digital wallet Archives

Winsage

March 18, 2025

Microsoft Warns Windows Users—Change Your Browser As New Attacks Underway

Microsoft has issued a warning to Chrome users about a new remote access trojan called StilachiRAT, which can exfiltrate sensitive information such as stored credentials and digital wallet data. StilachiRAT can scan for configuration data across 20 cryptocurrency wallet extensions in Chrome and can extract and decrypt saved usernames and passwords. The malware can also monitor Remote Desktop Protocol (RDP) sessions, capture active window information, and impersonate users to gain unauthorized access to networks. Microsoft recommends that users switch to its Edge browser or other browsers with SmartScreen technology to enhance security. Additionally, users are advised to install software from official sources, utilize Safe Links and Safe Attachments in Office 365, and enable network protection features in Microsoft Defender for Endpoint. Despite this, Chrome remains the dominant browser among Windows users.

AppWizard

March 15, 2025

This underrated Google Wallet feature is one of my favorite things about the app

Google Wallet has introduced a feature for creating custom passes, enhanced by artificial intelligence, allowing users to add items without barcodes or QR codes, such as vehicle registrations and insurance cards. The process involves taking a photo or uploading an image through the app. Custom passes provide quick access to important information, like health insurance details or movie tickets, and are designed with unique aesthetics that enhance the user experience. Google Wallet's implementation of custom passes is noted for its simplicity and visual appeal, making it a versatile tool compared to similar features in Samsung Wallet and Apple Wallet.

Tech Optimizer

March 12, 2025

Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation

Microsoft Threat Intelligence has identified a new variant of the XCSSET malware targeting macOS, specifically aimed at software developers who share Xcode project files. This variant features enhanced obfuscation techniques, updated persistence mechanisms, and a four-stage infection chain that begins with an obfuscated shell payload activated during the building of an infected Xcode project. The malware communicates with a command-and-control (C2) server to download additional payloads and employs encoding methods to hinder detection. It checks the version of XProtect to evade detection and modifies shell configuration files for persistence. The final stage involves an AppleScript payload that collects system information and redirects logs to the C2 server. The malware includes sub-modules for various malicious activities, such as stealing system information and extracting digital wallet data. Although observed in a limited number of attacks, its advanced capabilities pose a significant threat to macOS users. Users are advised to exercise caution with Xcode projects, keep systems updated, and use robust antivirus software.

AppWizard

February 25, 2025

What’s new in Android’s February 2025 Google System Updates [U: 2/24]

The monthly "Google System Release Notes" detail updates and features for various platforms, including Play services, Play Store, and Play system updates for Android devices, Wear OS, Google/Android TV, Auto, and PC. Key applications in the "Google System" include Google Play Services, Google Play Store, Google Wallet, and Android System Intelligence. The appearance of a feature in the changelog does not guarantee immediate availability. Recent updates include: - School Time: A feature for parents to manage phone functionalities during school hours on supervised phones. - Google Play services v25.07: Notifications for available phone updates and alerts for digital ID card issuer availability. - Google Play Store v45.1: Updated deep link experience and user experience for purchase offers. - Android System Intelligence V.21: Resolved user interface issues in Live Captions. - Google Play services v25.06: New developer features for Utilities-related processes and enhancements for digital wallet processes. - Google Play Store v45.0: Sponsored suggestions now include descriptions and improved search for Play Collections. - Google Play services v25.05: New developer features for Device Connectivity and improvements to Quick Share. - Google Play Store v44.9: Availability of Collections on Android 10-12 devices and remote installation of watch faces. - Google Play services v25.04: Simplified family group management and support for Machine Learning & AI processes for developers. - Google Play Store v44.8: UI updates for Play Games profile creation and updates for evaluating app quality on tablets and ChromeOS devices.

BetaBeacon

October 23, 2024

Getting started with Bitcoin games on Android: A personal journey

- Bitcoin Games offer anonymity, instant payouts, and provably fair games on Android devices. - Setting up a Bitcoin wallet is the first step to start playing Bitcoin Games on Android. - Purchasing Bitcoin on your Android device can be done through wallet apps on the Google Play Store. - Choosing a mobile-optimized Bitcoin Game is important for a seamless gaming experience on Android. - Making deposits and withdrawals in Bitcoin Games is quick and easy compared to traditional banking methods. - Bitcoin Games on Android offer privacy, fast transactions, and lower fees compared to traditional online games. - Beginners should start with small deposits, learn the game rules, and stay secure while playing Bitcoin Games on Android.

