cyber attacks Archives

Tech Optimizer

December 30, 2025

How To Protect Yourself From Cyber Attacks In The New Year: 10 Essential Tips

The holiday season sees increased online activity, making it a prime time for cybercriminals to exploit vulnerabilities. IT teams are often overwhelmed, and employees may be distracted, leading to a higher risk of phishing scams, ransomware attacks, and data breaches. Strategies to enhance digital security include using strong, unique passwords of at least 16 characters, enabling multi-factor authentication (MFA), being cautious with unfamiliar links, keeping devices updated with software patches, installing antivirus software, using secure networks (preferably with a VPN), enabling firewalls and endpoint protection, limiting user privileges, encrypting and backing up data, and reporting suspicious activity to relevant authorities.

Winsage

December 18, 2025

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

A newly identified cyber threat cluster called LongNosedGoblin has been linked to cyber espionage attacks targeting governmental entities in Southeast Asia and Japan, with activities traced back to at least September 2023. The group uses Group Policy to spread malware and employs cloud services like Microsoft OneDrive and Google Drive for command and control. Key tools include NosyHistorian, NosyDoor, NosyStealer, NosyDownloader, and NosyLogger, which perform functions such as collecting browser history, executing commands, and logging keystrokes. ESET first detected LongNosedGoblin's activities in February 2024, identifying malware on a governmental system. The attacks showed a targeted approach, with specific tools affecting select victims. Additionally, a variant of NosyDoor was found targeting an organization in an EU country, indicating a possible connection to other China-aligned threat groups.

AppWizard

November 3, 2025

Android users urged to delete hundreds of apps immediately in cyber attack warning

A new wave of cyber attacks targeting Android users has been identified, involving 224 compromised applications that have collectively amassed over 38 million downloads from the Google Play Store. This threat, named SlopAds by the Satori Threat Intelligence and Research Team, involves sophisticated advertising fraud techniques, including steganography, to generate illicit revenue through harmful ads embedded in apps. Google has removed all compromised applications from the Play Store and will notify users to uninstall them. Users are advised to enable Google’s Play Protect feature to safeguard against malicious applications. Ad fraud not only affects individual users but also undermines trust in the advertising ecosystem.

Winsage

October 31, 2025

China-Linked Hackers Exploit Windows Shortcut Flaw to Target European Diplomats

A China-affiliated threat actor, UNC6384, has been conducting cyber attacks targeting diplomatic and governmental entities in Europe, including Hungary, Belgium, Italy, the Netherlands, and Serbia. These attacks exploit an unpatched Windows shortcut vulnerability (CVE-2025-9491) through spear-phishing emails that appear relevant to diplomatic events. The emails deliver malicious LNK files that deploy PlugX malware via DLL side-loading. PlugX is a remote access trojan that allows extensive control over compromised systems and has been linked to another hacking group, Mustang Panda. Microsoft Defender can detect these attacks, and Smart App Control provides additional protection. The LNK file executes a PowerShell command to extract a TAR archive containing a legitimate utility, a malicious DLL, and an encrypted PlugX payload. The size of the malicious artifacts has decreased significantly, indicating ongoing evolution. UNC6384 has also begun using HTML Application files to load external JavaScript for retrieving malicious payloads, aligning with Chinese intelligence objectives regarding European defense policies.

Winsage

October 8, 2025

Microsoft issues urgent warning to millions of Windows 10 users

Microsoft will cease updates for Windows 10 on October 14, leaving users vulnerable to cyber threats. Over 40 percent of Windows users still use Windows 10, with around 5 million in the UK alone. A survey indicates that about one-quarter of these users plan to continue using Windows 10 after the support deadline. Users may face increased risks from malware, performance issues, and compatibility challenges with applications. Upgrading to Windows 11 is free if the hardware requirements are met. For those unable to upgrade, Microsoft offers the Windows 10 Consumer Extended Security Updates (ESU) program, which concludes on October 13 of the following year.

