logging Archives

AppWizard

May 12, 2026

Your Android security and privacy got huge upgrades—The Android Show reveals all

Google announced significant security and privacy enhancements at the Android Show, including features in the upcoming Android 17. Users will have increased transparency regarding location access and can manage which apps track their location. New protections against banking scams and a "Mark as Lost" feature with biometric security will be introduced. A "temporary precise location" button will allow quick access to surroundings while preventing unwanted tracking. Live Threat Detection will receive an upgrade for 2026, focusing on harmful behaviors like SMS forwarding. Dynamic signal monitoring will alert users to suspicious app behavior. Improvements to the Advanced Protection program include USB Protection for all Pixel devices running Android 16 or higher and Intrusion Logging for all Android 16 devices with the December update. Chrome on Android will enhance Safe Browsing to analyze APKs for malware. The "Mark as Lost" feature will allow biometric locking of devices, hide Quick Settings, and disable new connections. Theft protections will be enabled by default in several countries, including Argentina, Chile, Colombia, Mexico, and the U.K.

AppWizard

May 12, 2026

This devious Android malware has returned disguised as TikTok or streaming apps — and is now using blockchain to remain undetected

Researchers at ThreatFabric have identified a new variant of the TrickMo banking trojan, named TrickMo.C, targeting Android users in Europe since January 2026. TrickMo.C disguises itself as popular applications like TikTok and streaming services, using tactics such as phishing overlays to harvest login credentials and sensitive information. It can log keystrokes, record screens, livestream content, intercept SMS messages, suppress OTP notifications, modify the clipboard, filter notifications, and capture screenshots. The primary targets are in France, Italy, and Austria, allowing unauthorized access to bank accounts and cryptocurrency wallets. TrickMo.C distinguishes itself by using the TON network for communication, which enhances anonymity and complicates detection efforts.

Tech Optimizer

May 10, 2026

Query billion-scale vectors with SQL: Integrating Amazon S3 Vectors and Aurora PostgreSQL

For managing relational data within Amazon Aurora PostgreSQL and enhancing capabilities with similarity search over large embedding collections, an integration with Amazon S3 Vectors is available. This integration utilizes the pgvector extension for low-latency similarity searches on vectors stored in the database. Amazon S3 Vectors provides cost-effective storage for extensive datasets, scaling to hundreds of millions or billions of embeddings. The integration, facilitated through AWS Lambda, allows users to query S3 Vectors directly from Aurora PostgreSQL using standard SQL, enabling the combination of vector similarity results with relational filters in a single query. The integration offers benefits such as basic key-value metadata support in S3 Vectors for simple filtering, while Aurora PostgreSQL is optimal for complex SQL filters, multi-table joins, and access-control policies. The architecture separates concerns, with Lambda handling API integration and Aurora managing relational data. Security is maintained through IAM role separation and network security measures. Data consistency considerations arise due to the distribution of data across Aurora PostgreSQL and S3 Vectors, necessitating explicit synchronization processes to manage potential stale results. The integration is suitable for use cases that can tolerate eventual consistency, such as recommendations and content discovery. Performance expectations include Lambda invocation latencies of 100-500 milliseconds, while Aurora pgvector typically provides single-digit millisecond response times. S3 Vectors achieves sub-second performance for cold queries and less than 100 milliseconds for warm queries. From a cost perspective, S3 Vectors is more economical than Aurora, making it suitable for high-volume vector data that requires archiving and queryability. The integration architecture consists of three components: Aurora PostgreSQL, AWS Lambda for API translation, and S3 Vectors for executing similarity searches. A typical query involves several stages, including SQL query invocation, function processing, API translation, similarity search, and result processing. Prerequisites for this integration include familiarity with Aurora PostgreSQL, AWS Lambda, vector databases, and SQL. Required AWS resources include an Aurora PostgreSQL cluster, a VPC with internet access, and appropriate permissions for IAM roles and Lambda functions. To deploy the integration, users must gather configuration values from their Aurora cluster, deploy a CloudFormation stack, associate the IAM role, update the Lambda function code, and install the necessary PostgreSQL schema. Sample data can be uploaded to the S3 Vectors index, allowing for testing of vector operations and combined queries. When combining relational and vector queries, developers should be aware of the trade-offs involved in pre-filtering data by metadata, which can improve performance but may reduce recall. Troubleshooting may involve addressing connectivity issues, IAM role misconfigurations, and performance optimizations. To clean up resources after testing, users should remove the PostgreSQL schema, disassociate the Lambda role from the Aurora cluster, and delete the CloudFormation stack to ensure all resources are removed.

Tech Optimizer

May 7, 2026

How lakebase architecture delivers 5x faster Postgres writes

The lakebase architecture separates compute and storage, enhancing operational flexibility and performance. Traditional Postgres systems face durability challenges due to write-ahead logging (WAL) and full page writes (FPW), which can inflate WAL volume significantly in write-heavy scenarios. The lakebase solution eliminates the risk of torn pages by streaming WAL to a distributed storage system, avoiding local-disk dependencies. Image generation pushdown transfers the responsibility of generating full page images from the compute layer to the storage layer, maintaining read performance while reducing WAL overhead. Benchmarks show significant improvements in throughput and reduced WAL generation, with a 94% reduction in WAL size per transaction and a 3x increase in ingestion throughput for data-intensive tasks. This enhancement has been deployed globally without interruptions, marking a shift towards improved managed Postgres performance.

