endpoint Archives

Winsage

May 6, 2025

Announcing Windows 11 Insider Preview Build 26120.3950 (Beta Channel)

Windows 11 Insider Preview Build 26120.3950 (KB5055653) has been released to the Beta Channel for Windows 11, version 24H2. Insiders on version 23H2 can opt to upgrade to version 24H2 with this build. Key changes include the introduction of energy saver management in Microsoft Intune, allowing IT administrators to manage energy settings on Windows 11 PCs. Other updates involve UI experiments in Recall, taskbar enhancements, and graphics improvements for HDR capabilities. Fixes include resolving keyboard focus issues in the taskbar, startup sound playback issues, and scaling problems after sleep/resume. Known issues involve bugs with Xbox Controllers and live captions crashing. Insiders are reminded to keep their devices updated for optimal performance and access to features.

Winsage

May 6, 2025

Announcing Windows 11 Insider Preview Build 26200.5581 (Dev Channel)

Windows 11 Insider Preview Build 26200.5581 (KB5055651) has been released to the Dev Channel, introducing new features, improvements, and fixes. Key updates include: - Energy Saver in Microsoft Intune: IT administrators can manage energy saver settings on Windows 11 PCs through group policies and MDM configurations, optimizing battery usage by limiting background activities and reducing screen brightness. - Taskbar Improvements: The needy state pill for apps has been redesigned, and administrators can allow users to unpin specific pinned apps. - Graphics Enhancements: Improved management of HDR capabilities, including refined wording for HDR settings and independent toggling of Dolby Vision mode. - Fixes: Resolved issues with taskbar keyboard focus, startup sound playback, scaling after sleep, and cumulative update errors. - Known Issues: Users may experience discrepancies in build version display after PC resets and issues with Xbox Controllers causing bugchecks. - Recall (Preview): Users can opt to remove Recall at any time, and intelligent text actions are now moderated locally. - Windows Search: For optimal performance, devices should be connected to power during initial search indexing. - Task Manager: Users may see the System Idle Process showing as 0 after the addition of a new CPU Utility column. Windows Insiders in the Dev Channel receive updates based on Windows 11, version 24H2, with features rolled out gradually.

Tech Optimizer

May 5, 2025

Chimera Malware: Outsmarting Antivirus, Firewalls, and Human Defenses

X Business, an e-commerce store specializing in handmade home décor, experienced a cybersecurity incident involving a malware strain called Chimera. The attack began during a routine update to their inventory management system and escalated within 12 hours, resulting in halted customer orders, locked employee accounts, and a crashed website. The attackers demanded a ransom of 0,000 in cryptocurrency, threatening to expose sensitive customer data. Chimera is an AI-driven malware that adapts its code to evade detection, targeting both Windows and macOS systems. It exploited a zero-day vulnerability in Windows' Print Spooler service and bypassed macOS security measures by forging code signatures. The malware used social engineering tactics to deceive employees into activating malicious payloads, leading to compromised systems and encrypted customer data. The recovery process took 48 hours, utilizing cybersecurity tools like CrowdStrike Falcon and SentinelOne Singularity to identify and isolate the malware. Data restoration was achieved through Acronis Cyber Protect and macOS Time Machine, while vulnerabilities were addressed with Qualys and emergency patch deployment via WSUS. The network security framework was improved using Cisco Umbrella and Zscaler Private Access to implement a Zero Trust architecture. The incident highlights the need for small enterprises to adopt proactive cybersecurity strategies, including a 3-2-1 backup approach, Zero Trust models, investment in AI-driven defense tools, and employee training to recognize social engineering attempts.

Tech Optimizer

May 5, 2025

VIPRE Advanced Security Awarded Highest Ranking in AV-Comparatives’ Malware Protection Test 2025

VIPRE® Advanced Security received the Advanced+ award from AV-Comparatives in the March 2025 Malware Protection Test for its effectiveness against cyber threats. The test evaluated 19 security products using 10,030 malware samples on a Windows 11 system, focusing on both online and offline threats. VIPRE achieved a 98.7% detection rate in all scenarios, a 99.93% overall protection rate during execution testing, and had one of the lowest false positive counts among the products tested. VIPRE's security solutions are integrated into other Ziff Davis products, enhancing their protection capabilities. VIPRE is a subsidiary of Ziff Davis, Inc., specializing in cybersecurity solutions with over 25 years of experience.

