emails Archives

Winsage

March 2, 2026

RAT Malware Via Windows Explorer Puts Crypto at Risk

Cofense Intelligence reported that threat actors are exploiting Windows File Explorer and WebDAV servers to deliver Remote Access Trojans (RATs) to corporate systems, bypassing browser security measures. This method allows attackers to infiltrate machines without using web browsers, taking advantage of File Explorer's ability to connect to remote WebDAV servers. Despite WebDAV being deprecated by Microsoft in November 2023, it is still supported in Windows, creating a vulnerability. The campaigns began in February 2024, with a significant increase in September 2024, and 87% of these campaigns deliver multiple RATs, including XWorm, Async RAT, and DcRAT. Victims typically receive phishing emails disguised as invoices, containing URL or LNK shortcut files that initiate a WebDAV connection. The attacks often utilize Cloudflare Tunnel for hosting malicious WebDAV servers, making the traffic appear legitimate. Notably, 50% of affected campaigns are in German, while 30% are in English. The report emphasizes the risks posed to individuals holding digital assets, as RATs can access sensitive information, including crypto wallet files. Organizations are advised to monitor network traffic for Cloudflare Tunnel instances and educate users about the risks associated with File Explorer's capabilities.

Winsage

March 1, 2026

Hackers Abuse Windows File Explorer and WebDAV for Stealthy Malware Delivery

Cybercriminals are exploiting a legacy feature in Windows File Explorer, specifically the WebDAV protocol, to distribute malware and bypass traditional security measures. Despite Microsoft deprecating native WebDAV support in November 2023, it remains active on many systems. Attackers use WebDAV to deceive victims into executing malicious payloads by sending links that connect File Explorer directly to remote servers, avoiding web browsers and their security warnings. They employ methods such as direct linking, URL shortcut files, and LNK shortcut files to deliver exploits. The primary objective of these campaigns, which surged in late 2024, is to deploy Remote Access Trojans (RATs), with 87% of Active Threat Reports involving multiple RATs like XWorm RAT, Async RAT, and DcRAT. These campaigns predominantly target corporate networks in Europe, with many phishing emails written in German and English. Attackers use short-lived WebDAV servers hosted on Cloudflare Tunnel demo accounts to obscure their infrastructure. Security analysts are advised to monitor unusual network activity from Windows Explorer and educate users to verify addresses in File Explorer.

Winsage

February 28, 2026

Skip subscriptions and get Microsoft Office apps for life for less than $5 each

Microsoft Office Professional 2021 for Windows is available for a limited time at a price of .97 for a lifetime license. This license includes access to eight applications: Word, Excel, PowerPoint, Outlook, OneNote, Teams, Access, and Publisher. The license allows users to own the applications outright without ongoing subscription fees. Instant delivery and download instructions are provided upon purchase, and the software is compatible with Windows 10 or 11.

AppWizard

February 26, 2026

How Your Android Apps Keep Talking — Even When You’re Not Using Them

When connecting to public Wi-Fi, using a VPN is essential as it encrypts traffic and creates a secure tunnel between the device and a remote server, keeping activities concealed from the local network. Android devices continuously communicate in the background, performing tasks such as updating emails and syncing notes, which increases data visibility on public networks. Public Wi-Fi has become common due to remote work and shared spaces, leading to increased privacy risks as smartphones now store sensitive information like banking apps and personal photos. Users are encouraged to adopt simple security habits, including using a VPN when connecting to public networks. Android devices are always connected, making network-level protection important to safeguard background communications.

Tech Optimizer

February 25, 2026

Effective ways to prevent the download of malicious code

Malware is malicious software designed to disrupt normal system operations, often infiltrating devices through activities like web browsing or opening documents. In 2023, SonicWall Capture Labs reported over 6 billion malware attacks, an 11% increase from the previous year. Common types of malware include viruses, worms, Trojans, spyware, adware, ransomware, fileless malware, and bots. Malware spreads through email attachments, phishing links, compromised websites, fake apps, and removable media. Its effects can include performance issues, data theft, and financial damage. Signs of malware presence include sluggish performance, unexpected crashes, and unauthorized changes. Recommended actions if malware is suspected include disconnecting the device, running a malware scan, and changing passwords. Preventative measures include using security software, practicing safe browsing, keeping software updated, and building security awareness.

