credentials Archives

Tech Optimizer

June 19, 2026

How Cybersecurity Services Have Evolved Beyond Antivirus and Firewalls

Businesses traditionally relied on antivirus software and firewalls for cybersecurity, which were effective when threats were simpler and data was mostly stored on-site. However, the cybersecurity landscape has evolved, with cybercriminals employing advanced tactics that traditional methods cannot adequately address. Antivirus software is limited to detecting known threats, while modern malware can evade detection by altering its code or executing in memory. Firewalls also struggle when authorized users' credentials are compromised, allowing threats to infiltrate networks. Contemporary security strategies advocate for a multi-layered approach, incorporating tools like Endpoint Detection and Response (EDR), Multi-Factor Authentication (MFA), Zero Trust Architecture, Dark Web Monitoring, and Security Awareness Training. Compliance with regulatory standards is increasingly important, and cyber insurance providers now require businesses to demonstrate comprehensive security measures. Managed security providers are becoming essential for small and mid-sized businesses, offering expertise and resources to manage complex security tools and processes effectively. Organizations should assess their current security status and adopt a layered approach to address vulnerabilities, recognizing that traditional solutions alone are insufficient in today's threat landscape.

AppWizard

June 19, 2026

Rokarolla trojan uses screen overlays to hijack Android financial apps

A new banking trojan for Android, named Rokarolla, targets 217 applications, including banking and cryptocurrency platforms, to steal credentials and sensitive financial data. It operates via a command and control (C2) server and bypasses the Google Play Store by using phishing websites that mimic legitimate download portals. Users are tricked into downloading a dropper that installs the malware, which disguises itself as the Google Play Protect security tool to gain access to Android Accessibility Services. Rokarolla employs dynamic screen overlays to capture user input in targeted financial applications and can also impersonate the device's lock screen. Additionally, it uses a pseudo-VNC system to intermittently capture screenshots for data extraction and can modify clipboard contents to manipulate cryptocurrency transactions by replacing copied addresses with those controlled by attackers.

Tech Optimizer

June 18, 2026

Norton 360 Deluxe ‘is perfect if you are looking for family protection’ especially in this major sale – and performs with near perfect score in testing

Norton 360 Deluxe is a comprehensive antivirus software package that includes features such as a parental control app, a virtual private network (VPN), a password manager, scam protection, and cloud backup capabilities. The current promotional price for the first-year subscription is £29.99, reduced from £89.99, representing a 67% discount. It offers 50GB of cloud backup, a secure password manager, a scam detector for analyzing suspicious communications, and a SafeCam feature for webcam protection. The School Time control feature helps parents restrict access to certain websites during study time.

Tech Optimizer

June 18, 2026

Retro gaming fans are the new target for fake GitHub malware

Retro gaming enthusiasts should be cautious when exploring GitHub projects for tools or plugins, as cybercriminals may disguise malware as homebrew software. A specific incident involved a project called EQVita, which pretended to be a free audio tool for PlayStation Vita but actually contained Windows malware. The downloaded file included three files: Launch.bat, luajit.exe, and x64.txt, with the latter concealing a hidden script that connected to the attacker's server upon execution. This scam is part of a broader trend where counterfeit GitHub repositories distribute SmartLoader malware, which retrieves additional malicious software aimed at stealing passwords and cryptocurrency wallets. The PS Vita community, despite the console's production ceasing, remains active in modding, making it a target for attackers. Legitimate plugins typically come in Vita-compatible formats, while fake ones may feature polished marketing materials and AI-generated descriptions. Users are advised to verify sources, be cautious of suspicious downloads, and utilize security tools like Malwarebytes. If someone has executed the malicious EQVitav1.3.zip file, they should conduct a malware scan, change important passwords, and monitor accounts for unauthorized access. Indicators of compromise include the domains https://github.com/Voistace/EQVita and https://voistace.github.io, and the IP address 85.137.52.21.

AppWizard

June 17, 2026

New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps

Zimperium’s zLabs researchers have analyzed a newly identified Android banking trojan named Rokarolla, which targets 217 distinct banking and cryptocurrency applications. It is distributed through malicious websites that impersonate popular platforms like TikTok and Google Chrome, with one identified distribution point being hxxps://infocontablidades[.]it[.]com/. The malware uses a dropper disguised as Google Play Protect to install a second-stage payload and gain Accessibility Services access, allowing it to simulate user interactions and manipulate on-screen elements. Rokarolla downloads counterfeit HTML login pages for targeted applications and overlays them to capture user credentials, including sensitive card information. It can also deploy a fraudulent PIN entry screen, read and send SMS messages, intercept one-time codes from banks, and block incoming calls. The malware rewrites the clipboard, operates a keylogger and screen content logger, and scrapes WhatsApp contact data. It captures screenshots without alerting users and has a resilient command-and-control infrastructure with multiple fallback domains. No product flaws are exploited, and defenses against it include installing apps only from Google Play and being cautious with Accessibility Services. Zimperium’s Mobile Threat Defense and zDefend products can detect Rokarolla, and a list of indicators of compromise is available on their GitHub repository.

