law enforcement Archives

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

AppWizard

January 13, 2026

My Winter Car is a ‘dangerous, depressing and tiring’ life sim, and the developer doesn’t want you to play it unless you’ve mastered the infamously tricky My Summer Car

Amistech has launched My Winter Car in early access, a sequel to My Summer Car, just a year after the original game's 1.0 release in January 2025. The game requires prior experience with its predecessor, as it features intricate mechanics and a demanding gameplay style. My Winter Car focuses on restoring an old project car while navigating a survival scenario set in the harsh Finnish winter, where players face permadeath, inclement weather, and law enforcement. The game has received nearly 5,000 reviews and holds an Overwhelmingly Positive rating on Steam since its early access debut on December 29.

AppWizard

January 13, 2026

Batavia man charged after police find child sex abuse files on Kik messenger app

Enrique L. Gonzalez, a 27-year-old resident of Batavia, has been charged with 18 felony counts related to possessing and disseminating child sexual abuse materials, along with two additional counts for possessing abusive images. The investigation began after the Chicago Police Department alerted Batavia authorities on November 28, 2025. Evidence linked Gonzalez to a Kik messenger app account associated with the materials. Search warrants executed at his residence, mobile phone, and vehicle provided further supporting evidence. He is scheduled to appear in court at the Kane County Judicial Center on January 21.

Tech Optimizer

January 7, 2026

Fake error popups are spreading malware fast

A new cybercrime tool called ErrTraffic has emerged, simplifying malware dissemination through deceptive fake error messages that prompt users to address non-existent issues. The attacks begin on compromised websites, where users encounter distorted text and pop-ups suggesting a browser update or font installation. Clicking the provided button copies a command to the clipboard, instructing users to paste it into PowerShell, which triggers the malware infection. ErrTraffic automates this process, requiring minimal investment for attackers to access a control panel and scripted payload delivery. It operates via JavaScript injection, adapting to the user's operating system and browser to display tailored messages. This method effectively bypasses traditional malware defenses, achieving high conversion rates, with nearly 60% of users following through with the instructions. Infected devices may deploy infostealers or banking trojans, with the system designed to evade law enforcement by excluding certain regions. To mitigate risks, users should avoid copying commands from websites, trust built-in update notifications, use robust antivirus software, and regularly remove personal information from data broker sites.

AppWizard

December 29, 2025

The year of Minecraft: How Jack Black’s block-tastic video game adaptation started the most chaotic cinema trend of 2025

A Minecraft Movie was released on April 4, 2025, featuring Jack Black as Steve and other characters navigating the Minecraft world. The film generated significant fan engagement, with audiences cheering and celebrating during screenings, leading to some theaters requiring law enforcement to maintain order. A UK cinema banned children to curb disturbances. The film's success is attributed to Minecraft's large player base, with 1.4 million active players daily and over 50 million annual logins. The landscape of video game adaptations has improved, with successful examples like HBO's The Last of Us and Prime Video's Fallout. A sequel to A Minecraft Movie is scheduled for release on July 23, 2027, alongside other adaptations like The Super Mario Galaxy Movie and a Street Fighter reboot.

TrendTechie

December 24, 2025

Со Spotify скачали 86 млн песен, компания начала расследование, метаданные архива доступны в сети

Anna’s Archive, a non-profit meta-search engine, has acquired 86 million songs and metadata for 256 million compositions from Spotify as part of a project to create a global music archive. Founded by a group of anonymous archivists in response to law enforcement actions against Z-Library, Anna’s Archive aims to preserve digital content and make it accessible to the public. The organization has faced numerous takedown requests but remains a popular platform for pirated content. The Spotify project began after hackers found a way to collect data from the platform, focusing on preserving lesser-known music alongside popular tracks. Anna’s Archive has collected 186 million unique ISRC codes, surpassing existing public databases. Currently, only metadata has been released, with plans to distribute music files starting with popular tracks. Spotify has acknowledged the unauthorized access and is investigating the incident, having blocked accounts involved in data scraping and implemented new security measures. The legality of Anna’s Archive's activities raises questions, as the extraction and distribution of audio files may violate copyright laws and Spotify's terms of service.

