cybersecurity threats Archives

AppWizard

February 23, 2025

Amazon to Shut Down Android App Store, Ending a Decade-Long Experiment

Amazon will close its Amazon Appstore for Android devices on August 20, 2025, after 14 years of operation. The closure includes the discontinuation of Amazon Coins, which are used for in-app purchases. Developers will no longer be able to submit new apps after this date, although existing apps will remain available until then. Amazon plans to focus on its Appstore for its own devices, such as Fire TV and Fire Tablets, where most of its customers engage with the platform. The Appstore was launched in 2011 as a competitor to Google Play but struggled to gain traction outside of Amazon's ecosystem. Additionally, Amazon will discontinue support for the Appstore on Windows 11 on March 5, 2025. Security concerns have also been raised regarding the Appstore, including incidents of malware found within it.

Winsage

February 19, 2025

Valve’s monthly survey reveals that almost 45% of Steam users on PC are still using Windows 10 even with the sword of Damocles hanging over them

As of January 2025, 44.41% of PC users are still operating on Windows 10, which is set to lose support in October 2025. Windows 11, released in 2021, has demanding system requirements that deter users with older hardware from upgrading. Many Steam users on Windows 10 may include internet cafes, where maintaining hardware is challenging. The end of support for Windows 10 means users will no longer receive updates or security patches, increasing risks associated with continued use. Resources are available to assist users in transitioning from Windows 10.

Winsage

February 12, 2025

Microsoft Patch Tuesday February 2025: 61 Vulnerabilities Including 25 RCE’s Fixed

Microsoft released its February 2025 Patch Tuesday security updates, addressing over 61 vulnerabilities across its products. The updates include: - 25 Remote Code Execution vulnerabilities - 14 Elevation of Privilege vulnerabilities - 6 Denial of Service vulnerabilities - 4 Security Feature Bypass vulnerabilities - 2 Spoofing vulnerabilities - 1 Information Disclosure vulnerability Notable critical vulnerabilities include: - CVE-2025-21376: Remote code execution risk via LDAP protocol. - CVE-2025-21379: Flaw in DHCP client service allowing system compromise via crafted network packets. - CVE-2025-21381, CVE-2025-21386, CVE-2025-21387: Multiple vulnerabilities in Microsoft Excel enabling code execution through specially crafted files. - CVE-2025-21406, CVE-2025-21407: Vulnerabilities in Windows Telephony Service allowing remote code execution. Two vulnerabilities confirmed as actively exploited: - CVE-2023-24932: Bypass of Secure Boot protections. - CVE-2025-21391: Elevated privileges on affected systems. - CVE-2025-21418: Gain SYSTEM privileges through exploitation. Other notable fixes include vulnerabilities in Visual Studio and Microsoft Office that could lead to remote code execution. Users can apply updates via Windows Update, Microsoft Update Catalog, or WSUS. Microsoft emphasizes the urgency of these updates due to the active exploitation of certain vulnerabilities.

AppWizard

February 4, 2025

Remove These 12 Android Apps Now—They’re Secretly Capturing Your Conversations

Some Android applications are covertly monitoring conversations and collecting personal data without user consent. Cybersecurity firm ESET identified six malicious apps on Google Play and another six on third-party app stores that disguise themselves as legitimate messaging platforms. These apps harvest data such as text messages, call logs, and recorded conversations. Hackers also employ tactics like creating fake romantic connections to persuade victims to download infected apps, such as those containing the VajraSpy Trojan, which records conversations and accesses personal files. Three groups of dangerous apps include: 1. Messaging apps disguised as secure platforms (e.g., Hello Chat, MeetMe, Chit Chat) that steal contact information and SMS messages. 2. Apps exploiting accessibility features (e.g., Wave Chat) that can intercept messages and record phone calls. 3. A fake news app that seeks access to personal data without messaging capabilities. A list of malicious apps includes: Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. Six of these apps were downloaded over 1,400 times each before being removed from Google Play. To protect privacy, users are advised to uninstall suspicious apps, change passwords, enable two-factor authentication, run security scans, and stay informed about cybersecurity threats.