Winsage

September 28, 2025

Is end of service leaving your system vulnerable? The risks no IT leader can ignore

Unsupported operating systems and device software lack regular updates, making them vulnerable to cyber attacks. Devices running on unsupported platforms can become gateways for attackers, as they are susceptible to known exploits that can be easily weaponized. According to Microsoft’s 2024 Digital Defense Report, over 90% of successful ransomware attacks target unmanaged endpoints. Unsupported versions can bypass standard security solutions and often fail compatibility checks with modern security tools, leading to significant protection gaps. Additionally, these vulnerabilities can be exploited to steal credentials and gain unauthorized access, posing risks to overall network security.

Winsage

September 20, 2025

Microsoft is ending support for Windows 10: What you need to know

Microsoft's security support for Windows 10 will end on October 14, potentially exposing millions of computers to cyber threats unless users upgrade to Windows 11 or implement other security measures. Users with qualifying hardware can upgrade to Windows 11 for free using the "PC Health Check" app. For computers that do not meet the upgrade criteria, Microsoft will offer paid security updates for a limited time, and users can also enable cloud backup linked to OneDrive as a free alternative. Cybersecurity expert Ken Colburn advises that investing in a new computer is the best long-term security solution, especially for older machines that may not meet current safety standards. He emphasizes the importance of taking action before the deadline to avoid becoming a target for cyber attacks.

Tech Optimizer

July 22, 2025

Can A Hacker Take Over Your Computer? What to Know About Remote Access Trojans

Remote access trojans (RATs) are malware that allow hackers to control devices remotely, enabling them to steal passwords, monitor screens, log keystrokes, activate webcams or microphones, install additional malware, and use the computer for further cyber attacks. RATs typically enter systems through phishing, malicious downloads, fake updates, or compromised websites. Signs of a RAT infection include sluggish performance, unusual network activity, mysterious programs, unexpected pop-ups, and unexpected activation of camera or microphone lights. Preventive measures include being cautious with communications, downloading from reputable sources, using antivirus software, keeping software updated, and implementing a firewall. If a RAT is suspected, it is advised to disconnect from the internet, run a full antivirus scan, check installed programs, change passwords, and consider a factory reset. Smartphones can also be vulnerable to RATs, which may manifest as rapid battery drain, overheating, strange pop-ups, excessive data usage, and unfamiliar apps. Immediate actions for compromised phones include enabling airplane mode, deleting suspicious apps, and updating the operating system.

Winsage

July 9, 2025

Businesses warned about looming software deadline that could risk cyber attacks

Calne-based Black Nova Designs has warned that Microsoft will cease support for Windows 10 in three months, which will leave millions of users without security updates or technical assistance, increasing their vulnerability to cyber threats. Managing director Kyle Holmes noted the lack of awareness about this change and emphasized the risks involved. The company recommends six IT tips for businesses: 1. Upgrade from Windows 10 promptly, especially for machines older than 2018. 2. Regularly back up data and maintain robust antivirus protection, with services starting at £60+VAT per month. 3. Strengthen passwords to mitigate vulnerabilities. 4. Verify that correct Microsoft licenses are being used to avoid potential fines. 5. Ensure proper ownership and access to website domains. 6. Seek Cyber Essentials certification to demonstrate adherence to cybersecurity best practices. Black Nova Designs supports over 1,000 clients across the UK, focusing on cybersecurity and proactive IT management.

AppWizard

June 22, 2025

Minecraft players target of online criminals posing as coders, why it’s a big concern and how can gamers stay safe

The gaming community surrounding Minecraft is facing a threat from cybercriminals posing as game developers, who are deploying malware to extract sensitive information from users. Investigations by Check Point have identified two malware strains linked to Russian criminal organizations on GitHub. The malware targets data from bank accounts, cryptocurrency wallets, and web browsers, with evidence suggesting involvement of Russian-speaking threat actors. Graeme Stewart from Check Point compared the tactics of these cybercriminals to organized retail theft, emphasizing their focus on financial gain. The malware is triggered when users download malicious code disguised as game modifications, leading to the theft of personal information from approximately 1 million players who engage in game modifications. To stay safe, gamers are advised to use strong passwords, update software, monitor account activity, limit personal information shared online, avoid public Wi-Fi, back up account information, and download games from reputable sources.