encryption methods Archives

Tech Optimizer

December 2, 2025

When AI Breaks Bad: The Rise of Ransomware and Deepfakes

Artificial Intelligence (AI) is transforming the cybersecurity landscape by enabling sophisticated cyberattacks, such as ransomware and deepfakes. Ransomware has evolved from manual coding to AI-driven automation, making attacks more efficient and harder to stop. AI automates the targeting of victims by analyzing large datasets to identify vulnerabilities. Machine learning allows malware to change its form to evade detection, and ransomware can operate autonomously within networks. Phishing attacks have become more convincing through AI-generated messages that mimic real communications. Deepfakes can create realistic impersonations, leading to financial fraud and extortion, as demonstrated by a 2024 incident resulting in a million loss. Deepfakes also pose risks for manipulation and disinformation, affecting public perception and market dynamics. On the defensive side, AI is utilized in cybersecurity to detect and prevent attacks through anomaly detection, zero-trust security models, and advanced authentication methods. Human training and awareness are crucial for recognizing AI-generated threats. Effective defense requires regulations, shared accountability, and preparedness within organizations, including continuous monitoring and employee training. Collaboration between public agencies and private security firms is essential for a robust response to cyber threats.

Winsage

November 30, 2025

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach

Colonel Ludovic Monnerat emphasized the need for satellite systems to adopt quantum-safe methods due to looming quantum threats. Graham McMillan noted that past AI failures have not led to industry maturity, predicting significant structural shifts from AI meltdowns. Marina Marceta highlighted the importance of a risk-aware culture in cybersecurity to align security with business objectives. A new wave of ClickFix attacks uses deceptive “Windows Update” screens to distribute malware. Researchers from watchTowr found that code formatting sites are exposing sensitive information like API keys. cnspec is an open-source tool for maintaining security and compliance across cloud environments. The Tor Project plans to implement Counter Galois Onion encryption to enhance user anonymity. An ISC2 survey revealed that supply chain risks are a top concern for cybersecurity professionals. There are various job openings in the cybersecurity field for different skill levels.

Winsage

November 23, 2025

Microsoft Swaps BSOD to Black, Adds Auto-Hide and AI Tools for Reliability

Microsoft is launching an initiative to eliminate the Blue Screen of Death (BSOD) by introducing a new black screen error interface in Windows 11, which will replace the traditional blue backdrop. This redesign aims to modernize the error display and provide actionable insights while removing the frowning face emoji. A new feature called Digital Signage Mode will automatically conceal BSODs on public displays after 15 seconds, preventing prolonged visibility of errors. This mode suppresses all Windows error dialogs and allows systems to reboot or enter recovery without displaying errors, which is crucial for environments like retail and transportation. Microsoft is also enhancing remote recovery tools for IT administrators and promoting proactive measures for error prevention, such as regular driver updates and system scans. The company is collaborating with hardware manufacturers to improve driver compatibility and reduce BSOD incidents. Despite concerns about obscuring underlying issues, Microsoft ensures that all incidents are logged for future review. By 2026, experts anticipate advancements in AI-driven error handling that could eliminate public BSODs entirely. User adoption remains a challenge, particularly among small businesses, and Microsoft is addressing this through educational campaigns. The transition to a black screen has been positively received in consumer spaces, marking a cultural shift away from the blue screen as a symbol of computing errors.

Tech Optimizer

November 6, 2025

DragonForce Cartel Emerges Following Conti v3 Ransomware Source Code Leak

Acronis Threat Research Unit (TRU) analyzed the DragonForce ransomware cartel, which emerged in 2023 as a Ransomware-as-a-Service (RaaS) operation and transitioned to a cartel model. DragonForce utilizes leaked Conti v3 code and has similarities with LockBit Green in encryption and backend configurations. By early 2025, it rebranded as the “DragonForce Ransomware Cartel,” offering affiliates 80 percent profit shares and infrastructure support. The cartel has over 200 victims from various sectors since late 2023 and is known for its attack on Marks & Spencer, collaborating with Scattered Spider. DragonForce employs bring-your-own-vulnerable-driver (BYOVD) techniques to evade endpoint protection and has improved its encryption methods. The group has spawned offshoots like Devman and Mamona, which utilize its enhanced encryptor.

AppWizard

October 25, 2025

OWASP Mobile Top 10 for Android – How AutoSecT Detects Each Risk?

Mobile applications account for 70% of global interactions, with over 6.8 billion smartphone users. In 2023, 40% of data breaches are linked to vulnerabilities in mobile applications. The OWASP Mobile Top 10 outlines critical security risks for mobile apps, including: 1. Improper Credential Usage: Mishandling of passwords and session tokens. 2. Inadequate Supply Chain Security: Risks from unverified third-party components. 3. Insecure Authentication/Authorization: Failures in verifying user identities. 4. Insufficient Input/Output Validation: Lack of checks on incoming and outgoing data. 5. Insecure Communication: Unprotected data during transmission. 6. Inadequate Privacy Controls: Poor safeguards for personal data. 7. Insufficient Binary Protections: Lack of defenses against reverse engineering. 8. Security Misconfiguration: Improperly secured application settings. 9. Insecure Data Storage: Weak protection of sensitive information on devices. 10. Insufficient Cryptography: Use of weak or improperly implemented encryption. AutoSecT, an AI-driven mobile app security testing platform, detects these risks through various methods, including static code analysis, software composition analysis, and dynamic testing. It helps developers identify and mitigate vulnerabilities effectively.

