enhanced security measures Archives

AppWizard

December 3, 2025

India mandates SIM-linked messaging apps to fight rising fraud

India's Department of Telecommunications (DoT) has mandated that messaging services must operate with active SIM cards linked to users' phone numbers to combat cyber fraud. Popular apps like WhatsApp, Telegram, Signal, and Snapchat must comply with these SIM-binding rules within 90 days. The new regulations also require web sessions to automatically log out after six hours to enhance security and address issues related to long-lived web sessions, which have been exploited by fraudsters. This initiative aims to improve the traceability of accounts and reduce fraudulent activities, particularly phishing schemes and scams. Cyber-fraud losses in India reached ₹22,800 crore in 2024, prompting these Telecom Cyber Security measures. Users roaming with their SIMs will not be affected by the new regulations.

AppWizard

December 2, 2025

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has emerged, marketed as malware-as-a-service (MaaS). It features a hard-coded list of over 400 applications, including banking and cryptocurrency platforms, and is distributed through social engineering tactics using dropper applications. Initially advertised in late September 2025, it became a full MaaS offering by October, with Russian-speaking threat actors behind its development. Albiriox allows remote control of compromised devices via an unencrypted TCP socket connection and Virtual Network Computing (VNC), enabling attackers to extract sensitive information and perform overlay attacks for credential theft. One campaign targeted victims in Austria using German-language lures and counterfeit Google Play Store listings. Albiriox also utilizes Android's accessibility services to bypass security measures and employs a novel distribution strategy involving a counterfeit website that collects phone numbers. Additionally, another Android MaaS tool, RadzaRat, was introduced, masquerading as a file management utility while offering extensive surveillance and remote control capabilities. RadzaRat can log keystrokes and maintain persistence through specific permissions, highlighting a trend in the availability of sophisticated cybercrime tools.

Winsage

December 1, 2025

Microsoft Warns: Windows 11 Agentic Features May Hallucinate

Windows 11 will introduce "Experimental agentic features" with the installation of Build 26220.7262, which users must manually enable. These features are in an experimental phase and may affect device performance. Microsoft warns of potential security vulnerabilities, particularly from emerging attack techniques like cross-prompt injection, which can lead to harmful commands being executed. The agents operate within an "Agentic Workspace" with scoped, auditable accounts, but unlike Windows Sandbox, they persist across sessions, increasing the attack surface. By default, agents have read and write access to common folders, which presents additional vulnerabilities. Microsoft is working on improving security measures, including more granular permissions and defenses against prompt injection.

Winsage

November 30, 2025

Windows 11 25H2 heralds the dawn of Intelligent Computing

Windows 11 Version 25H2 was released on November 30, 2025, marking a shift from traditional operating system upgrades to a model where Windows is treated as a living service that evolves through feature updates. This version integrates artificial intelligence, notably through the Copilot tool, enhancing user interaction by providing intelligent assistance. The update also improves performance, reliability, and security, addressing increasing cyber threats with fortified default settings and better encryption. Design refinements enhance user experience and accessibility, while energy efficiency optimizations contribute to sustainability. The retirement of Windows 10 in October 2025 emphasizes the importance of Windows 11 as the future platform, with no immediate plans for a Windows 12 release.

Winsage

November 25, 2025

Microsoft to remove WINS support after Windows Server 2025

Microsoft will remove the Windows Internet Name Service (WINS) from all future Windows Server releases after November 2034. WINS was officially deprecated with Windows Server 2022 in August 2021, and Windows Server 2025 will be the last version to support it. Standard support for WINS will continue until November 2034. Organizations are encouraged to migrate to DNS-based name resolution solutions before this deadline. The removal will include the WINS server role, management console snap-in, automation APIs, and related interfaces. Microsoft recommends auditing services dependent on NetBIOS name resolution and migrating to DNS solutions. Static host files are not advised as a workaround. Organizations should begin migration planning to avoid operational disruptions.

