eavesdropping Archives

Winsage

June 13, 2026

Windows Server is getting new network safety capabilities with DNS over HTTPS

Microsoft has introduced DNS over HTTPS (DoH) on Windows Server 2025, enhancing network security by encrypting DNS traffic for client-to-server communications. This feature, previously available only in Windows client editions, is now part of Microsoft's Zero Trust architecture. DoH routes DNS traffic through HTTPS secured with TLS certificates, preventing eavesdropping and safeguarding DNS data from tampering. It adheres to the IETF DNS over HTTPS standard (RFC 8484) and can integrate with existing infrastructure, allowing organizations to maintain unencrypted DNS traffic if needed. DoH is available for Windows Server 2025 systems updated to the latest Patch Tuesday release, and Microsoft has provided guidance on enabling this feature. However, DNS traffic exchanged between two DNS servers will not be encrypted by DoH.

AppWizard

May 25, 2026

You already know Russia’s Max messenger spies on users. You probably don’t know just how many surveillance tools it hides, including even a neural network for eavesdropping.

Concerns about the Russian messaging application Max have grown due to vulnerabilities and surveillance features identified by IT specialists. An analysis revealed that Max can disable encryption on conversations with a single command and includes a forced-update feature that restricts user communication until the app is updated. Max collects extensive user data, including a list of installed applications and checks for VPNs, and has the ability to disable TLS session validation. Additionally, a version of Max included a neural network for speech recognition, although these features were later removed. Despite these concerns, VK, the parent company of Max, reported rapid user growth, surpassing 120 million users as of early May, with a daily reach of 68 million users. Many users are switching from Telegram to Max due to accessibility issues with Telegram and pressure from authorities. Major mobile carriers in Russia have collaborated with VK to send authentication messages through Max, further embedding the app in users' daily lives. However, Max has faced challenges in becoming a primary source for news and entertainment, hosting around 300,000 public channels compared to Telegram's 1.6 million, which has hindered advertising growth and led to an increase in scams.

AppWizard

April 1, 2026

ARC Raiders and Minecraft Devs Reveal Gorgeous AAA Co-Op RPG

Wayfinder Studios has announced Wyldheart, a cooperative RPG developed by veterans from games like ARC Raiders, Minecraft, and Battlefield. In Wyldheart, players take on the role of a peasant imprisoned and seek an ancient relic to protect their town, with options to play solo or with up to three friends. The game features a semi-cartoonish visual style inspired by early Elder Scrolls games and the Fable series, focusing on social dynamics, NPC interactions, and exploration. Players can engage with local villagers, uncover quests, gather materials, craft items, and upgrade gear. The combat system offers 19 backgrounds and various skill trees, including magic, adventuring, and survival, along with a range of melee and ranged weapons. The co-op experience includes a drop-in and drop-out system with cloud-shared saves and group XP, designed for busy gamers with campaigns of approximately 10 hours of story content and an additional 15 hours of optional gameplay. Wyldheart is currently in alpha and will enter Early Access later this year, with players able to wishlist it on Steam.

AppWizard

November 21, 2025

EAGLE Security UNLIMITED For Android

EAGLE Security UNLIMITED is a mobile application designed to protect users' personal information from privacy violations, rated 4.4 stars from over 1,000 reviews. It addresses threats such as spyware, IMSI catchers, and legal wiretapping. The app allows users to review installed applications, monitor suspicious connections, and promotes encrypted communication tools. It is priced at USD 5.49 and developed by Int64, compatible with various Android devices.

AppWizard

November 5, 2025

The Séance of Blake Manor review

The Seance of Blake Manor is a mystery game set to release on October 27, 2025, priced at £17. Developed by Spooky Doorway and published by Raw Fury, the game involves investigating the disappearance of Evelyn Deane within Blake Manor, where players interact with over 20 characters, each with unique backstories. Gameplay includes listening at doors, using stolen keys, and piecing together clues from various sources. The narrative features themes of blackmail, revenge, and addiction, with a user-friendly interface that aids in investigation. The art direction employs flat colors and bold outlines, creating an unsettling atmosphere enhanced by supernatural elements. The game offers an 18-hour experience with multiple endings, encouraging replayability and exploration.

