file system Archives

AppWizard

December 2, 2025

New Albiriox MaaS Malware Targets 400+ Apps for On-Device Fraud and Screen Control

A new Android malware named Albiriox has emerged, marketed as malware-as-a-service (MaaS). It features a hard-coded list of over 400 applications, including banking and cryptocurrency platforms, and is distributed through social engineering tactics using dropper applications. Initially advertised in late September 2025, it became a full MaaS offering by October, with Russian-speaking threat actors behind its development. Albiriox allows remote control of compromised devices via an unencrypted TCP socket connection and Virtual Network Computing (VNC), enabling attackers to extract sensitive information and perform overlay attacks for credential theft. One campaign targeted victims in Austria using German-language lures and counterfeit Google Play Store listings. Albiriox also utilizes Android's accessibility services to bypass security measures and employs a novel distribution strategy involving a counterfeit website that collects phone numbers. Additionally, another Android MaaS tool, RadzaRat, was introduced, masquerading as a file management utility while offering extensive surveillance and remote control capabilities. RadzaRat can log keystrokes and maintain persistence through specific permissions, highlighting a trend in the availability of sophisticated cybercrime tools.

Winsage

November 27, 2025

Windows Dev Drives are the speed upgrade you’re not using

Dev Drives are virtual drives introduced in the Windows 11 version 22H2 update, designed specifically for software development. They can be created as partitions on physical drives or as virtual hard drives (VHDs) and use the ReFS file system instead of NTFS. This allows them to bypass continuous malware checks by Microsoft Defender, resulting in performance improvements of up to 41%. Dev Drives are intended for developers engaged in data-intensive tasks, but storing non-development files on them poses security risks. They can enhance workflow efficiency for developers and are accessible through the Settings app in Windows 11.

Winsage

November 26, 2025

Microsoft preloads File Explorer to mask performance issues

Microsoft is addressing sluggish launch times for File Explorer by preloading the application in the background, rather than streamlining its code or removing features. This update is available in a Windows Insider build for the Dev and Beta Channels. The preloading feature is experimental and can be disabled by users in the Folder Options under the View tab in File Explorer. Microsoft previously open-sourced the classic Windows File Manager in 2018, which was a lightweight tool for file system activities. Over time, File Explorer has increased in size and complexity, leading to performance challenges.

Winsage

November 22, 2025

Microsoft’s head of AI doesn’t understand why people don’t like AI, and I don’t understand why he doesn’t understand because it’s pretty obvious

Mustafa Suleyman, Microsoft's AI CEO, expressed surprise at the skepticism towards generative AI tools, noting a lack of enthusiasm for advancements that enable fluent conversations with AI. Microsoft is developing "agentic" services, with Pavan Davuluri stating that the operating system is evolving into an agentic OS. Critics have raised concerns about the rapid deployment of generative AI models, citing instances of inaccuracies in performance, such as a chatbot misidentifying geographical locations. There are also ethical concerns regarding the use of copyrighted material for training AI systems and the commercialization of AI technology prioritizing profit over responsible development. The tech industry is at a crucial juncture, emphasizing the need for caution and ethical practices in the evolution of AI.

Winsage

November 19, 2025

Sysmon – Go-to Tool for IT Admins, Security Pros, and Threat Hunters Coming to Windows

Microsoft will integrate native System Monitor (Sysmon) functionality into Windows 11 and Windows Server 2025, enhancing security operations for IT teams. This integration will provide instant threat visibility, automate compliance through Windows Update, and include features such as process monitoring, network connection tracking, credential access detection, file system monitoring, process tampering detection, WMI persistence tracking, and custom configuration support. It will also offer official customer service support and allow seamless access to events through Windows Event Logs or Security Information and Event Management (SIEM) systems. Administrators can enable Sysmon using the command "sysmon -i." Future plans include expanding Sysmon’s capabilities with enterprise-scale management and AI-powered detection.

Winsage

November 17, 2025

Windows 11 users just got a more convenient way to store passkeys – here’s how it works

The technology behind passkeys involves cryptographic keys and standards like FIDO2 and WebAuthn, but users can enhance their security by creating passkeys whenever offered by websites or apps, using face recognition, fingerprints, or PINs. Users can accumulate multiple passkeys for easier sign-in across services. 1Password is set to integrate a new native passkeys plugin API with Windows 11, allowing users to manage passkeys through 1Password while using Windows Hello for authentication. This integration requires the latest version of Windows 11 and the MSIX version of the 1Password app. Users can enable the passkey feature in 1Password and designate it as the system authenticator in Windows settings. Other password managers may also adopt this integration, and Windows is introducing its own passkey sync mechanism through the Microsoft Password Manager in Edge. Passkeys do not replace existing credentials but serve as a secure alternative to usernames and passwords, with some services offering fully passwordless options.

