We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

malicious email

Microsoft Patches a Whopping Seven Zero-Days in March
Winsage
March 13, 2025

Microsoft Patches a Whopping Seven Zero-Days in March

Microsoft's March Patch Tuesday revealed over 50 new vulnerabilities, including seven zero-day vulnerabilities, six of which are currently being exploited. Key vulnerabilities include: - CVE-2025-26633: Security feature bypass in Microsoft Management Console, CVSS score 7.0. - CVE-2025-24993: Remote code execution (RCE) vulnerability in Windows NTFS, CVSS score 7.8. - CVE-2025-24991: Information disclosure vulnerability in Windows NTFS, CVSS score 5.5. - CVE-2025-24985: RCE vulnerability in Windows Fast FAT File System Driver, CVSS score 7.8. - CVE-2025-24984: Information disclosure vulnerability in Windows NTFS, CVSS score 4.6. - CVE-2025-24983: Elevation of privilege (EoP) vulnerability in Windows Win32 Kernel Subsystem, CVSS score 7.0. - CVE-2025-26630: RCE vulnerability in Microsoft Access, CVSS score 7.8. This month's patch list includes 23 EoP and 23 RCE vulnerabilities, with all six critical vulnerabilities being RCEs. Notably, CVE-2025-24084 affects the Windows Subsystem for Linux (WSL2) kernel, and CVE-2025-26645 impacts the remote desktop client (RDP), allowing attackers to achieve remote code execution on vulnerable clients.
I compared Norton vs McAfee’s antivirus software to see which one is best
Tech Optimizer
March 1, 2025

I compared Norton vs McAfee’s antivirus software to see which one is best

Norton 360 provides robust malware protection, including features to combat malicious email attachments, phishing attacks, and ransomware, with a Community Watch program for enhanced threat detection. McAfee uses a cloud-based infrastructure and machine learning for threat identification, with a malware scanner that analyzes suspicious code on its servers. Norton excels in malware detection but has some false positives, while McAfee achieved a perfect score in detecting existing malware and zero-day exploits, also with some false positives. Norton includes a two-way firewall, password manager, and 2GB of online storage, while McAfee focuses on phishing protection and personal data privacy tools, often at an additional cost. Benchmark tests show Norton has minimal system impact, while McAfee significantly slows down during full scans. Norton offers two interface options and is user-friendly, while McAfee's interface is simple but lacks customization. McAfee has a quick installation process under five minutes and 24/7 support, while Norton’s installation is longer but includes conflict checking and extensive support options. Ultimately, Norton is noted for comprehensive security features and performance, while McAfee is recognized for its user-friendly interface and quick installation.
'Criminals are preying on Windows users': Software subject of CISA, cybersecurity warnings
Winsage
August 7, 2024

‘Criminals are preying on Windows users’: Software subject of CISA, cybersecurity warnings

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in Microsoft’s Windows 10, identified as CVE-2018-0824, to its Known Exploited Vulnerability Catalog. This vulnerability allows for privilege escalation and remote code execution. CISA recommends that users stop using affected software or apply necessary patches. A Chinese hacking group has reportedly exploited this vulnerability to compromise a Taiwanese government research center. Additionally, The Register reported that cybercriminals are targeting Windows users with a keylogger called SnakeKeylogger, which steals credentials and captures screenshots. SnakeKeylogger, marketed on Russian crime forums, has been a significant threat since 2020 and is spread through malicious email attachments. Recent alerts follow a "Crowdstrike outage" in July that affected Windows devices due to a faulty software update.
Phishing emails abuse Windows search protocol to push malicious scripts
Winsage
June 13, 2024

Phishing emails abuse Windows search protocol to push malicious scripts

The recent attacks described in the Trustwave report involve malicious emails with HTML attachments disguised as invoice documents in ZIP archives. The HTML file contains a meta refresh tag that opens a malicious URL, and if that fails, an anchor tag provides a clickable link to the URL. The URL uses the Windows Search protocol to perform a search on a remote host, displaying a fake interface to trick users. Clicking on a file in the search results triggers a batch script on the server. Trustwave recommends deleting registry entries associated with the search protocol to defend against this threat.
Search