government Archives

AppWizard

April 25, 2025

Green Minecraft Movie Milk Gets Its Color From Chemicals The Government Wants To ‘Eliminate’

TruMoo has launched a new product called "Vanilla Green Lowfat Milk," inspired by Minecraft and resembling a melted Shamrock Shake. The green color comes from petroleum-based dyes, specifically "Blue No. 1," which is under scrutiny by the FDA due to health concerns. The FDA plans to expedite the review of natural alternatives to synthetic dyes and aims to eliminate these colorings from food products in the U.S. by 2026. Creeper milk has gained popularity on social media, with fans sharing their experiences. TruMoo previously introduced themed beverages, including blue milk inspired by Star Wars. Upcoming film releases may affect the future of themed beverages, and recent cuts to FDA staffing could impact food safety checks.

AppWizard

April 24, 2025

Technology behind private messaging app Telegram names Maximilian…

The TON Foundation will announce Maximilian Crown as its new CEO on Thursday. This appointment aims to stabilize Telegram, which has a user base of one billion, following the arrest of its founder Pavel Durov in Paris last year. Crown's leadership is seen as a significant step for Telegram, demonstrating its commitment to expanding its multi-functional app amid governmental pressures to access user data. Crown has experience as CFO and COO of MoonPay and has successfully secured operational approvals across various countries. Telegram has transformed into a “Super App,” integrating features such as gaming, shopping, and payment functionalities. The Telegram Open Network (TON) has 41 million active accounts and 121 million Toncoin holders. Toncoin's value is tied to Telegram's fortunes, experiencing fluctuations following Durov's arrest. Concerns have been raised regarding the impact of French authorities' actions on Telegram’s blockchain initiatives, especially related to digital privacy and government oversight. Durov was detained for 96 hours and criticized the scrutiny faced by Telegram, warning against legislative efforts that threaten individual freedoms.

AppWizard

April 24, 2025

Trojanized Alpine Quest app geolocates Russian soldiers

Russian soldiers are facing a digital threat from a modified Android application, Alpine Quest, which has been tampered with to track their locations and extract sensitive information. The malware, known as Android.Spy.1292.origin, was embedded in an older version of the app and distributed as a free upgrade to Alpine Quest Pro via a fraudulent Telegram channel. Once installed, the trojan collects various types of information, including geolocation, downloaded files, phone numbers, and app versions, and can download additional modules to exfiltrate specific files. Additionally, researchers at Kaspersky discovered a backdoor hidden in counterfeit software updates for ViPNet, a secure networking suite. The malware, disguised as msinfo32.exe, connects to a command-and-control server to steal files and deploy more malicious components. On the Ukrainian side, Russian operatives are conducting a phishing campaign targeting Ukrainian officials and allies, using social engineering tactics to hijack Microsoft 365 accounts. Attackers contact victims via messaging apps, invite them to video calls, and trick them into providing OAuth codes, granting access to their accounts.

AppWizard

April 22, 2025

MINECRAFT© MOVIE NIGHT HIGHLIGHTS CHIHUAHUAS HOMESTAND

The Chihuahuas are set to play against the Sacramento River Cats at Southwest University Park starting April 22, 2025. The series includes Youth Baseball Night with a pregame parade, a tribute to Jackie Robinson, food and beverage specials from Cazadores, and discounts for military and first responders. A midweek matinee is scheduled for Wednesday with gates opening at 11 a.m. Special offers for patrons aged 50 and above include free hot dog meals for those 60+ and popcorn for those 50+. Themed nights include the Chihuahuas becoming the Malmö Oat Milkers on Thursday, a Chico Squishy Plush giveaway for the first 1,500 attendees on Friday, and MINECRAFT© movie-themed food and fireworks on Saturday. Sunday features a Kids Day with a stress ball giveaway for the first 1,000 children under 12 and a Bark at the Park event for dog owners. Tickets can be purchased at epchihuahuas.com.

Winsage

April 19, 2025

Windows vulnerability with NTLM hash abuse exploited for phishing

A vulnerability in Windows, identified as CVE-2025-24054, is being exploited in phishing campaigns targeting government and private organizations. Initially considered low-risk, it was addressed in Microsoft's March 2025 Patch Tuesday updates. Following the release of these patches, Check Point observed a rise in exploitation attempts, particularly linked to the Russian group APT28. Attackers sent phishing emails with Dropbox links containing .library-ms files, which, when accessed, connected to an external SMB server controlled by the attackers, allowing interception of NTLM hashes. A subsequent wave of attacks involved .library-ms files sent as direct attachments, requiring minimal user interaction to exploit the vulnerability. The malicious ZIP archive also contained files exploiting older NTLM vulnerabilities. Check Point identified the attackers' SMB servers with specific IP addresses. Despite being classified as medium-severity, the vulnerability's potential impact is significant, prompting organizations to apply the March 2025 updates and consider disabling NTLM authentication if not essential.