AppWizard

May 7, 2026

The old Fitbit app is becoming Google Health in under two weeks — here’s what to know

The Fitbit app will transition to the Google Health app on May 19 through an automatic update, ensuring all Fitbit data carries over. Google Fit users will be able to migrate their data later this year. Fitbit Premium is rebranded as Google Health Premium, with an annual subscription price increase. Google AI Pro and Ultra subscribers in over 30 countries will receive this premium service at no extra cost. The updated Google Health app will feature enhanced leaderboards for step tracking and cardio load, improved cycle tracking, and a flagship feature called Health Coach, which requires a Google Health Premium subscription. Basic features like activity tracking and health monitoring will remain available for free, while premium functionalities will be powered by AI. The Health Premium subscription will be complimentary for Google AI Pro and Ultra subscribers, expanding access compared to the previous Fitbit Premium availability.

Winsage

May 7, 2026

Upwind expands runtime protection to Windows Server VMs

Upwind has expanded its runtime protection and visibility offerings to include Windows Server virtual machines (VMs) on major cloud platforms such as Amazon Web Services, Google Cloud, and Microsoft Azure. This integration applies to Windows Server 2016 and later versions and enhances runtime monitoring and detection workflows. Upwind's Windows Sensor provides visibility into host activities, including process executions, network connections, and DNS requests, while also conducting continuous assessments for vulnerabilities and configuration issues. The telemetry collected aids in real-time detection of potential security threats and supports ongoing vulnerability scanning. The integration of Windows Server VMs into Upwind's Runtime Map, Detections, and Sensor components allows for unified monitoring and risk prioritization across cloud environments. This expansion aims to address the critical need for runtime behavior insights in cloud security, particularly for businesses relying on Windows Server for essential applications.

Tech Optimizer

May 7, 2026

What Is Endpoint Detection and Response?

Traditional endpoint security measures, such as antivirus software and firewalls, are increasingly ineffective against sophisticated cyberattacks, which can bypass these defenses. Endpoint Detection and Response (EDR) is a solution that emphasizes rapid detection and containment of threats, continuously monitoring endpoint activity and identifying suspicious behavior in real time. EDR platforms gather data from all connected endpoints and utilize AI-driven analytics to detect both known and unknown threats. In 2024, over 97 billion exploitation attempts were recorded, underscoring the need for robust endpoint protection. EDR tools operate in four stages: detection, containment, investigation, and elimination of threats. They collect telemetry data from endpoints to establish a baseline of normal activity, enabling the identification of anomalies that may indicate a threat. EDR can automatically isolate affected endpoints, terminate malicious processes, and execute remediation actions. EDR employs two methods for threat detection: comparing endpoint activity against indicators of compromise for known threats and using behavioral detection models for unknown threats. The system can generate reports on threat activity and response effectiveness, aiding compliance and operational decision-making. The telemetry data collected is stored in a centralized repository, supporting threat-hunting initiatives. Organizations that deployed EDR in 2024 experienced an average breach cost that was significantly lower than those that did not. EDR minimizes security blind spots, reduces the attack surface by identifying vulnerabilities, speeds up investigations and responses, blocks new threats through behavioral analysis, and strengthens other security measures when integrated with existing tools. Challenges in EDR implementation include alert fatigue, integration complexity, resource constraints, and limited scope. When choosing an EDR solution, organizations should prioritize features such as real-time threat detection, automated response capabilities, behavioral analysis, offline protection, low performance impact, and integration with existing tools. EDR functions effectively as part of a layered security strategy, complementing other tools like Endpoint Protection Platforms (EPP) and Extended Detection and Response (XDR). EDR focuses on endpoint activity, while EPP serves as a first line of defense against common threats, and XDR broadens the scope to include network traffic and cloud workloads. VPNs encrypt network traffic, providing an additional layer of protection for data in transit.

Tech Optimizer

May 6, 2026

Immudb Upgrade Brings Immutable Audit Trails To PostgreSQL Workloads – Open Source For You

Codenotary has released immudb 1.11, enhancing its open-source database into a comprehensive trust infrastructure layer. Key features include immutable audit logging, which allows organizations to create permanent, tamper-proof records of data and database activities, supported by cryptographic verification to prevent unauthorized alterations. The update also introduces compatibility with PostgreSQL, enabling existing applications to use immudb without modifications. Benefits for organizations include unalterable audit trails, simplified compliance and reporting, and reduced operational complexity. This release positions open source as a viable alternative to proprietary compliance and logging systems, addressing challenges in demonstrating data trustworthiness.

BetaBeacon

May 6, 2026

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

- ScarCruft, also known as APT37 or Reaper, is a North Korean espionage group targeting government, military organizations, and companies in Asia. - BirdCall is a Windows backdoor attributed to ScarCruft, with spying capabilities such as taking screenshots and logging keystrokes. - The Android version of BirdCall collects contacts, SMS messages, call logs, and media files, and was actively developed over several months. - The BirdCall backdoor was discovered in a trojanized card game on a gaming platform tailored for ethnic Koreans living in Yanbian, China. - The attack was likely aimed at collecting information on individuals from the Yanbian region deemed of interest to the North Korean regime, such as refugees or defectors.

Tech Optimizer

May 5, 2026

Open Source Tamper-Proof Database Adds Immutable Audit Logging and Expands PostgreSQL Compatibility

Codenotary has released immudb 1.11, an open-source database that enhances immutable audit logging and compatibility with PostgreSQL. This version features integrated audit logging that captures database activities in a tamper-proof manner, eliminating the need for external logging systems. It allows organizations to create unalterable audit trails, streamline compliance processes, and maintain a reliable history of data interactions. Immudb 1.11 is compatible with existing PostgreSQL code, enabling seamless integration with various applications and tools. The database is particularly beneficial for sectors requiring trust and accountability, such as finance, software development, cybersecurity, regulated industries, AI systems, and supply chain management. Immudb has over 50 million downloads and supports a zero-trust approach to data management. The open-source version is available on GitHub.