Winsage

October 9, 2025

Microsoft: Windows Backup now available for enterprise users

Microsoft has launched Windows Backup for Organizations, a backup solution aimed at simplifying the backup process and aiding transitions to Windows 11. It was first introduced at the Microsoft Ignite conference in November 2024 and entered public preview in May 2025. To use this tool, users must install the September 2025 Windows Monthly Cumulative Update on devices joined to Entra, and it is off by default until activated by an IT administrator. The tool backs up Windows settings, user preferences, and Microsoft Store applications on Windows 10 and 11 systems, facilitating restoration during Windows 11 setup. The backed-up data is stored securely in the Exchange Online cloud, with access limited to specific situations like troubleshooting or legal compliance, and protected by encryption methods.

Tech Optimizer

September 4, 2025

Don’t use your home Wi-Fi before fixing certain security risks

Home Wi-Fi networks connect various devices and are essential for online activities, but they can be vulnerable due to weak security settings and outdated equipment. Hackers often target residential networks, which typically have weaker defenses than corporate systems. Compromised networks can lead to the interception of sensitive information. To enhance Wi-Fi security, it is important to use a modern router with strong encryption (WPA3 or WPA2), regularly update firmware, change default login passwords, and create a strong Wi-Fi password of at least 12 to 16 characters. Monitoring connected devices and disabling Wi-Fi Protected Setup (WPS) can help prevent unauthorized access. Using a Virtual Private Network (VPN) can protect online privacy, while antivirus software can safeguard connected devices from malware. Taking these steps can significantly improve home Wi-Fi security.

AppWizard

September 2, 2025

Citizen Lab Exposes Hidden Ties in 20 Android VPN Apps with 700M Downloads

Researchers from Citizen Lab discovered that over 20 popular Android VPN applications, collectively downloaded 700 million times, are interconnected through undisclosed ownership ties. These applications, marketed as independent privacy solutions, share codebases, servers, and encryption vulnerabilities. The VPN providers are categorized into three families linked to a Russian entity, a Chinese company, and another with ambiguous origins. Apps like Turbo VPN, X-VPN, and UFO VPN share cryptographic keys and backdoors, increasing the risk of man-in-the-middle attacks. Many applications use outdated encryption methods, making it easy for attackers to decrypt user traffic. Some apps route user data through servers in jurisdictions with lax privacy regulations, exposing sensitive information. The investigation revealed identical backend infrastructures among different apps, despite claims of no-log policies, breaching user trust. Hidden trackers within the apps contradict their privacy assurances. Regulators are beginning to respond, with Google removing problematic apps and the EU considering stricter data access regulations. Experts recommend choosing vetted, paid VPN services that undergo independent audits to ensure better security.

Winsage

August 30, 2025

You Can Get Windows 11 Pro on Sale for A$20 Right Now

Windows 11 Pro is currently available for a reduced price of A, down from A9, as part of StackSocial's Labor Day sale, which ends on September 7 at 11:59 p.m. PT. The software includes features such as Windows Copilot, a redesigned user interface, productivity tools, remote desktop access, TPM 2.0, smart app control, biometric login, BitLocker device encryption, Azure AD, Hyper-V, and Windows Sandbox. The discounted codes can be used to update two PCs that meet the minimum requirements of a processor speed of at least 1GHz, 4GB of RAM, and 40GB of hard disk space.

AppWizard

August 22, 2025

Android VPN Apps Linked to Chinese Co (Qihoo 360) Tied to PRC

Recent investigations by Arizona State University and Citizen Lab have revealed that several popular Android VPN applications are linked to entities in mainland China and Hong Kong, raising security concerns. These apps, which have millions of downloads, share ownership and infrastructure, and exhibit significant security flaws, including the collection of location data against privacy policies, outdated encryption methods, and hard-coded passwords that could compromise user traffic. One company manages all VPN servers for a second group of apps, while a third group is vulnerable to connection interference attacks. Notably, these VPN providers are connected to Qihoo 360, a Chinese company flagged as a potential national security threat, with ties to the Chinese military. The Tech Transparency Project reported that millions of Americans have downloaded apps that route internet traffic through Chinese companies, with one in five of the top 100 free VPNs in the U.S. App Store in 2024 being covertly owned by Chinese firms. Some VPNs have targeted younger audiences through social media ads, raising concerns about their marketing strategies. Qihoo 360 has been sanctioned and is on the Commerce Department’s Entity List, emphasizing the national security risks associated with these services. Users are advised to research their VPN providers to avoid affiliations with the Chinese Communist government.