Tech Optimizer

August 25, 2024

Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited – Help Net Security

- PostgreSQL databases on Linux systems are being targeted by cryptojacking attacks due to inadequate security. - Cisco Talos has found vulnerabilities in Microsoft applications for macOS that could allow unauthorized access to microphones and cameras. - Google has fixed a zero-day vulnerability in Chrome, CVE-2024-7971, which was being actively exploited. - OpenCTI, an open-source cyber threat intelligence platform, has been launched to help organizations manage cyber threat data. - A compilation of cybersecurity job openings indicates a growing demand for professionals in the field. - A critical vulnerability in GitHub Enterprise Server, CVE-2024-6800, has been patched to prevent unauthorized access. - SolarWinds has released a patch for a critical flaw in its Web Help Desk solution following a previous fix for a code-injection vulnerability. - Hiya reported nearly 20 billion calls flagged as spam in the first half of 2024, with a rise in AI-driven scams. - Microsoft will implement mandatory multi-factor authentication for all Azure sign-ins. - North Korean hackers exploited a zero-day vulnerability in a Windows driver, CVE-2024-38193, to deploy a rootkit. - NGate malware has been identified, which uses NFC technology to steal funds from victims' payment cards on Android devices. - Many organizations face security vulnerabilities in APIs, particularly with exposed secrets. - Microchip Technology Incorporated experienced operational disruptions due to a cyberattack. - Experts are questioning the future of national data privacy legislation in the U.S. amid discussions on federal privacy laws. - Research indicates that fraudsters can exploit digital wallet apps to use stolen payment cards even after they are reported compromised. - x64dbg is gaining popularity among security professionals for malware analysis and reverse engineering. - Current vulnerability management approaches focus on risk prioritization as a starting point for security strategy. - Building a positive cybersecurity culture within organizations is essential for risk reduction and resilience. - Higher education institutions are exploring ways to enhance cybersecurity measures despite resource constraints. - A new phishing campaign targeting Android and iPhone users has been uncovered by ESET researchers. - Organizations are recognizing the importance of managing enterprise data to improve cybersecurity, despite challenges from siloed systems. - The federal government is focusing on food security as a critical infrastructure issue. - Organizations are adopting biometric solutions to counter the risks posed by deepfake technology. - New information security products have been released by companies including Entrust, Fortanix, McAfee, Own, RightCrowd, and Wallarm.

AppWizard

August 16, 2024

Biometric security use up for myGov app; Aussie TEx messaging ramps up | Biometric Update

Australia's Minister for Government Services and the NDIS, Bill Shorten, announced that the myGov app has reached 5.6 million users and accounted for over 122 million sign-ins in the past 18 months, with more than one-third of daily sign-ins utilizing the app. The myGov app now includes biometric security features and passkeys for secure logins. Since December 2022, over 1.5 million digital items have been added to the myGov wallet. The national digital trust exchange (TEx) is currently in proof-of-concept and aims to streamline identity verification for services like banking. Major companies, including Google and Telstra, are consulting on TEx’s development. The introduction of TEx has replaced previous plans to integrate mobile driver’s licenses into myGov. The TEx initiative is part of the Albanese government's digital ID strategy, which includes myGovID used by over 10 million Australians. Critics have called for more public consultation and have raised concerns about public trust due to past government technology failures, such as the Robodebt scandal.

AppWizard

July 12, 2024

Google Wallet Shortcut, Soon to Potentially be Available for any Android Model

Google Wallet allows for immediate contactless payments at NFC terminals, but switching between cards can be inconvenient. A new Quick Setting tile will improve the payment experience for consumers.

AppWizard

June 12, 2024

‘Google is dead’ rage Android phone owners as popular app killed off

Google has replaced Google Pay with Google Wallet, causing confusion and frustration among Android phone users. Google Wallet is a digital wallet that securely stores cards, tickets, passes, keys, and IDs. The change has been criticized on Reddit, with some users expressing confusion and disappointment. Despite the backlash, some users have dismissed the complaints as unnecessary drama. To use the new Google Wallet lock feature, users need to open the app, tap the profile image, select Wallet settings, scroll to the Security tab, and open the Verification settings.

AppWizard

May 13, 2024

Google Wallet Will Soon Not Work on Older Android and Wear OS Builds

Google Wallet is revising its compatibility requirements to require Android 9 on smartphones and Wear OS 2.0 on smartwatches for security and upcoming feature enhancements.