cybersecurity expert Archives

AppWizard

March 24, 2026

Russia pushes unencrypted Max messenger as WhatsApp, Telegram face restrictions

The Max messenger app, launched by VK in March 2025, has gained popularity in Russia, particularly as the government restricts messaging apps like WhatsApp and Telegram. The app combines messaging, social media, government services, digital identification, and banking. President Vladimir Putin supports it as a means to achieve "technological sovereignty," and a law designates Max as a "national multifunctional messenger." Digital Development Minister Maksut Shadayev has promoted Max, which is also featured prominently on state television. Although not mandatory, there is significant pressure on citizens to use it, with schools and corporations transitioning communications to Max. As of March, the app surpassed 100 million users and is on Russia's "white list" of digital services that remain operational during internet blackouts. Since September, it has been pre-installed on all phones and tablets sold in Russia, with the RuStore app store being mandatory for Apple devices. Max does not offer end-to-end encryption, and user data is stored on Russian servers, with policies allowing data sharing with authorities. Critics, including the Budushcheye political movement, express concerns about surveillance and the app's functionality as a "digital trap." Despite government assurances, disruptions on Telegram and WhatsApp have been reported, with limitations on calls initiated by the government citing non-cooperation from these foreign-owned services.

Tech Optimizer

February 19, 2026

The 5 Biggest Cybersecurity Threats to Watch in 2026: Is Your Business Safe From These Looming Dangers? – Travel And Tour World

In 2026, cybersecurity has evolved significantly, necessitating organizations to prioritize five critical threats identified by expert Danny Mitchell from Heimdal: 1. AI Vulnerabilities: Attackers can manipulate machine learning models by introducing corrupted data, leading to dangerous decisions by AI systems. 2. Cyber-Enabled Fraud and Phishing: Phishing attacks have become more sophisticated with AI, using deepfake technology to impersonate individuals and evade detection. 3. Supply Chain Attacks: Cybercriminals exploit vulnerabilities in software libraries and vendor relationships, compromising trusted software updates and access credentials. 4. Software Vulnerabilities: The rapid discovery of software vulnerabilities outpaces patching efforts, leaving systems exposed to attacks, especially legacy systems. 5. Ransomware Attacks: Modern ransomware employs double extortion tactics, encrypting and stealing data, pressuring businesses to comply with ransom demands. Mitchell recommends strategies such as auditing AI systems, implementing multi-channel verification, securing supply chains, prioritizing patch management, and developing ransomware response plans to combat these threats.

Winsage

February 11, 2026

Global Group ransomware gang running new campaign using Windows shortcut files

The Global Group ransomware operates entirely in silent mode, executing all activities locally on the compromised system without relying on a command and control server. It generates the encryption key directly on the host machine, resulting in no actual data exfiltration despite claims in its ransom note. This approach allows for quicker attacks, targeting a broader range of victims while reducing detection risk. The act of encryption alone can compel payment due to significant operational downtime for affected organizations.

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

AppWizard

December 30, 2025

Users confused by sudden terms of use update at Vietnam’s most popular messaging app Zalo

Thanh Hung, a sales employee in Ho Chi Minh City, was prompted to accept new terms of service on Zalo, a messaging platform, under the threat of account deletion. He accepted without reading the details due to urgency. Thanh Tuan from Hanoi also faced a similar situation, expressing concern over potential hidden clauses and opting to decline the new terms, risking account deletion in 45 days. Zalo, with over 80 million users, updated its terms on December 26, introducing a comprehensive user agreement and a separate agreement for its social network. Users can either accept all terms or decline specific services. The sudden notification has led to discussions among users, with some feeling pressured to agree. The update is seen as a response to the upcoming Law on Protection of Personal Data, which imposes penalties for violations. Key changes in the terms include a distinction between the messaging platform and the social network, a definition of "user content," and the introduction of Zalo ID for enhanced security. Zalo states that data collection serves its business operations.