AppWizard

December 5, 2025

After WhatsApp and Apple FaceTime, Russia bans Snapchat; government says: App being used to… – The Times of India

Russia's state internet regulator, Roskomnadzor, has blocked Snapchat and imposed restrictions on Apple's FaceTime, accusing both platforms of facilitating terrorist activities and criminal operations. The agency stated that these apps were used to organize terrorist activities, recruit individuals, and commit fraud against citizens. Snapchat has been unavailable in Russia since October 10. This action is part of Russia's broader strategy to restrict digital communications, having already blocked major Western platforms like Facebook, Instagram, and X, along with messaging services such as Signal and Viber. Telegram's voice and video calls are also facing limitations. The Kremlin is promoting MAX, a state-controlled app that combines messaging, government services, and payments, which is mandatory on new mobile devices. WhatsApp has received warnings of a potential ban if Meta does not comply with law enforcement requests. Additionally, virtual private network services are increasingly being blocked by Russian authorities.

Winsage

December 4, 2025

This Windows Update Pop-Up Is a Scam

Hackers have exploited Windows update screens to deliver malware disguised as a "critical security update," a tactic known as the ClickFix attack. This attack uses social engineering techniques, including fake error messages and CAPTCHA forms, to trick users into executing harmful commands. The scam appears as a pop-up mimicking the standard Windows blue screen but originates from a malicious domain. Users are prompted to paste and execute harmful commands, leading to malware installation. Researchers from Huntress have detailed this attack, noting that malicious code can be embedded within PNG images. Although recent law enforcement actions have reduced the presence of malware payloads on these domains, the threat remains. Users should be cautious of any update screens that do not show a progress indicator or require manual command input, as these are signs of a ClickFix attack. Microsoft releases security updates on the second Tuesday of each month, and users are advised to enable automatic updates and consider disabling the Windows Run box for added security.

AppWizard

November 30, 2025

Russian censorship agency threatens total block of WhatsApp citing terror links

Roskomnadzor, Russia's media regulator, has warned WhatsApp that it could be blocked unless it complies with local laws, citing concerns about the platform's use for terrorist activities and fraud. The agency highlighted WhatsApp's end-to-end encryption as an obstacle for law enforcement. Since August, Roskomnadzor has implemented gradual restrictions, including blocking voice calls and instructing telecom operators to stop text message verifications for new users, with a complete ban possible if compliance is not met. The regulator has suggested users switch to domestic alternatives, such as the state-backed MAX messaging app. WhatsApp has around 97 million users in Russia and has faced increasing scrutiny amid a broader crackdown on foreign messaging services. The company has reiterated its commitment to end-to-end encryption but has not publicly responded to Roskomnadzor's latest threats.

Winsage

November 25, 2025

ClickFix attack uses fake Windows Update screen to push malware

Recent observations have identified ClickFix attack variants where cybercriminals use deceptive Windows Update animations on full-screen browser pages to hide malicious code within images. Victims are misled into executing harmful commands through specific key sequences that copy and execute commands via JavaScript. Security researchers have documented these attacks since October, noting the use of LummaC2 and Rhadamanthys information stealers. Attackers utilize steganography to embed malware payloads within PNG images, reconstructing and decrypting them in memory using PowerShell and a .NET assembly called the Stego Loader. A dynamic evasion tactic known as ctrampoline complicates detection by initiating calls to numerous empty functions. The shellcode extracted from the encrypted image can execute various file types directly in memory. Following a law enforcement operation on November 13, the Rhadamanthys variant's payload delivery through fake Windows Update domains ceased, although the domains remain active. Researchers recommend disabling the Windows Run box and monitoring suspicious process chains to mitigate risks.