Tech Optimizer

November 19, 2025

Microsoft updates database portfolio and adds open-source offerings

Microsoft has announced updates to its database offerings, including the general availability of Azure DocumentDB and SQL Server 2025, and a private preview of Azure HorizonDB. Azure DocumentDB is a managed service based on the open-source DocumentDB project, compatible with MongoDB, featuring vector and hybrid search, autoscaling, and enhanced security. SQL Server 2025 introduces AI capabilities, native JSON support, and improved query optimization. Azure HorizonDB, currently in private preview, is a cloud database service based on PostgreSQL, designed for enterprise applications, supporting transactions and vector search, and integrating with Microsoft’s development platforms. Additionally, Microsoft Fabric databases, which combine SQL and Azure Cosmos DB functionalities, are now available.

AppWizard

November 17, 2025

Sbazar.cz launches in-app messenger and mobile app

Seznam has launched a new mobile application for its classifieds platform, Sbazar.cz, replacing an outdated version. The app includes the Sbazar Messenger feature to enhance user security and reduce scams. Product manager Jakub Rybár noted the increasing sophistication of fraud attempts, leading to the blocking of 50-100 suspicious accounts monthly. The app centralizes communication to mitigate risks from fake emails and phishing. Mobile users now represent over half of the site's traffic, and the app offers functionalities such as account management, listing creation and editing, and push notifications. Sbazar.cz is the third most popular classifieds site in the Czech Republic, with 3.4 million visits in October, trailing Bazos.cz and Aukro.cz. Seznam also manages other platforms, including Sauto.cz and Sreality.cz.

AppWizard

November 8, 2025

A dangerous rise in Android malware hits critical industries

A study by Zscaler has reported a significant increase in mobile and IoT security incidents, with 239 malicious Android applications on Google Play downloaded 42 million times. There has been a 67% year-over-year increase in Android malware transactions, primarily involving spyware, banking trojans, and adware, which now constitutes 69% of all malware detections. The energy sector has seen a 387% rise in attack attempts, while manufacturing and transportation industries face over 40% of IoT threats. IoT attacks are largely driven by malware families like Mirai, Mozi, and Gafgyt, which account for about 75% of malicious payloads, with routers being the primary targets. Mobile attacks are concentrated in a few countries, emphasizing the need for enhanced security measures.

AppWizard

November 4, 2025

Malicious Android apps on Google Play downloaded 42 million times

The Android ecosystem has seen a significant rise in malicious applications, with over 40 million harmful apps downloaded from Google Play between June 2024 and May 2025. There has been a 67% year-over-year increase in malware targeting mobile devices, particularly spyware and banking trojans. Cybercriminals are shifting tactics from card fraud to mobile payment exploitation, employing phishing, smishing, SIM-swapping, and payment scams. Banking malware transactions reached 4.89 million in 2025, with a slowed growth rate of 3%. Malicious applications increased from 200 to 239, totaling 42 million downloads, with adware now accounting for 69% of all detections. Spyware has surged by 220% year-over-year, with India, the U.S., and Canada being the most affected countries. Notable malware families include Anatsa, which targets financial institutions, Android Void (Vo1d), which affects Android TV boxes, and Xnotice, which targets job seekers. IoT devices, particularly routers, are also being exploited, with the majority of attacks occurring in the U.S. Zscaler recommends implementing security measures such as regular updates, trusting reputable publishers, and adopting zero-trust technology for organizations.

AppWizard

November 1, 2025

Google’s analytical October Workspace Drop simplifies data in Sheets, bolsters AI security

Google has released updates for its Workspace suite in October, enhancing data comprehension, structure, and formatting in Sheets through Gemini AI. Key features include improved understanding of complex instructions for data manipulation. Google Drive has introduced a ransomware detection feature for desktop users, which alerts them to suspicious activity and pauses data synchronization. Gmail now includes end-to-end encryption for emails to enhance privacy and security. These updates build on August's enhancements, which featured file summaries for Chat, Video Overviews for NotebookLM, and the Veo 3 model in the Vids app, with the recent transition to Veo 3.1 providing greater creative control, improved sound capabilities, and more realistic textures.