IT security Archives

Tech Optimizer

May 2, 2025

The Pillars of AI-Driven Security

The cybersecurity landscape has shifted from traditional methods like firewalls and antivirus software to more sophisticated, AI-driven strategies. The 2024 Verizon Data Breach Investigations Report identifies ransomware as a leading attack type, with a median time to compromise now measured in hours. The attack surface is expanding due to remote work, cloud adoption, and IoT devices, while traditional security measures struggle to keep up. AI enhances security across three domains: prevention, detection, and response. 1. Prevention: AI distinguishes between legitimate and suspicious activities, improving predictive accuracy and enabling proactive defenses against attacks. AI models can identify zero-day malware and fileless attacks by focusing on behavior. 2. Detection: AI-powered tools like SIEM systems analyze vast amounts of data to identify risks and suspicious patterns in near real-time, reducing false positives and highlighting low-and-slow attacks and insider threats. 3. Response: AI automates rapid containment and remediation actions, allowing human analysts to focus on more complex tasks. Generative AI can assist in drafting incident reports and suggesting remediation measures. AI-driven security offers scale and efficiency, reducing breach costs significantly for organizations that utilize it. AI models adapt to evolving threats, and AI tools help bridge the cybersecurity skills gap. However, challenges include potential biases in AI models, the need for talent and change management, and privacy concerns. Organizations are encouraged to adopt AI-driven security as a core component of their digital defense strategy to improve risk posture and threat response.

Winsage

April 24, 2025

Microsoft security patch opens up new security vulnerability

Microsoft's recent update aimed at fixing a security vulnerability (CVE-2025-2104) has unintentionally created an "inetpub" folder on the system drive of Windows operating systems. This folder's creation has raised concerns among IT security researchers, particularly Kevin Beaumont, who warns that it could lead to issues with Windows updates. Users can create junctions that redirect to the "inetpub" folder, potentially causing failures in installing updates and leaving systems vulnerable. Microsoft has stated that the "inetpub" folder should not be deleted and that its presence is part of security enhancements.

Winsage

March 25, 2025

How To Secure Windows on a Mid-Sized Business Budget

Access provides advice on IT challenges, career transitions, and workplace dynamics. A mid-sized company faced a ransomware scare due to a user opening a malicious attachment but recovered data without paying the ransom. To enhance security in a Windows environment on a limited budget, the following steps are recommended: 1. Evaluate data storage by centralizing it on servers rather than individual workstations to improve security and simplify backups. 2. Implement the principle of Least Privilege Access, limiting user access to only necessary resources to reduce potential damage during attacks. 3. Utilize Microsoft's AppLocker to control which applications can run on Windows desktops, blocking unauthorized software. 4. Set up a ransomware kill switch using a custom PowerShell script to monitor for suspicious activities and trigger defensive actions if ransomware is detected.

Winsage

March 19, 2025

Windows 11 has a hidden FAQ page in testing that tells you why your PC is slow

Windows 11 will introduce a new FAQ page in its Settings app to help users identify potential limitations of their PCs. This feature, currently hidden in Dev Channel builds, will answer questions about the OS version and evaluate GPU adequacy for gaming and video tasks. It will also analyze the impact of having 4-8GB of RAM on performance. The feature can be activated using the third-party utility ViVeTool with ID “5530588,” but its effectiveness may vary across systems. Microsoft has faced criticism for Windows 11's strict minimum hardware requirements, which may prevent many PCs from upgrading from Windows 10. This situation may force users to upgrade hardware or consider alternatives like ChromeOS. Microsoft aims to enhance user experience with Windows 11, which may lead to increased hardware sales and user satisfaction.

Tech Optimizer

February 21, 2025

Serious PostgreSQL flaw exploited in US Treasury zero-day attack

Security researchers have identified a zero-day vulnerability in PostgreSQL, labeled CVE-2025-1094, which is believed to have contributed to the cyber breach of the US Treasury in December. The breach was initially attributed to the command injection vulnerability CVE-2024-12356 in the BeyondTrust Remote Support platform. Successful exploitation of CVE-2024-12356 required prior exploitation of CVE-2025-1094. Although BeyondTrust issued a patch for CVE-2024-12356 in December 2024, it did not resolve the underlying issue of CVE-2025-1094, leaving it a zero-day vulnerability until reported to PostgreSQL. Chinese hackers reportedly gained remote access to multiple workstations within the US Treasury, potentially compromising unclassified documents. The details of the accessed documents and the number of workstations involved are not disclosed. This incident is part of a broader pattern of cyber attacks linked to Chinese state-sponsored actors.

