digital wallet Archives

Winsage

May 27, 2025

Microsoft Windows Warning—Do Not Install These Apps On Your PC

A recent advisory warns Microsoft users about malicious websites that install harmful applications on Windows PCs. Security researchers at DomainTools have identified a scheme where attackers create counterfeit websites resembling popular brands to trick users into downloading malware-laden applications. These applications deploy three types of malware: VenomRAT, StormKitty, and SilentTrinity, which can steal passwords and digital wallet information, and allow attackers to maintain control over compromised systems. The counterfeit sites impersonate well-known brands, including Bitdefender and various banks, highlighting the need for users to follow Microsoft's guidance on transitioning from passwords to passkeys. The attacks utilize open-source components, making them more efficient and adaptable. Users are advised to download software only from official websites, verify website addresses, and be cautious when entering credentials.

AppWizard

May 15, 2025

Going contactless? Here’s how to set up Google Wallet on Android

Google Wallet is a digital wallet application for Android users that stores payment cards, boarding passes, loyalty cards, and more in a secure interface. Setting it up involves downloading the app, adding payment cards, and enabling contactless payments, with a smooth transition for existing Google Pay users. The app also allows users to check battery health and manage personal data visibility in Google searches. For Pixel users, it integrates with the Google Pixel 9's Reimagine AI feature for enhanced photo editing.

AppWizard

May 5, 2025

Google makes it easier to share digital credentials on your Android phone

Android now supports OpenID standards for digital credential presentation and issuance, allowing users to securely store and send cryptographically verifiable digital documents across apps. Google has expanded access to its Digital ID capabilities via the Wallet app for U.K. residents, promoting interoperability among applications managing digital identities. The Android platform now includes native support for OpenID4VP and OpenID4VCI through the Credential Manager's DigitalCredential API, enabling apps to incorporate various digital documents like educational certifications and insurance policies. Users can share credentials securely between devices using CTAP protocols and select appropriate credentials without specifying a digital wallet app. Digital credentials will be usable for account recovery on platforms like Amazon, accessing health services through CVS and MyChart, and verifying identities on services like Uber and Bumble. Samsung Wallet and 1Password will also support the storage of digital credentials, enhancing the ecosystem of digital wallets adhering to OpenID standards.

Winsage

March 18, 2025

Microsoft Warns Windows Users—Change Your Browser As New Attacks Underway

Microsoft has issued a warning to Chrome users about a new remote access trojan called StilachiRAT, which can exfiltrate sensitive information such as stored credentials and digital wallet data. StilachiRAT can scan for configuration data across 20 cryptocurrency wallet extensions in Chrome and can extract and decrypt saved usernames and passwords. The malware can also monitor Remote Desktop Protocol (RDP) sessions, capture active window information, and impersonate users to gain unauthorized access to networks. Microsoft recommends that users switch to its Edge browser or other browsers with SmartScreen technology to enhance security. Additionally, users are advised to install software from official sources, utilize Safe Links and Safe Attachments in Office 365, and enable network protection features in Microsoft Defender for Endpoint. Despite this, Chrome remains the dominant browser among Windows users.

AppWizard

March 15, 2025

This underrated Google Wallet feature is one of my favorite things about the app

Google Wallet has introduced a feature for creating custom passes, enhanced by artificial intelligence, allowing users to add items without barcodes or QR codes, such as vehicle registrations and insurance cards. The process involves taking a photo or uploading an image through the app. Custom passes provide quick access to important information, like health insurance details or movie tickets, and are designed with unique aesthetics that enhance the user experience. Google Wallet's implementation of custom passes is noted for its simplicity and visual appeal, making it a versatile tool compared to similar features in Samsung Wallet and Apple Wallet.

Tech Optimizer

March 12, 2025

Enhanced XCSSET Malware Targets MacOS Users with Advanced Obfuscation

Microsoft Threat Intelligence has identified a new variant of the XCSSET malware targeting macOS, specifically aimed at software developers who share Xcode project files. This variant features enhanced obfuscation techniques, updated persistence mechanisms, and a four-stage infection chain that begins with an obfuscated shell payload activated during the building of an infected Xcode project. The malware communicates with a command-and-control (C2) server to download additional payloads and employs encoding methods to hinder detection. It checks the version of XProtect to evade detection and modifies shell configuration files for persistence. The final stage involves an AppleScript payload that collects system information and redirects logs to the C2 server. The malware includes sub-modules for various malicious activities, such as stealing system information and extracting digital wallet data. Although observed in a limited number of attacks, its advanced capabilities pose a significant threat to macOS users. Users are advised to exercise caution with Xcode projects, keep systems updated, and use robust antivirus software.