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Tech Optimizer

April 30, 2025

Malwarebytes Launches Global Strategic Partner Program Offering Organizations a One-stop Shop for Personal Security, Privacy, and Identity Solutions

Malwarebytes has launched a partnership initiative aimed at providing financial institutions, HR benefit providers, and internet service providers with personal security, privacy, and identity solutions in response to rising online fraud, which has led to financial losses of .5 billion over the past year for one in three individuals. The program offers AI-powered consumer security solutions to protect devices from various threats and allows partners to choose from a range of options or create custom solutions. Key features include a comprehensive cybersecurity platform, advanced mobile security, and flexible integration options. Eero is one of the first partners to integrate Malwarebytes Premium Security into its eero Plus subscription service, enhancing online security for its subscribers.

Winsage

April 27, 2025

Windows 10 support ends soon, but shockingly, 35% of SMBs are either clueless or refusing to upgrade their systems

A recent survey by Canalys revealed that over a third (35%) of channel partners reported their small and medium-sized business (SMB) clients are either unaware of the upcoming end-of-service (EoS) deadline for Windows 10 or lack a plan to transition away from it. Additionally, 14% of respondents admitted they do not know that support for Windows 10 is ending on October 14, 2025. The market for business PCs is growing, with a 9.4% year-on-year increase in shipments, reaching 62.7 million units in Q1 2025. Experts warn that the lack of upgrade plans could lead to significant financial repercussions for SMBs, especially with rising tariffs and potential supply constraints. A structured approach for transitioning to Windows 11 is recommended, including assessing current hardware, evaluating application compatibility, developing a timeline for upgrades, budgeting for investments, training staff, and implementing endpoint security strategies.

Winsage

April 26, 2025

Announcing Windows 11 Insider Preview Build 26200.5570 (Dev Channel)

Windows 11 Insider Preview Build 26200.5570 (KB5055632) has been released to the Dev Channel, introducing new features, improvements, and fixes. New features include: - A profanity filter setting for voice typing that allows users to manage the masking of profane words. - Click to Do is now available in preview, allowing users to configure pen shortcuts to launch it. - Improved Windows Search for OneDrive users, which now only displays matches for keywords found within cloud file text. - Enhanced Accessibility flyout in quick settings, organizing assistive technologies into categories. Fixes include: - Addressed issues causing certain apps to appear blank after installation. - Resolved problems with Windows Hello facial recognition and input issues with the touch keyboard. - Fixed issues preventing Quick Assist from functioning for non-administrator users and problems with USB devices disconnecting after sleep. Known issues include: - Users may initially receive an older build upon joining the Dev Channel. - Windows Sandbox may fail to launch with a specific error. - Reports of core Windows surfaces failing to load in safe mode are under investigation. - A bugcheck issue when using Xbox Controllers via Bluetooth is noted. Users are encouraged to provide feedback through the Feedback Hub.

Winsage

April 26, 2025

Announcing Windows 11 Insider Preview Build 26120.3941 (Beta Channel)

Windows 11 Insider Preview Build 26120.3941 (KB5055634) has been released to the Beta Channel for users on Windows 11, version 24H2. This update includes new features such as a profanity filter setting for voice typing, the Click to Do feature for pen users, and improved Windows Search functionality for OneDrive users. Enhancements to the Accessibility flyout in quick settings have been made, and various fixes have been implemented, including issues with Windows Hello facial recognition and the touch keyboard. Known issues include problems with Windows Sandbox and Xbox Controller connectivity. Users are encouraged to provide feedback through the Feedback Hub.

Winsage

April 25, 2025

Microsoft’s Patch for Symlink Vulnerability Introduces New Windows Denial-of-Service Flaw

In early April 2025, Microsoft addressed a security vulnerability (CVE-2025-21204) related to symbolic links in the Windows servicing stack, specifically affecting the c:inetpub directory used by Internet Information Services (IIS). The updates created the c:inetpub folder with appropriate permissions to mitigate risks. However, this fix introduced a new denial-of-service (DoS) vulnerability, allowing non-administrative users to create junction points on the c: drive, disrupting the Windows Update mechanism. A command such as "mklink /j c:inetpub c:windowssystem32notepad.exe" could be used to exploit this flaw, preventing systems from receiving future security patches. As of April 25, Microsoft had not released a patch or acknowledged the issue, leaving systems vulnerable and emphasizing the need for monitoring user permissions and manually removing suspicious symlinks.