Drive Archives

Winsage

May 15, 2026

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit named YellowKey allows individuals with physical access to Windows 11 systems to bypass BitLocker encryption protections. Discovered by researcher Nightmare-Eclipse, this vulnerability enables unauthorized users to access encrypted drives quickly. The exploit involves transferring a custom FsTx folder to a USB drive, connecting it to a BitLocker-protected device, and entering recovery mode to gain command prompt access without needing a BitLocker recovery key. Esteemed researchers Kevin Beaumont and Will Dormann have confirmed the exploit's functionality, although the specific mechanism within the FsTx folder that enables the bypass is not fully understood.

AppWizard

May 14, 2026

Google may be cutting free Gmail storage for new accounts down to 5GB

Google may reduce free account storage from 15GB to 5GB for users who do not link a phone number during signup. Users who connect a phone number can still access the full 15GB storage. Google has updated its support page to state "up to 15GB" of free storage instead of a guaranteed 15GB.

Winsage

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.

Tech Optimizer

May 14, 2026

Kaspersky Achieves 40% Reach Rate and Store Visits with AnyMind’s Data-Led Influencer Marketing

Kaspersky partnered with AnyMind Group in March 2026 to launch an influencer marketing campaign in Singapore aimed at changing consumer perceptions that Kaspersky only offers antivirus protection. The campaign focused on building trust through relatable narratives, increasing urgency around scam prevention, and driving traffic to the Kaspersky Shopee Store. It utilized Instagram for engagement, featuring relatable stories and humor to simplify complex cybersecurity topics. The campaign achieved significant reach and engagement, with total reach exceeding 160,000, total views at 223,000, and total engagements of 7,500. The engagement rate was 4.73%, and the reach rate was 40.56%. Influencer Faris Samri had the highest engagement rate at 17.20%. The campaign led to a 2,900% increase in store page views and over 6,000 combined saves and shares, indicating high user value in the content. Interactive Instagram Stories were identified as the key driver for direct link clicks.

Tech Optimizer

May 14, 2026

Gen Digital stock (US3687361044): Cybersecurity firm reports steady growth amid market shifts

Gen Digital Inc. operates in the cybersecurity and software sector, headquartered in the United States. The company focuses on consumer protection against cyber risks through a subscription-based model, primarily offering products under the Norton and Avast brands. In fiscal Q1 2026, Gen Digital reported revenues of million, a 3% increase year-over-year, with subscriptions accounting for 95% of total revenue in fiscal 2025. The company serves over 150 million users globally, with endpoint protection revenue reaching million and identity and privacy services contributing million in fiscal Q1 2026. The average revenue per user (ARPU) rose to .30 during this period. Gen Digital holds approximately 20% of the global consumer antivirus market share and is positioned favorably against competitors like McAfee and Bitdefender. The cybersecurity market is projected to grow at an annual rate of 12% through 2030, with 50% of Gen Digital's revenue generated from North America.

Winsage

May 13, 2026

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher known as Chaotic Eclipse has released proof-of-concept exploits for two unpatched vulnerabilities in Microsoft Windows: YellowKey, a BitLocker bypass, and GreenPlasma, a privilege-escalation flaw. The YellowKey vulnerability affects Windows 11 and Windows Server 2022/2025, allowing unauthorized access to BitLocker-protected volumes by exploiting the Windows Recovery Environment. The exploit can be executed using specially crafted 'FsTx' files on a USB drive or directly on the EFI partition. Independent researcher Kevin Beaumont has validated the exploit, which can bypass BitLocker protections even in a Trusted Platform Module (TPM) environment. The GreenPlasma vulnerability allows unprivileged users to create arbitrary memory-section objects, potentially leading to privilege escalation. Chaotic Eclipse has expressed dissatisfaction with Microsoft's handling of bug reports, prompting the public disclosure of these vulnerabilities. Microsoft has stated its commitment to investigating security issues and updating affected devices.

AppWizard

May 13, 2026

Do more and have more fun with the next generation of Android in the car

Auto's mission is to enhance journeys by making them seamless, safe, and connected through Android Auto and vehicles with Google built-in technology. There are over 250 million Android Auto-compatible cars on the roads. The next generation of Android Auto will feature a visually striking interface, premium entertainment options, and an intuitive assistant named Gemini. Vehicles with Google built-in are available in more than 100 models across 16 brands and will receive updates, including improved applications and enhanced Google Maps functionality. The latest Android Auto iteration includes a new interface, premium entertainment options, and enhanced Gemini integration.

AppWizard

May 12, 2026

Android Auto is getting video apps, music updates, and more Gemini smarts

Google is enhancing the Android Auto experience throughout 2026 with updates that include the integration of video apps like YouTube, supporting 60fps and FHD playback in select vehicle models from brands such as BMW, Ford, and Mercedes-Benz. An audio-only mode for video apps will activate automatically when the vehicle is in motion, allowing drivers to listen without distraction. Android Auto will also introduce Dolby Atmos support for audio, a design overhaul for media applications, and immersive navigation features in Google Maps, including live lane guidance for vehicles with "Google built-in." Additionally, a Zoom app for Android Auto is expected to launch, and a new feature called Gemini Intelligence will enhance user interaction by enabling context-aware tasks, such as sending addresses and placing orders via voice commands.

AppWizard

May 12, 2026

How to lower the drawbridge and fix broken bridges in Outbound

To repair the broken bridges in Outbound, locate one along the river and gather 20 Everwood logs. Unlock the Sawmill blueprint and construct it in your van to transform the logs into 10 Everwood Planks. Each bridge requires 10 Everwood Planks for restoration, which can be found on either side of the drawbridge. After repairing at least one bridge, find the drawbridge controls located in a small control center to lower the drawbridge. Once lowered, it will remain in position for easier navigation. The newly accessible side of the river offers additional resources, including new wood and a durable ore, which require improved tools and an upgraded van to harvest.

Winsage

May 10, 2026

Official JDownloader site served malware to Windows and Linux users between May 6 and May 7

Between May 6 and May 7, 2026, the official JDownloader website was compromised in a supply chain attack, leading to the distribution of malicious installers for Windows and Linux users. Attackers altered download links, redirecting users to harmful files, specifically targeting the Windows “Alternative Installer” and the Linux shell installer. A Reddit user reported the issue after Microsoft Defender flagged the installers as malicious, noting unusual developer names instead of the expected publisher, AppWork GmbH. JDownloader developers confirmed the breach and temporarily took down the website for investigation, revealing that an unpatched vulnerability in the content management system allowed the attackers to modify download pages. The genuine installer packages were not altered, and the malicious links were removed. The website was restored on May 8–9, 2026, with verified clean installer links. Indicators of compromise included specific hashes and compromised URLs related to the attack.