detection Archives

Winsage

April 27, 2025

I tried the Windows Snipping Tool’s new text extraction feature and here’s how it went

A recent update to the Snipping Tool on Windows 11 has introduced an OCR feature, currently available only to beta channel users. This feature allows users to extract text from images and standard web pages easily, with a straightforward activation process. Users can draw a box around the desired text, and once recognized, a button appears to copy the text to the clipboard. The tool successfully retains formatting when extracting text from web pages. It performs well with clear printed text in images but struggles with handwritten text, producing numerous errors. The Snipping Tool is effective for recognizing simple fonts, enhancing productivity in text extraction.

Tech Optimizer

April 26, 2025

How to disable the PC webcam and protect it from unauthorized access

The webcam is a crucial tool for remote communication but poses privacy risks, particularly through a threat known as CamFecting, where unauthorized access can occur via malware, malicious websites, or system vulnerabilities. Preventive measures include using antivirus software, disabling the webcam when not in use, and physically covering the camera with privacy caps or tape. Signs of unauthorized access include unexpected illumination of the webcam light, unusual camera behavior, unknown files on the system, abnormal data consumption, and decreased battery life. To deactivate the webcam, users can adjust settings in major browsers and operating systems. Maintaining digital hygiene, such as regularly updating software, using security systems like firewalls and VPNs, and being cautious of phishing attempts, is essential to minimize risks.

Tech Optimizer

April 25, 2025

This antivirus software is for people who hate subscriptions

Priil Internet Security is currently available for .99 for a lifetime subscription, reduced from its regular price of .97. It is certified by Virus Bulletin and effectively blocks 100% of known malware threats. The software includes features such as real-time detection, firewall protection, a VPN, a password manager, a file shredder, and browser safety tools. It also offers custom scan options, a PC optimizer, and safeguards against data leaks and malicious tracking. The user-friendly interface makes it accessible to all users.

AppWizard

April 25, 2025

Russian military personnel on the front lines targeted with new Android spyware

A sophisticated Android malware, identified as Android.Spy.1292.origin, targets Russian military personnel by disguising itself within a modified version of the Alpine Quest mapping application. This malware is designed to steal contacts and monitor locations, evading detection while collecting sensitive data such as the user's mobile phone number, contacts, current date, geolocation, information about files on the device, and the app's version. It is distributed through a dedicated Telegram channel and unofficial Android app repositories. The malware's modular architecture allows for updates that enhance its capabilities, particularly in extracting confidential documents exchanged via Telegram and WhatsApp.

Winsage

April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.

Winsage

April 25, 2025

Microsoft touts AI Dev Gallery for Windows

Microsoft has launched the AI Dev Gallery, an open-source application for Windows developers aimed at integrating AI functionalities into projects. Initially introduced as a concept in December 2024, it was officially showcased on April 22. The platform provides resources such as sample applications, model downloads, and exportable source code, and is available for download in preview format from the Microsoft Store. Key features include the ability to experiment with AI applications offline and a variety of interactive samples, including Retrieval-Augmented Generation, chat interfaces, object detection, text-to-speech/speech-to-text conversion, and document summarization and analysis, all designed to run locally on developers' machines.

Winsage

April 25, 2025

My favorite File Explorer replacement just got better

Files has released an update to version 3.9.7, enhancing its functionality and introducing new customization features. Key improvements include a revamped Release Notes dialog that opens automatically after updates, customizable file size units, automatic encoding detection for ZIP file extraction, and UTF-8 encoding as the default for creating ZIP archives. The app is recognized for introducing features ahead of Windows File Explorer, such as tabs and unique functionalities like diverse view modes, sorting options, and tagging capabilities.

AppWizard

April 23, 2025

Fake Alpine Quest Mapping App Spotted Spying on Russian Military

A malicious variant of the Alpine Quest navigation app has been identified, specifically targeting Russian military Android devices. Security experts from Doctor Web discovered that this modified app contains the Android.Spy.1292.origin spyware, which collects sensitive information and executes remote commands. The spyware is distributed as a free download through a deceptive Telegram channel, marketed as a premium version of the legitimate app. Upon installation, it transmits data such as the user's phone number, account details, contact list, geolocation data, and stored files to a remote server. It also communicates with a Telegram bot controlled by the attackers, providing updated location information. The spyware can download additional modules to extract specific content, particularly documents from messaging platforms like Telegram and WhatsApp. It searches for a file named locLog generated by Alpine Quest, which records user movements. Doctor Web advises against downloading apps from unofficial sources and warns that malicious applications can bypass review processes on official app stores. The identity of the group behind this campaign is unknown, but there are previous associations with Ukrainian hacktivist factions targeting Russian military personnel.

Winsage

April 23, 2025

Critical Flaw in Windows Update Stack Enables Code Execution and Privilege Escalation

A newly identified vulnerability in the Windows Update Stack, designated as CVE-2025-21204, allows attackers to execute arbitrary code and escalate privileges to SYSTEM level on affected machines. This critical security flaw arises from improper privilege separation and inadequate validation during the update orchestration process. Attackers can exploit it by creating harmful update packages or acting as man-in-the-middle on compromised networks. The vulnerability impacts any Windows system utilizing the vulnerable update mechanism, affecting both enterprise and consumer editions. Microsoft is working on a patch, and users are advised to monitor official channels for updates and apply patches promptly. Organizations should also restrict network access to update servers and monitor for suspicious update activities. The CVSS score for this vulnerability is 7.8 (High), indicating significant risk.

AppWizard

April 22, 2025

You Can Now Make Google Messages Blur NSFW Images

Google is introducing a feature in Google Messages that automatically detects and blurs nude photos sent to Android devices, displaying a sensitive content warning before explicit images can be viewed. This feature includes options to block numbers sending inappropriate images and alerts users when they attempt to send or forward such content. Users can enable sensitive content warnings in the Google Messages settings, while for users under 18, the feature is automatically activated. The detection processes occur on-device using Android's SafetyCore technology, ensuring user privacy and security. The feature is currently being tested on select Android devices running the Messages beta and does not extend to videos.