Iran Archives

Winsage

December 5, 2025

Microsoft Silently Fixes 8-Year Windows Security Flaw

Microsoft addressed a critical vulnerability in Windows, identified as CVE-2025-9491, which had existed for nearly eight years and allowed cybercriminals to conceal malicious commands within .LNK (shortcut) files. This flaw was exploited by state-sponsored hacking groups from countries including China, Iran, North Korea, and Russia, with evidence of nearly 1,000 malicious shortcut files used in various campaigns. The vulnerability was initially downplayed by Microsoft, which stated it did not require immediate servicing. However, as exploitation increased, Microsoft eventually included a fix in its November 2025 Patch Tuesday updates, which was not publicly announced. The fix allows the entire Target command to be displayed in the Properties dialog, addressing the security risk. Research indicated that around 70% of campaigns exploiting this flaw were focused on espionage and information theft across multiple sectors.

Winsage

December 5, 2025

Microsoft Silently Activates Critical Windows Security Update

Microsoft has enhanced its Windows security measures by addressing the CVE-2025-9491 vulnerability, which has existed for nearly eight years and was exploited by state-sponsored groups for cyber espionage and data theft. The vulnerability was previously identified as ZDI-CAN-25373 and ZDI-25-148 by Trend Micro. The November Patch Tuesday updates have fixed this issue, which was described as having been demoted from a vulnerability to a functional bug. The update modifies the Properties dialog of a .lnk file to display the entire Target command in a single line. Microsoft has not officially acknowledged the update but stated that it is continuously rolling out enhancements for security and user experience.

Winsage

December 3, 2025

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has addressed a long-standing security vulnerability, identified as CVE-2025-9491, which has been exploited since 2017. This vulnerability involves a misinterpretation issue within Windows Shortcut (LNK) files, potentially allowing remote code execution. The flaw was highlighted in the November 2025 Patch Tuesday updates, with a CVSS score of 7.8/7.0. It allows crafted .LNK files to obscure harmful content, making it invisible to users, thus enabling attackers to execute code under the current user's context. The vulnerability was exploited by various state-sponsored groups, including those from China, Iran, North Korea, and Russia, for data theft and espionage. Microsoft initially deemed the flaw not warranting immediate attention, citing user interaction requirements and existing system warnings. Subsequent investigations revealed its exploitation by cyber espionage groups, including XDSpy and China-affiliated actors targeting European entities. The recent patch aims to ensure that the entire Target command is displayed in the Properties dialog, while 0patch provides warnings for LNK files exceeding 260 characters.

AppWizard

November 4, 2025

Malicious Android apps on Google Play downloaded 42 million times

The Android ecosystem has seen a significant rise in malicious applications, with over 40 million harmful apps downloaded from Google Play between June 2024 and May 2025. There has been a 67% year-over-year increase in malware targeting mobile devices, particularly spyware and banking trojans. Cybercriminals are shifting tactics from card fraud to mobile payment exploitation, employing phishing, smishing, SIM-swapping, and payment scams. Banking malware transactions reached 4.89 million in 2025, with a slowed growth rate of 3%. Malicious applications increased from 200 to 239, totaling 42 million downloads, with adware now accounting for 69% of all detections. Spyware has surged by 220% year-over-year, with India, the U.S., and Canada being the most affected countries. Notable malware families include Anatsa, which targets financial institutions, Android Void (Vo1d), which affects Android TV boxes, and Xnotice, which targets job seekers. IoT devices, particularly routers, are also being exploited, with the majority of attacks occurring in the U.S. Zscaler recommends implementing security measures such as regular updates, trusting reputable publishers, and adopting zero-trust technology for organizations.

Winsage

October 31, 2025

Windows LNK File UI Misrepresentation Enables Remote Code Execution Attacks

A vulnerability in the Windows operating system, identified as ZDI-CAN-25373 and disclosed in March 2025, allows advanced persistent threat (APT) actors to deploy malware by manipulating whitespace in Windows LNK files. This technique has been adopted by espionage groups from North Korea, China, Russia, and Iran for data theft and intelligence-gathering. The flaw enables malicious PowerShell commands to be concealed within seemingly legitimate shortcut files, which execute automatically when opened. The exploitation involves weaponized LNK files that initiate obfuscated PowerShell commands to decode embedded TAR archives containing a legitimate Canon printer utility, a malicious loader DLL, and an RC4-encrypted payload with remote access trojan malware. The legitimate executable, although signed with an expired certificate, is trusted by Windows due to its valid timestamp. As of October 2025, Microsoft has not released a patch for this vulnerability, prompting organizations to implement defensive measures against its exploitation.

AppWizard

October 6, 2025

Signal app threatens to leave Europe over chat control law

Meredith Whittaker, head of the Signal messaging app, stated that Signal is prepared to exit the EU market if legislation allows authorities to bypass encryption to scrutinize private messages. Whittaker emphasized that Signal would prioritize user privacy over compliance with such regulations. The EU is discussing a law aimed at combating the dissemination of child sexual abuse material, which would require messaging platforms to scan messages before encryption. WhatsApp's head criticized the proposed law, claiming it jeopardizes user privacy, while Threema expressed concerns about mass surveillance being incompatible with democratic principles. The European Parliament largely opposes the initiative, while the Council of Member States shows majority support for control measures. Additionally, an incident was reported where an unknown individual used AI-generated voice technology and Signal to impersonate Secretary of State Marco Rubio and contacted five government officials.