AppWizard

December 23, 2024

These Are The Most Useful FOSS Android Apps I Discovered in 2024

Exodus is an app that tracks data collection and app permissions for privacy-conscious users. Simple Keyboard is a minimalistic, customizable keyboard app that does not collect user data. Currencies provides real-time currency exchange rates without ads or tracking. Password Monitor checks for compromised passwords and offers security suggestions. Ente Auth is an offline authentication tool with end-to-end encryption and optional cloud backup. Seal is a download manager that supports various platforms and customizable options. Hacki is a client for Hacker News that allows voting, commenting, and saving articles. NetGuard is an open-source firewall app that enables users to manage internet access for specific applications without root access.

Tech Optimizer

December 13, 2024

F-Secure Total review: affordable antivirus solution lets you build custom plan

F-Secure Total is an antivirus solution priced at .99, offering robust protection for various devices with customizable subscription plans. The most economical plan starts at .99 annually for one device, with options for 1 to 26 devices. Users can add a VPN and password manager for an additional fee. It supports Windows, macOS, iOS, and Android, and provides 24/7 live chat support. The software features real-time malware protection, regular scans, and has received positive scores from cybersecurity labs, though it has a higher-than-average false-positive rate. F-Secure's privacy policy ensures user data is not sold or shared with third parties.

Winsage

December 10, 2024

Windows 11 can now run on unsupported systems, but there’s a catch

Microsoft has allowed users to install Windows 11 on older, unsupported hardware, moving away from its previous strict hardware requirements. Users can manually install the operating system, but devices that do not meet minimum requirements will not receive updates via Windows Update, requiring manual management of updates. A watermark will appear on the desktop, and a notification in Settings will indicate that the upgrade is not recommended. Microsoft will not lower the minimum hardware requirements for Windows 11, citing cybersecurity concerns. Unsupported devices will also be excluded from the Windows Insider Program. Users can revert to Windows 10 within ten days of the upgrade through the Settings menu.

Tech Optimizer

December 7, 2024

Eset Premium review: 2024 improvements aren’t enough

Eset Premium is a cybersecurity solution launched in 2024, noted for its speed and effectiveness as an antivirus. It offers excellent malware protection, flexible plans for multiple devices, a quick installation process, and live chat support available 11 hours on weekdays. However, it has a poor track record prior to 2024, relatively high pricing, and issues with chatbot errors regarding live agent availability. Eset Premium supports multiple platforms including Windows, macOS, Linux, iOS, and Android, and offers three subscription tiers: Essential, Premium, and Ultimate, with varying features and pricing. The Essential plan provides real-time malware protection, while the Premium tier adds a password manager and ransomware protection. The Ultimate plan includes additional features like an unlimited VPN and dark web monitoring. The installation process is user-friendly, allowing for customization and an initial scan for malware. Eset Premium's design is clean, but the options can be overwhelming. Independent tests show strong performance in 2024, but the software had a weak track record in previous years, earning only a single star in real-time malware protection tests conducted in mid-2023. Eset provides 24/7 technical support through an AI chatbot, with live chat support available during business hours. The company assures users that their data is used solely for service provision, although there was a reported breach involving a partner company that targeted Eset customers.

Tech Optimizer

December 6, 2024

This sneaky phishing attack is a new take on a dirty old trick

Attackers are using a new phishing tactic involving Word documents that redirect users to a fake Microsoft login page to steal account credentials. This method can evade traditional antivirus detection due to the malicious content being difficult to scan. Users are advised to be cautious with email attachments, avoid clicking on links from unknown sources, consider using passkeys for account access, and enable two-factor authentication (2FA) for added security. Phishing attacks require user participation, so it's important to verify the legitimacy of requests before acting.

Winsage

November 21, 2024

Microsoft displays full-screen Copilot+ PC ads to Windows 10 users

Microsoft is encouraging users of the free version of Windows 10 to upgrade to Windows 11 through full-screen pop-up advertisements. These ads inform users that support for Windows 10 will end on October 14, 2025, and highlight benefits of upgrading, such as improved battery life, faster web browsing, and enhanced security features. Users will have a grace period of ten months before free security updates for Windows 10 cease. The advertisements promote Copilot+ PCs as the fastest and most intelligent Windows PCs available.