cybersecurity concerns Archives

Winsage

October 30, 2025

What Windows 10 EOS Means for Security

Microsoft will cease support for most versions of Windows 10 on October 14, 2025, while offering temporary Extended Security Updates (ESU) for version 22H2. Approximately 40% to 45% of Windows users globally still rely on Windows 10. The end of support raises cybersecurity concerns as Microsoft will stop issuing updates for vulnerabilities and bugs. Organizations using Windows 10 need to devise migration plans to Windows 11, but the transition can be costly and time-consuming, especially for those dependent on legacy software. Delaying migration poses risks such as regulatory violations, increased IT burdens, escalating ESU costs, and exposure to cyber threats. Organizations should prioritize migrating critical systems, review application support, and evaluate ongoing costs for legacy systems. Bitdefender offers security solutions for Windows 10 environments, including risk management, application control, cloud security, and monitoring services.

Winsage

October 6, 2025

Microsoft warns of critical vulnerability as Windows 10 support deadline nears

Microsoft has alerted users to a critical security vulnerability affecting up to 400 million Windows PCs, particularly as the deadline for security updates for Windows 10 approaches. Windows 10 is currently operational on 41% of personal computers, with 400 million unable to upgrade to Windows 11 due to hardware requirements. This situation poses significant cybersecurity risks, as many users will be left with unpatched systems after the October 14 deadline. Additionally, around 140 million PCs are still running Windows 7, which was retired in 2020. Windows 10 users can either enroll in Microsoft's Extended Security Update program or upgrade to Windows 11 if their hardware allows. For those unable to upgrade, alternatives like Linux or Chrome OS are suggested.

AppWizard

August 30, 2025

Google’s Android Lockdown: Are You Really In Control Of Your Phone?

On August 25, Google announced a policy change requiring all app developers to verify their identities before their applications can operate on certified Android devices, extending this requirement to all apps, including side-loaded ones. This policy allows Google to prevent users from running disapproved applications, raising concerns about user freedom and control over their devices. Google cites cybersecurity concerns, claiming that side-loaded apps have led to a significant increase in malware. The company aims to collect personal information from developers to enhance user security, despite criticisms regarding the effectiveness of this approach. Data breaches have become increasingly common, with notable incidents affecting millions, and identity theft costs Americans billions annually. The text discusses the potential of cryptography to enhance trust in digital interactions, highlighting technologies like PGP and concepts like webs of trust as solutions to secure identity verification. Alternative app stores and operating systems focused on user privacy are emerging as potential responses to the challenges posed by Google's policy.

Winsage

July 15, 2025

Cyber Agency—50% Of Microsoft Windows PCs ‘Vulnerable To Attack’

Microsoft has decided to extend the life of Windows 10, affecting approximately 700 million users, with around 250 million lacking the necessary hardware for Windows 11. About 50% of users are still on Windows 10, leading to concerns about cybersecurity vulnerabilities. The National Cyber Security Centre (NCSC) has warned that devices not meeting Windows 11 requirements are vulnerable to attacks and highlighted the risks of remaining on Windows 10, referencing the WannaCry ransomware attack as an example. Despite Microsoft's efforts to encourage upgrades, many users are hesitant to change, and the NCSC suggests that the inertia of users may pose the greatest threat to security.

AppWizard

July 8, 2025

Call of Duty takes PC game offline after multiple reports of RCE attacks on players

Call of Duty has temporarily taken its PC games offline due to reports of remote code execution (RCE) attacks that have compromised players' computers. The developers are investigating the issue. Players have shared videos of their systems being hacked during gameplay, with incidents including game freezes and unauthorized command executions. The vulnerability is linked to the shift from dedicated servers to peer-to-peer networking, which has made older games more susceptible to attacks. MalwareBytes has noted that this issue has become well-known in the community, leading many to avoid these titles. Previous vulnerabilities allowing RCE through the Steam platform were identified six years ago. The official Call of Duty X account has not provided updates on the investigation or the status of the games.

AppWizard

June 24, 2025

WhatsApp ban: US congressional staffers must delete the messenger

The US House of Representatives has banned the use of WhatsApp on all work devices due to cybersecurity concerns, categorizing it as a "high risk" application. The ban is based on criticisms regarding a lack of transparency in user data protection, insufficient encryption of stored data, and potential security vulnerabilities. Employees are instructed to remove the app from their devices, and alternatives such as Microsoft Teams, Wickr, Signal, iMessage, and FaceTime are recommended. This decision aligns WhatsApp with other previously banned applications, and there is speculation that similar guidelines may be adopted by other government agencies.

AppWizard

May 8, 2025

Signal clone used by Trump team hacked, GlobalX flight data leaked

The messaging app TeleMessage, used by President Donald Trump’s national security advisor, has been suspended due to a reported security breach, raising concerns about the security of sensitive government communications. The app, a modified version of Signal, was halted after a hacker accessed message contents from its customized versions, although the communications of national security advisor Mike Waltz were reportedly not affected. TeleMessage's suspension follows a statement from its parent company, Smarsh, confirming an investigation into the security incident. Despite President Trump's criticism of Signal, the White House continues to defend it, highlighting its pre-installation on government devices. Concerns about privacy protections arise from TeleMessage's archiving features, which may compromise Signal's end-to-end encryption. Additionally, GlobalX, the airline involved in Trump’s deportation flights, experienced a hacking incident, resulting in the exposure of flight records and passenger lists.

AppWizard

March 28, 2025

Hackers target Taiwan with malware delivered via fake messaging apps

Recent research from cybersecurity firm Sophos has identified the use of PJobRAT malware targeting users in Taiwan through instant messaging applications SangaalLite and CChat, which mimic legitimate platforms. These malicious apps were available for download on various WordPress sites, now taken offline. PJobRAT, an Android remote access trojan first identified in 2019, has been used to steal SMS messages, contacts, device information, documents, and media files. The recent cyber-espionage initiative lasted nearly two years, affecting a limited number of users, indicating a targeted approach by the attackers. The latest version of PJobRAT lacks the ability to steal WhatsApp messages but allows attackers greater control over infected devices. The distribution method for these apps remains unclear, but previous campaigns involved third-party app stores and phishing pages. Upon installation, the apps request extensive permissions and provide basic chat functionalities. Sophos researchers note that threat actors often refine their strategies after campaigns, suggesting ongoing risks.

Winsage

December 10, 2024

Windows 11 can now run on unsupported systems, but there’s a catch

Microsoft has allowed users to install Windows 11 on older, unsupported hardware, moving away from its previous strict hardware requirements. Users can manually install the operating system, but devices that do not meet minimum requirements will not receive updates via Windows Update, requiring manual management of updates. A watermark will appear on the desktop, and a notification in Settings will indicate that the upgrade is not recommended. Microsoft will not lower the minimum hardware requirements for Windows 11, citing cybersecurity concerns. Unsupported devices will also be excluded from the Windows Insider Program. Users can revert to Windows 10 within ten days of the upgrade through the Settings menu.

Winsage

November 23, 2024

Microsoft is finally testing its Recall photographic memory search feature. It’s not perfect

Microsoft is rolling out its Recall feature for testing on Copilot+ PCs with Qualcomm Snapdragon chips. This feature allows users to take snapshots of their screens and search for specific words or objects within those images. Currently, Recall is available to users in the Windows Insider Program's dev channel, but only on devices with Qualcomm Snapdragon chips. Initial testing has revealed challenges, including inconsistent screenshot frequency, incomplete search results, and slow loading times for viewing captured images. Microsoft has addressed cybersecurity concerns by encrypting the database and disabling the feature by default.