrence Klein has filed a complaint against Microsoft in the San Diego Superior Court due to the company's announcement to stop support for Windows 10 by October 14, 2025. Klein owns two laptops running Windows 10 and argues that this decision will render his devices obsolete. He believes Microsoft's strategy is aimed at forcing customers to buy new hardware compatible with its generative AI software, including the Copilot feature in Windows 11. The upgrade to Windows 11 is free, but requires TPM 2.0 technology, which many devices lack, making them ineligible for the upgrade. Users can bypass this requirement but will not receive official support from Microsoft. The Enhanced Security Updates program requires a Microsoft Account, which has deterred many users from upgrading. As the deadline nears, some users may need to invest in new devices, while others are considering transitioning to Linux to avoid hardware costs.

Tech Optimizer

August 8, 2025

Understanding polymorphic malware: A comprehensive guide

Polymorphic malware is a type of malicious software that can change its code structure while maintaining its core functionality, making it difficult for traditional signature-based antivirus solutions to detect. It uses a mutation engine to create new variants by altering its code through techniques like code obfuscation, encryption, and junk code insertion. There are several categories of polymorphic malware, including polymorphic viruses, trojans, rootkits, and ransomware, each with unique characteristics. Detection of polymorphic malware is challenging due to its ability to evade conventional methods, prompting the use of behavioral analysis and machine learning for identification. To protect against such threats, a multi-layered security approach is recommended, including regular software updates, network segmentation, and employee training. Real-world examples like the Storm Worm and Conficker worm illustrate the significant impact of polymorphic malware, which has caused substantial financial losses. As cybersecurity measures advance, polymorphic malware continues to evolve, incorporating artificial intelligence and machine learning, leading to new challenges for security professionals. Cloud-based security solutions are emerging as effective tools to combat these threats.