AppWizard

February 25, 2025

What’s new in Android’s February 2025 Google System Updates [U: 2/24]

The monthly "Google System Release Notes" detail updates and features for various platforms, including Play services, Play Store, and Play system updates for Android devices, Wear OS, Google/Android TV, Auto, and PC. Key applications in the "Google System" include Google Play Services, Google Play Store, Google Wallet, and Android System Intelligence. The appearance of a feature in the changelog does not guarantee immediate availability. Recent updates include: - School Time: A feature for parents to manage phone functionalities during school hours on supervised phones. - Google Play services v25.07: Notifications for available phone updates and alerts for digital ID card issuer availability. - Google Play Store v45.1: Updated deep link experience and user experience for purchase offers. - Android System Intelligence V.21: Resolved user interface issues in Live Captions. - Google Play services v25.06: New developer features for Utilities-related processes and enhancements for digital wallet processes. - Google Play Store v45.0: Sponsored suggestions now include descriptions and improved search for Play Collections. - Google Play services v25.05: New developer features for Device Connectivity and improvements to Quick Share. - Google Play Store v44.9: Availability of Collections on Android 10-12 devices and remote installation of watch faces. - Google Play services v25.04: Simplified family group management and support for Machine Learning & AI processes for developers. - Google Play Store v44.8: UI updates for Play Games profile creation and updates for evaluating app quality on tablets and ChromeOS devices.

BetaBeacon

October 23, 2024

Getting started with Bitcoin games on Android: A personal journey

- Bitcoin Games offer anonymity, instant payouts, and provably fair games on Android devices. - Setting up a Bitcoin wallet is the first step to start playing Bitcoin Games on Android. - Purchasing Bitcoin on your Android device can be done through wallet apps on the Google Play Store. - Choosing a mobile-optimized Bitcoin Game is important for a seamless gaming experience on Android. - Making deposits and withdrawals in Bitcoin Games is quick and easy compared to traditional banking methods. - Bitcoin Games on Android offer privacy, fast transactions, and lower fees compared to traditional online games. - Beginners should start with small deposits, learn the game rules, and stay secure while playing Bitcoin Games on Android.

Tech Optimizer

August 25, 2024

Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited – Help Net Security

- PostgreSQL databases on Linux systems are being targeted by cryptojacking attacks due to inadequate security. - Cisco Talos has found vulnerabilities in Microsoft applications for macOS that could allow unauthorized access to microphones and cameras. - Google has fixed a zero-day vulnerability in Chrome, CVE-2024-7971, which was being actively exploited. - OpenCTI, an open-source cyber threat intelligence platform, has been launched to help organizations manage cyber threat data. - A compilation of cybersecurity job openings indicates a growing demand for professionals in the field. - A critical vulnerability in GitHub Enterprise Server, CVE-2024-6800, has been patched to prevent unauthorized access. - SolarWinds has released a patch for a critical flaw in its Web Help Desk solution following a previous fix for a code-injection vulnerability. - Hiya reported nearly 20 billion calls flagged as spam in the first half of 2024, with a rise in AI-driven scams. - Microsoft will implement mandatory multi-factor authentication for all Azure sign-ins. - North Korean hackers exploited a zero-day vulnerability in a Windows driver, CVE-2024-38193, to deploy a rootkit. - NGate malware has been identified, which uses NFC technology to steal funds from victims' payment cards on Android devices. - Many organizations face security vulnerabilities in APIs, particularly with exposed secrets. - Microchip Technology Incorporated experienced operational disruptions due to a cyberattack. - Experts are questioning the future of national data privacy legislation in the U.S. amid discussions on federal privacy laws. - Research indicates that fraudsters can exploit digital wallet apps to use stolen payment cards even after they are reported compromised. - x64dbg is gaining popularity among security professionals for malware analysis and reverse engineering. - Current vulnerability management approaches focus on risk prioritization as a starting point for security strategy. - Building a positive cybersecurity culture within organizations is essential for risk reduction and resilience. - Higher education institutions are exploring ways to enhance cybersecurity measures despite resource constraints. - A new phishing campaign targeting Android and iPhone users has been uncovered by ESET researchers. - Organizations are recognizing the importance of managing enterprise data to improve cybersecurity, despite challenges from siloed systems. - The federal government is focusing on food security as a critical infrastructure issue. - Organizations are adopting biometric solutions to counter the risks posed by deepfake technology. - New information security products have been released by companies including Entrust, Fortanix, McAfee, Own, RightCrowd, and Wallarm.

AppWizard

August 16, 2024

Biometric security use up for myGov app; Aussie TEx messaging ramps up | Biometric Update

Australia's Minister for Government Services and the NDIS, Bill Shorten, announced that the myGov app has reached 5.6 million users and accounted for over 122 million sign-ins in the past 18 months, with more than one-third of daily sign-ins utilizing the app. The myGov app now includes biometric security features and passkeys for secure logins. Since December 2022, over 1.5 million digital items have been added to the myGov wallet. The national digital trust exchange (TEx) is currently in proof-of-concept and aims to streamline identity verification for services like banking. Major companies, including Google and Telstra, are consulting on TEx’s development. The introduction of TEx has replaced previous plans to integrate mobile driver’s licenses into myGov. The TEx initiative is part of the Albanese government's digital ID strategy, which includes myGovID used by over 10 million Australians. Critics have called for more public consultation and have raised concerns about public trust due to past government technology failures, such as the Robodebt scandal.