cyber threats Archives

Tech Optimizer

May 9, 2025

Does Antivirus Software Collect Your Data

Antivirus software collects various types of data to protect systems, including system details (operating system version, RAM, CPU type, computer name), network data (local and external IP addresses, DNS server, network name), user data (Windows username, time zone, language, general location), browsing history (if web protection features are enabled), and file-related information (file names, locations, hashes, and sometimes entire files). The AV-Comparatives report indicates that while some antivirus companies manage data responsibly (e.g., F-Secure, G Data, K7), others (e.g., Norton, Panda, McAfee) have been criticized for poor practices. Data sharing can enhance malware detection but poses privacy risks, as seen in AVG's past actions of selling user browsing history. Users can limit data collection by adjusting settings, reviewing installation agreements, avoiding free antivirus software, choosing privacy-conscious vendors (like F-Secure, ESET, G Data), and reading privacy policies. Despite concerns about data collection, antivirus software is essential for protection against cyber threats, and selecting a transparent provider can help safeguard privacy.

Winsage

May 8, 2025

Ransomware hackers target a new Windows security flaw to hit businesses

Several ransomware groups, including RansomEXX and Play, are exploiting a zero-day vulnerability in the Windows Common Log File System to elevate system privileges and deploy malware. This flaw was identified and patched during Microsoft's Patch Tuesday update in April 2024.

Winsage

May 6, 2025

Microsoft gives all Windows 10 users two new reasons to switch to Windows 11 now

Windows 10 will reach the end of support on October 14, 2025, leaving users vulnerable to cyber threats and software bugs. Microsoft has launched two new devices, the Surface Pro and Surface Laptop, to encourage users to upgrade. The Surface Pro features a 12-inch screen, a Snapdragon X Plus processor, and a 2-in-1 form factor, while the Surface Laptop has a 13-inch screen and offers a 23-hour battery life. Both devices include access to Copilot+ PC experiences and are available for purchase starting at £799.

AppWizard

May 6, 2025

Google Play update may break apps on Android 12 and older

Google will implement an update to its Play Integrity API in May 2025, affecting devices running Android 12 or earlier. This update coincides with the end of security updates for these older versions, potentially leading to app failures and increased vulnerability to cyber threats. Developers will need to revise their applications to comply with the new API standards, while users on outdated systems may face degraded performance or complete app failures. The urgency to upgrade to Android 13 or newer is emphasized for both users and developers.

Winsage

May 6, 2025

Microsoft has a great deal on Windows 365 – which runs out just in time for Windows 10 end of life

Microsoft is offering a 20% discount on all Windows 365 plans for new users to encourage Windows 10 users to transition before the operating system's end of life in October 2025. This discount applies for the duration of the Enterprise Agreement contract or the first year of the Windows 365 subscription, whichever is shorter. The end of life for Windows 10 is set for October 14, 2025, after which users will no longer receive free product or security updates. Approximately 20% of laptops running Windows 10 have hardware incompatible with Windows 11, which could lead to increased electronic waste if not addressed.

AppWizard

May 6, 2025

‘Intrusion Detection’ might help Android 16 users catch suspicious phone activity

Google is set to introduce a security feature called "Intrusion Detection" in its upcoming Android 16, aimed at enhancing user security against threats. This feature, found in a beta version of the Google Play Services app, will log encrypted entries of essential device information to help users identify suspicious activity. "Intrusion Detection" is expected to be part of the Advanced Protection Program, which includes measures against malicious downloads and supports passkey sign-ins, moving away from traditional passwords. The feature's development has progressed, but it is unclear if it will launch with Android 16 or later. Android 16 Beta 4 was released to testers in mid-April, leading up to the anticipated full launch in May 2025.

Tech Optimizer

May 5, 2025

Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses

X Business, an e-commerce store specializing in handmade home décor, experienced a cybersecurity incident involving a malware strain called Chimera. The attack began during a routine update to their inventory management system and escalated within 12 hours, resulting in halted customer orders, locked employee accounts, and a crashed website. The attackers demanded a ransom of 0,000 in cryptocurrency, threatening to expose sensitive customer data. Chimera is an AI-driven malware that adapts its code to evade detection, targeting both Windows and macOS systems. It exploited a zero-day vulnerability in Windows' Print Spooler service and bypassed macOS security measures by forging code signatures. The malware used social engineering tactics to deceive employees into activating malicious payloads, leading to compromised systems and encrypted customer data. The recovery process took 48 hours, utilizing cybersecurity tools like CrowdStrike Falcon and SentinelOne Singularity to identify and isolate the malware. Data restoration was achieved through Acronis Cyber Protect and macOS Time Machine, while vulnerabilities were addressed with Qualys and emergency patch deployment via WSUS. The network security framework was improved using Cisco Umbrella and Zscaler Private Access to implement a Zero Trust architecture. The incident highlights the need for small enterprises to adopt proactive cybersecurity strategies, including a 3-2-1 backup approach, Zero Trust models, investment in AI-driven defense tools, and employee training to recognize social engineering attempts.

Tech Optimizer

May 5, 2025

VIPRE Advanced Security Awarded Highest Ranking in AV-Comparatives’ Malware Protection Test 2025

VIPRE® Advanced Security received the Advanced+ award from AV-Comparatives in the March 2025 Malware Protection Test for its effectiveness against cyber threats. The test evaluated 19 security products using 10,030 malware samples on a Windows 11 system, focusing on both online and offline threats. VIPRE achieved a 98.7% detection rate in all scenarios, a 99.93% overall protection rate during execution testing, and had one of the lowest false positive counts among the products tested. VIPRE's security solutions are integrated into other Ziff Davis products, enhancing their protection capabilities. VIPRE is a subsidiary of Ziff Davis, Inc., specializing in cybersecurity solutions with over 25 years of experience.

Winsage

May 3, 2025

Microsoft’s Free Upgrade Offer Hits New High—Check Your Windows PC Now

Microsoft is alerting Windows users about a significant cyber threat as many PCs will stop receiving essential security updates. A free upgrade to Windows 11 is recommended, which offers enhanced security, but 240 million users remain at risk. Microsoft encourages users with outdated PCs to transition to Windows 11, which requires a TPM 2.0 security module. As of April, Windows 11's adoption has reached 44%, while 53% of users are still on Windows 10, though this percentage is declining. The gap between Windows 11 and Windows 10 usage has narrowed to within 10%. Users unable to upgrade may face security risks and should consider safer alternatives, including transitioning to passkeys instead of passwords for their Microsoft accounts.

Winsage

May 2, 2025

Microsoft pushes unphishable logins forward with new sign-in options

Microsoft is making passwordless logins the default method for new account sign-ins, promoting passkeys as an alternative to traditional passwords. This initiative is part of a collaboration with Google and Apple under the FIDO Alliance to enhance security and streamline the login process. New users will have passkeys set as their default sign-in method, while existing users will be prompted to switch during their next login. The shift to passkeys aims to address issues related to password management and security vulnerabilities. However, users must install the Microsoft Authenticator app to fully transition to a passwordless experience, as compatibility with other authentication apps is not supported. Without the app, users cannot completely eliminate their login passwords, which may reduce the security benefits of using passkeys.