data leak Archives

Winsage

December 15, 2024

Dangerous New Windows Drive-By Security Alert—What You Need To Know

Cloak ransomware, emerging in 2022, has quickly become a significant threat in the cyber landscape, with a new variant raising concerns due to its advanced capabilities. The group uses initial access brokers and social engineering techniques, including phishing and malicious advertising, to gain network access. The ransomware employs a drive-by download method, disguising itself as legitimate system updates. Cloak may have connections to the Good Day ransomware group and utilizes a variant derived from leaked Babuk ransomware source code. Once delivered, it employs sophisticated mechanisms for extraction and privilege escalation, terminating security processes and modifying system settings to hinder recovery. The encryption process uses Curve25519 and SHA512 algorithms, and it exhibits advanced evasion techniques. Cloak ensures payload persistence by altering Windows registry entries and restricting user actions, disrupting essential system utilities and leading to operational downtime. Its extortion tactics include disguising ransom notes as desktop wallpapers and employing intermittent encryption to maximize damage. The ransomware deletes shadow copies and backups, complicating recovery efforts. Cloak also utilizes a data leak site to publish or sell stolen data if ransom demands are not met, claiming a ransom payment success rate of 91% to 96%. Windows users are advised to implement comprehensive security measures to reduce the risk of attacks.

Winsage

November 29, 2024

Breach Roundup: Microsoft Tries Again With Windows Recall

Microsoft has unveiled a preview of its Windows Recall feature, designed to capture screenshots of active windows using on-device AI and store them in an SQLite database. The feature will be opt-in and requires users to enable BitLocker full-disk encryption, activate Secure Boot, and enroll in Windows Hello. Recall aims to avoid capturing sensitive information and allows users to delete snapshots or exclude specific applications. Microsoft has implemented safeguards to protect against brute-force attacks, and the data collected remains encrypted locally. The preview is currently available to participants in the Windows Insider Program for Developers. The U.S. Federal Trade Commission (FTC) reported that nearly 90% of smart device manufacturers lack clear update policies, with 161 out of 184 products reviewed not disclosing software update durations. This lack of transparency may violate the Magnuson-Moss Warranty Act and the FTC Act. Ping Li, a Florida IT professional, was sentenced to four years in prison for acting as an agent for China's Ministry of State Security, providing sensitive information since at least 2012. He pleaded guilty and was fined ,000. Operation "Serengeti" led to the arrest of over 1,000 individuals suspected of cybercrime across 19 African countries, resulting in nearly million in financial losses and the confiscation of around million in stolen funds. The U.S. Department of Justice indicted nine individuals linked to a multi-state money laundering scheme associated with internet fraud, allegedly laundering over million since 2016. NVIDIA released a critical firmware update to address a high-severity vulnerability (CVE-2024-0130) that could allow attackers to steal data and compromise systems. Cybersecurity firm McAfee discovered "spyloan" Android apps on the Google Play Store that aim to steal users' personal data, targeting users in Mexico, Colombia, and Indonesia. An international law enforcement operation dismantled a pirate streaming network serving over 22 million users and generating approximately million monthly, resulting in 102 arrests. Nicholas Michael Kloster, a 31-year-old from Kansas City, was indicted for allegedly hacking into computer networks to promote his cybersecurity services, facing multiple charges with a potential 15-year prison sentence. HDFC Life Insurance in India is investigating a potential data breach involving the sharing of certain data fields with malicious intent.

Tech Optimizer

August 19, 2024

Download Free Antivirus Software – Newspatrolling.com

Several commendable free antivirus options are available for download, including: - Avast: Offers six layers of protection, including a behavior shield and ransomware protection. Compatible with Windows, Mac, Android, and iPhone. Rated 4.2/5 on Trustpilot. - AVG: Provides comprehensive protection against various cyber threats with six levels of cybersecurity. Available for Windows, Mac, Android, and iOS. Rated 4.3/5 on Trustpilot. - Avira: Protects against spyware, adware, ransomware, and viruses with real-time updates. Available for Windows, Mac, Android, and iOS. Rated 4.0/5 on Trustpilot. - Bitdefender: Offers solid protection against various threats, designed to be light on CPU resources. Available for Windows, Android, and macOS. Rated 3.6/5 on Trustpilot. - Malwarebytes: Provides multi-layered security against various threats, particularly for compromised devices. Available for Windows, Mac, Android, and Chromebook. Rated 4.0/5 on Trustpilot.

Tech Optimizer

August 15, 2024

This popular VPN officially offers a top antivirus product too

Surfshark has been recognized by AV-Test as a leading player in cybersecurity, receiving the 'TOP PRODUCT' title for its VPN application and antivirus solution. The evaluation was based on protection, performance, and usability, with Surfshark Antivirus scoring 5.5 out of 6 in performance metrics. The antivirus achieved a 100% detection rate against sophisticated 0-day malware attacks. Surfshark expanded its offerings in 2022 with the launch of Surfshark One, which includes the antivirus tool. Surfshark Antivirus provides real-time protection and scheduled scans but is only available within the Surfshark One package, which also includes a VPN, data leak detection, and a private search engine. The complete suite is priced at .69 per month.

Winsage

July 8, 2024

New Ransomware-as-a-Service ‘Eldorado’ Targets Windows and Linux Systems

Eldorado ransomware emerged on March 16, 2024, with cross-platform encryption capabilities for Windows and Linux systems.

Tech Optimizer

June 12, 2024

A Guide on How to Turn Off Windows Defender

Windows Defender is an in-built suite of antivirus security tools that comes with Windows, providing protection from malware, viruses, spyware, and other threats.

Tech Optimizer

June 12, 2024

The best antivirus software for Chromebooks in 2024 | Digital Trends

Malwarebytes offers a dedicated app for Android security with a version specifically customized to work on Chromebooks. The free version runs a privacy audit for every app on Chrome OS and gives you a report to identify tracking apps.

AppWizard

May 12, 2024

Politicians urge gov’t to fight Japan’s push to take away Naver’s control of Line messenger

Seoul is facing criticism for its perceived passivity in response to Tokyo pressuring Naver to divest its stake in LY Corp, the company behind the Line messaging app. Korean politicians are urging the government to take a more proactive approach to protect Korean companies in foreign markets and prevent potential diplomatic repercussions with Japan. The Japanese government's actions are seen as coercive, prompting calls for robust protests and a shift towards a more proactive stance from the Korean government. Foreign and ICT ministries are signaling a commitment to closely communicate with Naver and respect its managerial decisions.

AppWizard

April 30, 2024

Korea in close talks with Naver over Japan’s demand to divest stake in Line messenger: gov’t

Japan has pressured Naver to divest its shares in the Line messaging app due to a data leak incident.