Winsage

June 17, 2026

Windows SprySOCKS Malware: Advanced Kernel-Level Rootkit Targets Government Organizations via Supply Chain Vulnerabilities

The Windows variant of SprySOCKS malware, developed by the Chinese threat group Earth Lusca, targets government entities globally and features advanced capabilities such as rootkit-level stealth and extensive command-and-control (C2) functionalities. It operates on Windows systems, utilizing two main variants: WINDRV, which includes kernel drivers for stealth operations, and WINPLUS, a streamlined backdoor. The malware can communicate over TCP, UDP, and WebSocket, offering over 30 C2 commands for various operations, including system information gathering and keystroke logging. WINDRV loads a driver named ‘RawWNPF’ into memory using another signed kernel driver, allowing it to conceal processes and achieve persistence. The malware's design incorporates open-source elements and exploits vulnerabilities in the software supply chain, notably using a leaked certificate for driver signing. To combat SprySOCKS, organizations are advised to implement advanced endpoint detection and response (EDR) solutions, maintain regular patching, and manage supply chain risks vigilantly. The malware's adaptability and reliance on legitimate certificates complicate detection efforts, necessitating continuous refinement of security practices.

AppWizard

June 16, 2026

New Rokarolla Android malware targets 217 banking, crypto apps

A new Android banking trojan named Rokarolla targets 217 banking and cryptocurrency applications and features 137 commands for malicious activities. It is distributed via deceptive websites posing as legitimate application sources and impersonates Google Play Protect to lure users into installing infected apps. Once installed, it seeks Accessibility service permissions and access to notifications, SMS, and calls. Rokarolla communicates with a command-and-control server, sending device profiles to generate unique identifiers for victims. Its primary goal is to steal financial information by using deceptive login overlays to capture sensitive data and maintain control over the device. The malware employs evasion tactics such as disabling Google Play Protect, hiding its icon, silencing notifications, and keeping the screen awake. It can steal SMS messages, extract contacts, capture keystrokes, record screen content, manipulate clipboard contents, block calls, and take screenshots. Zimperium confirms that Rokarolla is not found on Google Play, and users are advised to avoid downloading APK files from untrusted sources and to be cautious with Accessibility permissions.

Tech Optimizer

June 16, 2026

Subscription twist: Norton 360 Deluxe adds more than just antivirus

Norton 360 Deluxe is a mid-tier security subscription from Gen Digital that offers antivirus protection, a VPN, a password manager, dark web monitoring, and parental controls for up to five devices. It includes real-time threat protection, a firewall, ransomware shielding, and cloud backup of up to 50 GB for Windows users. The parental controls, known as Norton Family, allow monitoring of children's online activities. The Secure VPN encrypts internet traffic on public Wi-Fi and masks IP addresses. The package also features PC SafeCam for webcam security and a smart firewall. Norton 360 Deluxe is marketed with a promotional first-year rate, with higher renewal prices, and is available through digital subscriptions, app stores, and major retailers. The product is designed for households and individuals seeking comprehensive security solutions.

Winsage

June 16, 2026

Munch Museum Windows display gives visitors something to scream about

At the Munch Museum in Oslo, Edvard Munch's painting "The Scream" is displayed alongside a Microsoft account recovery screen, creating an ironic contrast between art and technology. The museum rotates three versions of "The Scream" to prevent deterioration, and the painting continues to resonate with modern audiences as it symbolizes anxiety in today's technology-driven world. The frustrations of dealing with digital barriers, such as forgotten passwords, evoke emotions similar to those depicted in "The Scream."

Tech Optimizer

June 15, 2026

How to safely stay online while travelling

Traveling exposes individuals to potential cyber threats and scams. To enhance online security during travels, consider the following strategies: - Avoid using public Wi-Fi networks to protect sensitive information; instead, use mobile data or a global eSIM. - Use a Virtual Private Network (VPN) to conceal your IP address while browsing, but be aware of potential access restrictions on some websites. - Invest in a robust antivirus suite for all devices, including laptops and mobile phones. - Secure devices with login passwords and consider adding a password to your SIM card. - Enable two-factor authentication (2FA) for added security on accounts. - Research local scams and cybersecurity threats specific to your destination before traveling. - Keep apps and phone firmware updated to ensure the latest security enhancements.