AppWizard

October 28, 2025

FEAR is turning 20, but Monolith’s terrifying shooter hasn’t lost its touch

The narrator is eavesdropping on enemy clone soldiers in the game FEAR while strategizing an attack. They have several weapon options, including a SPAS-12 shotgun and a nail gun. The narrator deploys a proximity mine to distract the soldiers, leading to an explosion that takes out two of them. They then use the shotgun to eliminate another soldier and finish the last one with the nail gun. The game features innovative AI, varied combat encounters, and intense atmosphere, celebrating its 20th anniversary.

Tech Optimizer

October 14, 2025

Ethernet vs Wi-Fi security comparison reveals surprising results for home users seeking protection

Ethernet relies on a physical cable for direct connection to the router, reducing the risk of data interception, while Wi-Fi transmits data wirelessly, making it more vulnerable to unauthorized access. A well-secured Wi-Fi network can be more secure than a poorly managed Ethernet setup. The security of a network depends on factors such as router configuration, software updates, and the number of connected devices. To enhance internet security, users should employ strong passwords, enable the latest encryption, keep router firmware updated, review connected devices, install antivirus software, and consider using a VPN for sensitive tasks.

AppWizard

July 6, 2025

Cybersecurity alert: 10 Android apps spy on your conversations without your knowledge, remove them from your phone immediately

Recent findings have identified a cyberespionage campaign using Google Play to distribute malicious applications, with four apps on the Play Store and six through other channels. The campaign disguises itself as romantic outreach via messaging services like Facebook Messenger and WhatsApp. The malicious applications fall into three categories: 1. Standard Messaging Applications, which gather personal information and include the VajraSpy trojan. 2. Accessibility Exploiters, which use accessibility features to intercept communications and include the Wave Chat app that records calls and captures keystrokes. 3. News Medium Impersonators, which solicit phone numbers and can intercept contacts and sensitive documents. Twelve dangerous applications have been flagged: Rafaqat, Private Talk, MeetMe, Let’s Chat, Quick Chat, Chit Cat, YohooTalk, TikTok, Hello Cha, Nidus, GlowChat, and Wave Chat. The first six apps had over 1,400 downloads before removal. These applications use advanced techniques to bypass Android security protocols, allowing eavesdropping on communications. Users are advised to uninstall these apps immediately, exercise caution when downloading new applications, and regularly review app permissions and system updates to enhance security.

AppWizard

July 3, 2025

YONO SBI App Vulnerability Enables Man-in-the-Middle Attacks

A security vulnerability (CVE-2025-45080) has been identified in version 1.23.36 of the YONO SBI: Banking & Lifestyle mobile application, which allows unencrypted communications due to the android:usesCleartextTraffic="true" setting in its AndroidManifest.xml file. This misconfiguration exposes sensitive banking information to risks such as eavesdropping, tampering, and man-in-the-middle (MITM) attacks. Security experts recommend setting android:usesCleartextTraffic="false" and enforcing HTTPS for secure communications. Users are advised to avoid using the affected version until a security update is released. The vulnerability was disclosed by security researcher Ishwar Kumar.

AppWizard

June 21, 2025

Understanding Android 14 Privacy Changes: Key Insights

The introduction of Android 14 features a sophisticated permissions model that requests app permissions only when needed, allowing users to choose between "approximate" and "precise" location access. Apps handling transactions must justify their need for real-time access. Background location usage must be disclosed in Play Store listings, and developers must complete Data Safety Forms. Android enforces scoped storage, isolating apps in sandboxed environments to reduce data leakage risks. Visual indicators for microphone and camera usage were introduced in Android 12, and Android 14 requires apps to specify the nature of access. In-app transactions in gaming apps must meet elevated security standards, including encryption and biometric logins, and undergo audits under PCI DSS. Background access for location services requires clear justification, and developers must submit a Permission Declaration Form. Google Play mandates disclosure of third-party SDKs and their data practices. User awareness is emphasized through concise permission dialogs and Data Safety summaries in Play Store listings. Secure login protocols like OAuth 2.0 are required for sensitive applications, with stronger encryption mandates. Apps for children must comply with COPPA and GDPR-K regulations, with manual reviews by the Play Store. Google's Privacy Sandbox initiative aims to enhance privacy in advertising practices, with expected rollout in 2024.