cyber security Archives

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Tech Optimizer

May 5, 2026

Intego ONE

Intego has released Intego ONE, a rebranded antivirus solution for Mac users that combines antivirus capabilities with a firewall. The product has received a 97.1% malware detection score in independent lab tests, although it lacks phishing protection, a feature offered by competitors like Norton and Bitdefender. Intego ONE has a tiered pricing structure, with the Essential tier costing .99 annually and providing antivirus and firewall protection, while the Advanced tier, which includes the SmartClean system cleanup tool, costs .99. The top-tier Complete subscription, which includes a VPN, is priced at .99 annually. Intego offers a 7-day free trial for potential customers. The software installation is straightforward, requiring Full Disk Access for optimal functionality. Intego's firewall is integrated into the main application for easier user interaction. The SmartClean feature aims to optimize system performance but may not justify its additional cost for all users. The VPN included in the Complete tier is user-friendly but may be priced higher than standalone options.

AppWizard

April 11, 2026

This Russian military intelligence group has been stealing people’s sensitive data, so you might want to connect your router through a VPN

The National Cyber Security Centre (NCSC) in the UK has reported that the Russian military intelligence group APT28 is exploiting vulnerabilities in routers to redirect internet traffic through malicious servers, siphoning off sensitive information from users. This includes login credentials, search histories, and private messages. APT28's servers function as anti-VPNs, designed to extract user data rather than protect it. The group appears to be gathering data for strategic objectives, particularly targeting businesses in sectors like manufacturing and military contracting, while also potentially weaponizing information from individuals to influence public opinion. The NCSC has issued guidance for businesses on online privacy, and recommends the use of VPNs as a protective measure for individuals, with NordVPN being highlighted as a top choice among various reliable options.

AppWizard

April 3, 2026

NCSC warns of messaging app targeting by Russia-linked actors

The UK National Cyber Security Centre (NCSC) has warned of an increase in cyber threats from Russia-based actors, targeting high-risk individuals through messaging applications like WhatsApp, Signal, and Messenger. These threats involve deceptive tactics such as coaxing users for login codes, unauthorized device access, group chat infiltration, impersonation of trusted contacts, and phishing links. The targeting is linked to state-affiliated groups from Russia, China, and Iran. High-risk individuals are those with access to sensitive information or influential roles. The NCSC recommends several protective measures: enabling two-step verification, not sharing verification codes, monitoring linked devices, being cautious with unknown contacts, limiting personal app use for work, and using disappearing messages to reduce data exposure.

AppWizard

April 1, 2026

NCSC warns of messaging app targeting | National Cyber Security Centre

The National Cyber Security Centre (NCSC) has issued guidelines for individuals vulnerable to targeted attacks via messaging applications, particularly due to increased malicious activities from actors based in Russia. High-risk individuals, such as those with access to sensitive information, are especially susceptible. Past incidents involve state-affiliated groups like APT31 from China, the Russian FSB actor Star Blizzard, and Iran's IRGC targeting government officials. Attackers may use deceptive methods to obtain login codes, add devices to accounts, infiltrate group chats, impersonate contacts, and execute phishing attempts. To mitigate risks, individuals should avoid sharing sensitive information via messaging apps, use corporate services for work-related communications, refrain from sharing verification codes, activate two-step verification, utilize passkeys, regularly review linked devices, stay alert for impersonations, and consider using disappearing messages. The NCSC also provides guidance for enhancing account and device security for high-risk individuals.

Tech Optimizer

March 16, 2026

How to Avoid Getting Scammed Online in 2026

The Qantas data breach highlights vulnerabilities in online information security. Regularly changing passwords every few months is recommended, and tools like Bitdefender’s Password Manager can help manage complex passwords. Users should be cautious of suspicious links and attachments, as hackers often use phishing tactics. Implementing two-factor authentication (2FA) adds an extra layer of security to accounts. Keeping devices updated is crucial for protecting against vulnerabilities. Investing in reliable antivirus software, such as Bitdefender Antivirus Plus or Bitdefender Ultimate Security, is essential for safeguarding personal data. Staying informed about cybersecurity measures is important to prevent data breaches.

Winsage

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. has released security updates addressing at least 77 vulnerabilities across its Windows operating systems and various software applications. Key vulnerabilities include: - CVE-2026-21262: Allows an attacker to elevate privileges on SQL Server 2016 and later, with a CVSS v3 base score of 8.8. - CVE-2026-26127: Affects applications running on .NET, potentially leading to denial of service. - CVE-2026-26113 and CVE-2026-26110: Remote code execution flaws in Microsoft Office exploitable by viewing malicious messages in the Preview Pane. - CVE-2026-24291, CVE-2026-24294, CVE-2026-24289, and CVE-2026-25187: Privilege escalation vulnerabilities rated CVSS 7.8. - CVE-2026-21536: A critical remote code execution bug identified by an AI agent, marking a shift toward AI-driven vulnerability discovery. Additionally, Microsoft previously addressed nine browser vulnerabilities and issued an out-of-band update on March 2 for Windows Server 2022. Adobe has released updates for 80 vulnerabilities across its products, and Mozilla Firefox version 148.0.2 has resolved three high-severity CVEs.

AppWizard

February 28, 2026

Centre’s SIM binding directive on app-based messaging platforms ‘unconstitutional’: Tech industry body BIF

The Broadband India Forum (BIF) has expressed legal concerns about the government's SIM binding mandate, stating it is "ultra vires the parent legislation" and "unconstitutional," based on a senior counsel's opinion. This opinion critiques the Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, claiming they exceed the authority of the Telecommunications Act of 2023. The government's directive requires app-based communication services to maintain a link to a user's active SIM card, which BIF argues violates principles of due process and proportionality. BIF also highlights that the introduction of Telecommunication Identifier User Entities (TIUEs) alters the scope of telecom regulation improperly, potentially leading to legal conflicts with existing laws like the Information Technology Act. BIF concludes that the amendment rules represent an impermissible expansion of delegated authority under the Telecom Act, advocating for adherence to the statutory framework. The government's directive, aimed at addressing cyber security concerns, would change how users access messaging services in India.

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Tech Optimizer

January 9, 2026

MacPaw Moonlock

Moonlock is a new antivirus solution for Mac developed by MacPaw, utilizing technology from CleanMyMac. It features a basic VPN, security configuration scan, and an elegant user interface, but some functionalities may not perform as expected. The annual subscription for a single Mac is priced higher than competitors like CleanMyMac and G Data Antivirus. Moonlock requires macOS 13 (Ventura) or later for compatibility. Setting up the app involves creating an account and granting permissions, with a full scan recommended post-installation. In independent lab tests, Moonlock scored 5.5 out of 6 in protection and 6 in usability, but its performance rating was 4.5 points, lower than competitors. The Security Advisor feature provides advice on enhancing security, while the System Protection feature identifies areas for improvement. Moonlock includes a basic VPN with 61 server cities in 50 countries. Its Network Inspector focuses on blocking traffic from specified countries, but its effectiveness is questionable. Flexible scan scheduling is available, but it does not guarantee the removal of Windows malware. The app includes informational panels and animated videos, but it currently lacks effective phishing protection, failing to block known fraudulent websites.