Tech Optimizer

October 28, 2025

NordVPN revealed Americans’ false sense of online security with shocking Times Square ‘Talk to a hacker’ stunt

NordVPN launched an interactive billboard in Times Square as part of their "an antivirus is only half-protection" campaign, challenging the belief in the effectiveness of antivirus software. The campaign revealed that 73% of Americans incorrectly believe antivirus software protects them from identity theft and data breaches. Participants engaged with ethical hackers who demonstrated vulnerabilities, exposing personal information such as passwords and Social Security numbers. The campaign highlighted that over half of Americans trust antivirus software for online safety, yet many do not take precautions when using public Wi-Fi. Data breaches often expose contact information, leading to risks of phishing and identity theft. The billboard featured ethical hackers who provided insights on online safety, and NordVPN offers resources for checking data breaches and improving cybersecurity. NordVPN provides advanced security features and serves millions of users globally.

Winsage

October 24, 2025

Windows Weekly 955: Chewy Indifference

Microsoft has announced new Copilot and AI features for Windows 11, transitioning to Windows.ai. An emergency update was released for Windows 11 to address issues that disabled USB mouse and keyboard support in the Windows Recovery Environment. The Windows Insider Program is evolving with improvements to mobile device settings, File Explorer, and Drag Tray in the Dev and Beta channels, while a revamped Start menu and Copilot Vision integration are set for the Release Preview. Microsoft's annual report highlights three core business segments: Windows, Microsoft 365 Consumer, and Xbox/gaming, with Xbox/gaming having 500 million users but the highest engagement levels. Microsoft plans to launch Copilot for Education in December and integrate Anthropic Claude into Microsoft 365 commercial offerings. The Xbox president indicated that the next console will be "very premium," and new hardware options are available for purchase. The Xbox Development Kit has seen a 33 percent price increase due to U.S. tariffs. Many laptops are now designed to be end-user repairable and upgradeable, allowing users to swap out SSDs and other components.

Tech Optimizer

October 20, 2025

New DefenderWrite Tool Allows Attackers to Inject Malicious DLLs into AV Executable Folders

DefenderWrite is a new tool that uses whitelisted Windows programs to bypass antivirus protections and write files into executable folders. Developed by cybersecurity expert Two Seven One Three, it allows penetration testers to deploy payloads in secure locations without needing kernel-level access. The tool identifies whitelisted system programs, enabling attackers to inject malicious DLLs into antivirus folders. In tests on Windows 11 with Microsoft Defender, four vulnerable programs were identified: msiexec.exe, Register-CimProvider.exe, svchost.exe, and lsass.exe. DefenderWrite includes parameters for targeted operations and a PowerShell script for scanning executables. It highlights the need for antivirus vendors to improve their whitelisting policies and process isolation. The tool is publicly available, raising concerns about its potential use in real-world attacks.

Winsage

September 20, 2025

Microsoft is ending support for Windows 10: What you need to know

Microsoft's security support for Windows 10 will end on October 14, potentially exposing millions of computers to cyber threats unless users upgrade to Windows 11 or implement other security measures. Users with qualifying hardware can upgrade to Windows 11 for free using the "PC Health Check" app. For computers that do not meet the upgrade criteria, Microsoft will offer paid security updates for a limited time, and users can also enable cloud backup linked to OneDrive as a free alternative. Cybersecurity expert Ken Colburn advises that investing in a new computer is the best long-term security solution, especially for older machines that may not meet current safety standards. He emphasizes the importance of taking action before the deadline to avoid becoming a target for cyber attacks.

Winsage

September 14, 2025

Microsoft Windows Deadline—30 Days To Update Or Stop Using Your PC

Microsoft has reminded its 600 million Windows 10 users that they have 30 days left until the end-of-life date on October 14, after which the last security update will be released. Users are encouraged to upgrade to Windows 11, but many may face hardware limitations that prevent this. Operating a non-updated Windows 10 poses security risks, as outdated systems are vulnerable to exploits. Users can check for an “Enroll Now” button in the Windows Update panel to opt into a 12-month extended support update (ESU) at no cost, provided they save their PC settings to OneDrive. There is also a workaround called Flyby11 that allows installation of Windows 11 on incompatible PCs, but it requires technical proficiency and Microsoft has warned against it. Users who remain on Windows 10 must secure the ESU before the October 13 deadline and ensure their systems are set to auto-update.