AppWizard

October 5, 2025

Iranian Messenger Apps Able to Find Users in Persian-Speaking States

Iranian messenger applications are looking to expand into markets with cultural, linguistic, and religious ties to Iran, such as North Africa, Pakistan, Afghanistan, and India. Amin Sharifi, managing director of Soroush Plus, highlighted the potential for these apps to succeed through collaboration among policymakers and tech professionals. Additionally, there is interest from Iranians abroad in using these platforms to connect with families in Iran. A knowledge-based company has developed a ChatGPT-inspired AI assistant application aimed at improving work processes and productivity, with a focus on process automation, intelligent support, and data analysis across various sectors. Fardin Aqadadashi Dinabad, the managing director of this company, emphasized the application's advanced AI capabilities.

AppWizard

October 1, 2025

Here’s why VPN interest has surged 7,000% in 2025

Demand for VPN services is increasing significantly, with a projected surge expected by 2025. Recent research indicates a 7000% increase in VPN usage this year, driven by new laws and social media restrictions in various countries. Notable increases in VPN interest include: - Nepal: +2,892% (social media bans amid civil unrest) - United Kingdom: +1,987% (online age verification requirement) - United States: +827% (social media bans) - Iran: +707% (internet restrictions due to protests) - France: +570% (online age verification requirement) - Turkey: +188% (social media bans) - India: +72% (Pakistan content ban) In the U.S., interest rose due to a temporary TikTok ban in January 2025, with ongoing discussions about mandatory ID verification for adult content access in some states. Historically, VPNs have been essential for bypassing censorship and maintaining communication in conflict regions, as seen in Nepal and Iran.

Tech Optimizer

September 27, 2025

Antivirus Statistics 2025: Revealing Growth & Usage

The global antivirus software market is projected to reach approximately billion by 2025 and grow at a compound annual growth rate (CAGR) of around 6.9% through 2029. By 2025, 84% of users are expected to have antivirus software installed on their computers, and approximately 68% will have antivirus protection on their smartphones. In recent testing, antivirus products were evaluated against 212 test cases, with 560,000 new malware variants detected globally each day. Microsoft Defender and Norton achieved perfect protection scores of 100% in evaluations conducted in June 2025. Microsoft is redesigning Windows to relocate antivirus and Endpoint Detection and Response (EDR) applications out of the kernel. In 2024, the U.S. government prohibited the sale of Kaspersky antivirus software due to national security concerns. Gen Digital anticipates revenue between .70 billion and .80 billion for 2026. The integration of AI into malware frameworks is pushing antivirus vendors to adopt machine learning-driven threat detection models. Antivirus plans are predominantly priced between and , with 32.1% of plans falling within this range. Only 3.6% of antivirus options are free, and 93% of products offer a 30+ day money-back guarantee. 79% include defenses against ransomware and phishing attacks, and 61% come with a built-in firewall. The average maximum coverage per antivirus subscription extends to 24 devices. In 2024, around 121 million Americans used third-party antivirus software, with 17 million adults intending to adopt antivirus software within six months. Among users of commercial antivirus software, 74% reported encountering malware in the past year. Detection effectiveness in malware tests often surpasses 99% for leading antivirus products, while false positive rates vary significantly. Symantec leads the Windows antivirus market with a share of 13.81%, followed by AVAST Software (11.93%) and ESET (11.03%). Approximately 560,000 new malware variants are identified daily, and there are over 1 billion documented malware samples worldwide. Ransomware attacks targeting Windows constitute around 93% of all enterprise ransomware incidents. In 2024, 17% of U.S. adults reported using antivirus software on mobile phones, with 73% opting for paid versions. Free antivirus solutions typically offer basic features but lack advanced modules. The enterprise antivirus market is projected to reach approximately .0 billion by 2024, with significant growth expected in the coming years. North America holds approximately 48.3% of the global antivirus market share, while Europe experiences growth due to regulations. IoT devices are increasingly targeted, with unpatched firmware responsible for about 60% of IoT breaches. The average cost of an IoT security failure incident is approximately 0,000. Typical antivirus subscriptions range from to 0 per year, with many vendors offering multi-device bundles.

Tech Optimizer

September 15, 2025

Antivirus Software Market Size Unlocking New Opportunities for Success

The global antivirus software market is valued at approximately USD 4.0 to 4.7 billion in 2023 and is projected to grow to around USD 11.0 billion by 2033, reflecting a compound annual growth rate (CAGR) of about 8.5% from 2024 to 2033. The market is driven by increasing cyber threats, the rise of internet and device penetration, and the demand for advanced protection solutions. Key players in the market include NortonLifeLock, McAfee, Kaspersky, Bitdefender, Avast, Trend Micro, ESET, and Sophos. The market can be segmented into cloud-based and on-premises antivirus solutions, and applications include individual consumers, small and medium enterprises, and large enterprises. The report provides insights into regional growth, competitive landscape, and market dynamics, with customization options available for specific requirements.