Winsage

February 5, 2025

Windows 10 on the brink of extinction: This is how vulnerable you really are!

Microsoft will cease support for Windows 10 in October 2025, meaning new security vulnerabilities will not be patched, increasing exposure to threats. Cybercriminals are expected to target Windows 10, which still has over 60% market share, making it an attractive target. ESET estimates that around 32 million PCs in Germany are still using Windows 10. Users can opt for the Extended Security Updates program for an additional cost, extending updates until October 2026, or use 0Patch for updates until 2030. Windows 10 IoT Enterprise LTSC 2021 will receive updates until 2032, but its use as an office PC is restricted. Users are encouraged to upgrade to Windows 11 where hardware compatibility exists for ongoing security updates and new features.

Winsage

December 27, 2024

Christmas special: Office 2021 Pro Key for only €35,24 and Windows at the lowest price of €15,29!

Godeal24 is hosting a Christmas sale with significant discounts on Microsoft licenses. Office 2021 Pro is priced at €32.25 for a five-PC version, and the Office 2021 Pro Plus key is available for €35.24, reflecting a 90% discount. Office 2016 Pro Plus is offered at €15.29, while Windows 11 Pro is available for €13.25, and Windows 10 Pro for €8.25. Volume discounts for bulk purchases are also provided. Customers can use the discount code "CWALLETCO" during checkout for additional savings. Godeal24 offers digital delivery, 24/7 technical support, and a 98% Excellent rating on TrustPilot. Customers can contact service@godeal24.com for inquiries.

Winsage

December 21, 2024

Christmas software sale: Windows 11 Pro for €13,25 and lifetime MS Office for only €15,29!

Consumers are experiencing Christmas sales during the Black Friday shopping season, particularly on technology and software. Godeal24 is offering significant discounts on Microsoft products, including Windows 11 Pro for €13.25 and a 5 PC bundle for €10.63 per PC. Microsoft Office 2021 is available for €15.29, while the Office Professional 2021 version, which includes Microsoft Teams, costs €35.24. All software keys from Godeal24 are genuine, and the offers are time-sensitive. Godeal24 provides digital delivery of purchased software, has a 98% rating on TrustPilot, and offers technical support and lifetime after-sales service. Customers can contact Godeal24 at service@godeal24.com for inquiries.

Tech Optimizer

December 3, 2024

AV-Comparatives Announces 2024 Phishing Test Results: Avast and McAfee Excel in Yearly Assessment

AV-Comparatives conducted an evaluation of phishing protection in 2024, examining 1,000 phishing URLs across four quarterly assessments. Avast and McAfee achieved detection rates of 95%, though McAfee had a higher incidence of false positives. The evaluation included various antivirus programs and web browsers, with Avast leading the final quarterly test with a 95% detection rate on 250 phishing URLs. Other notable performers included Bitdefender, Kaspersky, McAfee, and Trend Micro, with G Data and Kaspersky also scoring above 90%. Phishing remains a significant cyber threat, leading to potential financial losses and identity theft. AV-Comparatives is an independent testing laboratory recognized for its assessments of cybersecurity products.

Winsage

November 9, 2024

Windows 11 Professional, Office 2021 Pro and other software are now at unbeatable prices

China's 11.11/11 Shopping Day, also known as Singles' Day, occurs annually on November 11 and is a major online shopping event that surpasses Black Friday and Cyber Monday. Godeal24 is participating this year, offering significant discounts on Microsoft products, such as Office 2021 Pro for €35.11 and Windows 11 Pro for €13.25. The upcoming Fall 2024 update for Windows 11, codenamed 24H2, will include various enhancements. Office 2024 is available with Office Home 2024 priced at €99.99 and Home and Business edition at €169.99, with a 30% discount available. Godeal24 provides digital delivery of software, a 98% TrustPilot rating, and 24/7 technical support. Customers can contact Godeal24 at service@godeal24.com for assistance.