Winsage

April 18, 2025

Microsoft still has a massive Windows 10 problem – and there’s no easy way out

Microsoft's Windows 10 will reach its end-of-support date on October 14, 2025, after a standard 10-year support lifecycle. Most editions, including Home, Pro, and Enterprise, will stop receiving updates, although PCs running Windows 10 will continue to function without updates. Windows 10 Enterprise Long Term Servicing editions have different end dates, with some extending support until 2029. Current data indicates that approximately 1.6% of Windows 10 PCs are replaced by Windows 11 each month, suggesting that around 35% of the 1.4 billion Windows devices will still be using Windows 10 by the end-of-support date, equating to over 500 million PCs potentially vulnerable to cyber threats. As of April 2025, about 54% of PCs globally are still running Windows 10. Users likely to remain on Windows 10 include those with incompatible hardware, corporate environments that have standardized on Windows 10, and users resistant to upgrading due to dissatisfaction with Windows 11. Microsoft faces challenges related to a significant number of unsupported PCs, and while extended support options exist for enterprise customers, consumer adoption is expected to be low. Users unable or unwilling to upgrade may consider non-Microsoft operating systems or continue using Windows 10 without official support, which poses security risks.

AppWizard

April 18, 2025

Rokky interview: tapping global PC markets

PC game publishers are seeking innovative revenue enhancement methods and new audience engagement. Rokky, founded in 2009, has grown from five to around 60 employees and offers a distribution platform that connects game publishers with various digital storefronts, focusing on markets outside Europe. The company collaborates with publishers for content and engages stores for sales, easing the burden on publishers managing multiple relationships. Rokky highlights the potential of untapped markets in China and Asia, where traditional advertising is restricted. They have established connections with local marketing agencies and influencers to navigate these challenges. Andreev advises leveraging influencer partnerships for marketing in China, emphasizing the importance of social media. The grey market poses challenges for publishers, where game keys are resold at inflated prices across regions. Rokky suggests region-locking keys and adjusting pricing strategies based on local economic conditions to mitigate revenue loss from cross-border sales. Andreev envisions a future shift towards seamless activation processes, moving away from traditional key-selling methods to instant activation upon purchase, enhancing the user experience.

Winsage

April 17, 2025

Windows NTLM hash leak flaw exploited in phishing attacks on governments

A vulnerability in Windows, identified as CVE-2025-24054, is being actively exploited in phishing campaigns targeting government and private sectors. Initially addressed in Microsoft's March 2025 Patch Tuesday, it was not considered actively exploited at that time. Researchers from Check Point reported increased exploitation activities shortly after the patches were released, particularly between March 20 and 25, 2025. Some attacks were linked to the Russian state-sponsored group APT28, but definitive attribution is lacking. The vulnerability allows attackers to capture NTLM hashes through phishing emails containing manipulated .library-ms files that trigger the flaw when interacted with. Check Point noted that subsequent attacks involved .library-ms files sent directly, requiring minimal user interaction to exploit. The malicious files also included additional components that exploit older vulnerabilities related to NTLM hash leaks. The attacker-controlled SMB servers were traced to specific IP addresses. Although rated as medium severity, the potential for authentication bypass and privilege escalation makes it a significant concern, prompting recommendations for organizations to install updates and disable NTLM authentication if not necessary.

Winsage

April 17, 2025

Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems

Cybercriminals are exploiting a vulnerability in Windows systems known as CVE-2025-24054, which involves NTLM hash disclosure through spoofing techniques. This flaw allows attackers to leak NTLM hashes, leading to privilege escalation and lateral movement within networks. It is triggered when a user extracts a ZIP archive containing a malicious .library-ms file, causing Windows Explorer to initiate SMB authentication requests that expose NTLMv2-SSP hashes. Exploitation of this vulnerability began shortly after a security patch was released on March 11, 2025, with campaigns targeting government and private institutions in Poland and Romania. These campaigns utilized spear-phishing emails containing malicious ZIP archives, which, when interacted with, leaked NTLM hashes. The malicious files included various types designed to initiate SMB connections to attacker-controlled servers, allowing for pass-the-hash attacks and privilege escalation. The stolen hashes were sent to servers in several countries, indicating potential links to state-sponsored groups. One campaign involved Dropbox links that exploited the vulnerability upon user interaction. Microsoft has recommended immediate patching, enhancing network defenses, user education, network segmentation, and regular security audits to mitigate risks associated with this vulnerability.

Winsage

April 17, 2025

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

CVE-2025-24054 is a vulnerability that allows attackers to capture NTLMv2-SSP hashes from a victim's machine during authentication requests to an attacker-controlled SMB server. Active exploitation of this vulnerability has been observed since March 19, 2025, targeting government and private sectors in Poland and Romania. The attacks involve phishing emails that lead victims to download an archive file containing exploits designed to leak NTLMv2-SSP hashes. Microsoft has released patches for this vulnerability, but users on older, unsupported versions may need to consider micropatching.