Winsage

February 23, 2026

Microsoft Copilot is the best productivity app on Windows, says Microsoft

Microsoft has announced that its AI-driven tool, Copilot, is the top productivity application for Windows, according to its list titled "Best productivity apps in Windows for getting more done," which only includes Microsoft applications. Copilot is designed to streamline tasks from the desktop, offering features like summarizing emails, creating checklists, drafting messages, and organizing projects. Microsoft is promoting Copilot's integration across its product suite, but the ranking's exclusion of third-party applications has raised questions among users. An alternative list featuring a mix of Windows-based and third-party applications is available for those seeking a broader perspective on productivity tools.

Winsage

February 23, 2026

Windows 10 is vulnerable, but upgrading to Windows 11 Pro is only $13 right now

Microsoft is offering a promotional rate for Windows 11 Pro at .97, down from a previous price of 9, resulting in savings of 6.03. This offer is limited-time. Windows 11 Pro includes advanced security features like TPM 2.0, UEFI, BitLocker, and Smart App Control. It also provides a revamped user interface with a new desktop layout, redesigned Start menu, snap tools, virtual desktops, built-in Teams, and Widgets. Additionally, it features an AI assistant called Copilot for various tasks.

Winsage

February 20, 2026

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are using social media advertising, specifically paid Facebook ads, to promote a malware campaign disguised as legitimate Microsoft promotions. They create near-exact replicas of the official Windows 11 download page to lure users into downloading malicious software. The deceptive domains used include ms-25h2-download[.]pro and ms-25h2-update[.]pro. The malware campaign employs geofencing to selectively target victims, redirecting security researchers to benign sites while delivering malware to unsuspecting users. The malicious file, named ms-update32.exe, is hosted on GitHub and mimics the size of a legitimate Windows installer. Once executed, it checks for monitoring tools and, if none are detected, installs an application named "Lunar" that collects sensitive data, including cryptocurrency wallet information. The malware maintains persistence by writing data to the Windows registry and employs various obfuscation techniques to evade detection. The attackers run parallel ad campaigns with different Facebook Pixel IDs to ensure continued operation even if one is suspended. Indicators of compromise include specific file hashes, domains, file system artifacts, and registry keys associated with the malware.

Tech Optimizer

February 19, 2026

The 5 Biggest Cybersecurity Threats to Watch in 2026: Is Your Business Safe From These Looming Dangers? – Travel And Tour World

In 2026, cybersecurity has evolved significantly, necessitating organizations to prioritize five critical threats identified by expert Danny Mitchell from Heimdal: 1. AI Vulnerabilities: Attackers can manipulate machine learning models by introducing corrupted data, leading to dangerous decisions by AI systems. 2. Cyber-Enabled Fraud and Phishing: Phishing attacks have become more sophisticated with AI, using deepfake technology to impersonate individuals and evade detection. 3. Supply Chain Attacks: Cybercriminals exploit vulnerabilities in software libraries and vendor relationships, compromising trusted software updates and access credentials. 4. Software Vulnerabilities: The rapid discovery of software vulnerabilities outpaces patching efforts, leaving systems exposed to attacks, especially legacy systems. 5. Ransomware Attacks: Modern ransomware employs double extortion tactics, encrypting and stealing data, pressuring businesses to comply with ransom demands. Mitchell recommends strategies such as auditing AI systems, implementing multi-channel verification, securing supply chains, prioritizing patch management, and developing ransomware response plans to combat these threats.

Winsage

February 19, 2026

Microsoft shows off AI running on the Windows 11 taskbar and File Explorer

Microsoft has introduced a feature called “Ask Copilot,” integrated into the taskbar of Windows 11, which replaces the traditional Windows Search. This feature aims to enhance user productivity by providing quick access to information from files, emails, and meetings. It allows users to locate files and settings using simple prompts and leverages an improved search index for faster and more relevant results. The AI capabilities enable users to ask questions like “When is my performance review due?” and receive answers from Microsoft Teams and Outlook. Additionally, users can summon various AI agents directly from the taskbar by typing the “@” symbol, including the Microsoft 365 Researcher for in-depth research. Microsoft is also adding “Ask Microsoft 365 Copilot” within File Explorer to provide insights for shared files. These features are expected to roll out to users in the coming weeks.