device location Archives

AppWizard

March 17, 2025

If you have an Android device, you may be at risk – this malicious application steals all the information from your device

A spyware known as KoSpy, linked to North Korean hacking groups APT37 and APT43, was found disguised as a File Manager app on the Google Play Store. This malicious app accessed private data such as text messages, call logs, device location, stored files, and user keystrokes. It could also gather Wi-Fi network details, list installed applications, and record audio, capture images, and take screenshots without user awareness. The app was downloaded approximately a dozen times before Google removed it after security researchers raised concerns. Google Play Protect and additional security measures from smartphone manufacturers help protect Android devices from such threats. Users are advised to scrutinize app permissions and download apps from official sources to minimize risks.

AppWizard

March 12, 2025

Not for the first time: North Korean hackers used fake apps to spread spyware on Android

Malware, specifically a new spyware variant called KoSpy, has been linked to a North Korean hacking group known as ScarCruft (APT37). Researchers at Lookout Threat Lab discovered KoSpy concealed within deceptive applications like file managers and security software. Once installed, it can extract sensitive information such as SMS messages, call logs, device location, and access files. It can also record audio and video, capture screenshots, and log keystrokes. The data collected is transmitted to Command and Control servers encrypted with a hardcoded AES key and utilizes Firebase Firestore for configuration data. At least one malicious application associated with KoSpy was found on the Google Play Store, downloaded over ten times, and similar apps were also on third-party app store APKPure. Google has since removed the identified applications and deactivated the related Firebase projects.

AppWizard

March 12, 2025

North Korean government hackers snuck spyware on Android app store

A report from cybersecurity firm Lookout reveals that North Korean hackers have uploaded Android spyware, named KoSpy, onto the Google Play app store, which has been downloaded over ten times. The spyware masquerades as a file manager and is designed for surveillance, collecting data such as SMS messages, call logs, device location, files, keystrokes, Wi-Fi details, installed apps, audio recordings, images, and screenshots. Google has removed the identified apps from the Play Store and deactivated associated Firebase projects. Lookout also found instances of KoSpy on the third-party app store APKPure. The campaign appears targeted at individuals in South Korea who speak English or Korean, with links to North Korean hacking groups APT37 and APT43.

Winsage

March 11, 2025

How to enable Find My Device on Windows 10 to recover your PC if it’s ever lost or stolen

The "Find My Device" feature on Windows 10 helps users locate lost or stolen laptops and desktops by using location services to store the device's location in the cloud linked to a Microsoft account. To enable this feature, users must go to Settings > Update & Security > Find My Device, ensure location services are enabled, and toggle on the "Save my device's location periodically" option. To check the last known location, users can access the same Find My Device page and select the appropriate option to find their device. Disabling the feature involves toggling off the "Save my device's location periodically" option in the same settings menu. The feature requires an internet connection to function properly.

Winsage

February 21, 2025

New Windows 11 preview build improves privacy for European users

Microsoft's latest Windows 11 Insider Preview Build, 26120.3281 (KB5052086), introduces several privacy-focused changes. The Location History API has been removed, meaning Windows will no longer retain location data locally. Additionally, the update removes "account-based content" from File Explorer sections for users of Entra ID, aligning with GDPR regulations and affecting only customers in the European Union. Other features include improved OneDrive document resumption between devices and updates to the Recall feature, which will delete existing Recall snapshots.

Winsage

February 15, 2025

Microsoft removes Windows 11 feature responsible for collecting and storing location data

Microsoft has begun deprecating certain features in Windows 11 in 2025, starting with the Location History feature, which has been used to collect and store location data for users. The Location History feature will be removed from the latest preview build for Dev and Beta insiders, meaning that location data will no longer be saved locally, and the corresponding settings will be removed from the Privacy & Security > Location page in Settings. Other recently deprecated features include Suggested Actions, Paint3D, and Legacy DRM services.

AppWizard

November 19, 2024

Remove these 12 Android apps that capture your conversations

Certain Android applications have been identified as covertly capturing conversations and personal data without user awareness. A cyber espionage campaign uncovered by ESET revealed that twelve malicious apps were distributed through the Google Play Store and alternative channels, designed to mimic legitimate applications. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Chat 10. Nidus 11. GlowChat 12. Wave Chat The first six apps were available on the Google Play Store and had over 1,400 downloads each before being removed. The malicious apps can steal contacts, SMS messages, call logs, and more, with some leveraging Android’s accessibility features to intercept communications from secure platforms. Users are advised to uninstall these apps immediately and take steps to protect their privacy, including changing passwords and enabling two-factor authentication.

AppWizard

November 7, 2024

Uninstall these 12 Android apps that record your conversations

Twelve malicious Android applications have been identified that can take control of devices to record audio and perform other harmful activities. These apps include: 1. Rafaqat 2. Privee Talk 3. MeetMe 4. Let’s Chat 5. Quick Chat 6. Chit Chat 7. YohooTalk 8. TikTalk 9. Hello Cha 10. Nidus 11. GlowChat 12. Wave Chat The first six were available on the Google Play Store and were downloaded over 1,400 times before removal. Users are advised to uninstall these apps immediately and remain cautious about downloading unfamiliar applications or clicking on suspicious links.

AppWizard

October 23, 2024

Delete These 12 Android Apps That Record Your Conversations – Jason Deegan

Security researchers at ESET have identified twelve malicious Android apps capable of recording audio in the background and other intrusive actions. Six of these apps were distributed through the Google Play Store, while the other six were disseminated through less direct means. One tactic used by hackers involves posing as romantic interests on messaging platforms to persuade targets to download infected apps containing the VajraSpy Trojan. The malicious apps fall into three categories: 1. Infected messaging apps that steal personal information and run a Trojan in the background. 2. Apps that exploit accessibility features to intercept communications on WhatsApp and Signal, with one app, Wave Chat, capable of recording phone calls and ambient sounds. 3. A disguised news app that requests personal information and can intercept contacts and files. The identified malicious apps to uninstall include Rafaqat, Privee Talk, MeetMe, Let’s Chat, Quick Chat, Chit Chat, YohooTalk, TikTalk, Hello Chat, Nidus, GlowChat, and Wave Chat. The first six were downloaded over 1,400 times from the Google Play Store before being removed.

Winsage

September 23, 2024

Microsoft to Depreciate Windows Server Update Services with Windows Server 2025

Microsoft will deprecate Windows Server Update Services (WSUS) with the release of Windows Server 2025, as part of an initiative to streamline server functionalities. Other features being removed include: - IIS 6 Management Console - WordPad - SMTP Server - Windows PowerShell 2.0 Engine Additionally, several functionalities will cease to be actively developed, including: - Computer Browser service - NTLM protocols (LANMAN, NTLMv1, NTLMv2) - Remote Mailslots - TLS versions 1.0 and 1.1 - WebDAV Redirector service - WMIC tool Organizations using WSUS will need to find alternative solutions, aligning with Microsoft's cloud-first strategy.