Winsage

November 12, 2025

Google makes it easier for businesses to run Windows apps on ChromeOS amid an uncertain future

Google has rebranded Cameyo, the software virtualization company it acquired last year, as “Cameyo by Google” to enhance the usability of Windows applications on ChromeOS. Cameyo's platform allows users to stream individual Windows applications directly to their devices via a web app, integrating seamlessly with the native file system of Chromebooks. This solution targets enterprise users, enabling them to run legacy applications alongside modern web apps without the need for a separate virtual desktop environment. Cameyo also supports organizations in transitioning to ChromeOS while maintaining access to essential Windows applications, addressing the "app gap" that has hindered enterprise adoption of ChromeOS.

Winsage

November 12, 2025

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Microsoft's November 2025 Patch Tuesday addresses a total of 63 vulnerabilities, including one actively exploited zero-day flaw (CVE-2025-62215) related to Windows Kernel Elevation of Privilege. The updates include four vulnerabilities classified as "Critical," with two for remote code execution, one for elevation of privileges, and one for information disclosure. The breakdown of vulnerabilities is as follows: - 29 Elevation of Privilege Vulnerabilities - 2 Security Feature Bypass Vulnerabilities - 16 Remote Code Execution Vulnerabilities - 11 Information Disclosure Vulnerabilities - 3 Denial of Service Vulnerabilities - 2 Spoofing Vulnerabilities This Patch Tuesday marks the first extended security update (ESU) for Windows 10, and users are encouraged to upgrade to Windows 11 or enroll in the ESU program. Microsoft has also released an out-of-band update to assist with enrollment issues. Other companies, including Adobe, Cisco, and Google, have also issued security updates in November 2025.

Tech Optimizer

October 31, 2025

AI-powered tuning tools for Amazon RDS for PostgreSQL and Amazon Aurora PostgreSQL databases: PI Reporter

AWS offers services like Amazon CloudWatch and CloudWatch Database Insights for monitoring Amazon RDS performance metrics. Users can create custom dashboards for Amazon RDS for PostgreSQL and Amazon Aurora PostgreSQL-Compatible Edition. Essential metrics to monitor include Database Connections, CPU Utilization, Freeable Memory, and various I/O metrics. PI Reporter is an open-source tool designed to capture performance metrics and workload snapshots for Amazon Aurora PostgreSQL-Compatible Edition. It integrates with Amazon Bedrock to analyze data and provide actionable recommendations. Users can generate detailed HTML reports comparing performance metrics over time, assess workload changes, and identify performance issues. To use PI Reporter, prerequisites include enabling Amazon CloudWatch Database Insights and the pg_stat_statements extension. Installation involves cloning the repository, configuring IAM policies, and executing commands to create snapshots and reports. The tool is designed for ease of use and can be run on Amazon EC2 or on-premises. The report generated by PI Reporter includes a summary of findings, root causes, and recommendations for performance improvement. It also identifies resource utilization issues during specific operations, such as bulk data inserts or idle transactions. Users are advised to validate AI-generated recommendations with database experts and to monitor for idle transactions to optimize performance. Costs may be incurred from resources created by Amazon Bedrock, and users should clean up these resources when no longer needed.

Winsage

October 29, 2025

Windows 10 end of life has passed – here’s your business guide to Windows 11

Organizations are transitioning from Windows 10 to Windows 11, with major companies addressing potential deployment issues. Windows 10 mainstream support ended in October 2025, but users can access the Extended Security Update program for an additional 12 months of coverage. Windows 11 features a refined user interface with a centered taskbar, enhanced visual elements, and productivity tools like snap layouts and Cloud Clipboard. The Start menu has been simplified, and the File Explorer sidebar has been reorganized. Focus Assist is improved with direct settings and integrates with the Windows Clock app. Windows 11 includes Copilot for natural language queries and task automation, with enhanced features for devices with neural processing units. Security is strengthened with Windows Hello and optional integration with Microsoft Defender for Endpoint. The minimum system requirements for Windows 11 include a 1GHz processor, 4GB of RAM, 64GB of storage, and TPM version 2.0. All editions of Windows 11 support encryption and biometric security, with Pro and Enterprise editions offering additional features. Upgrading from Windows 10 to Windows 11 is typically free if the device meets the requirements, with prices for new purchases starting at around £119 for Windows 11 Home and £219 for Windows 11 Pro.