malicious software Archives

Winsage

March 25, 2026

Microsoft woll allow to pause Windows updates

Microsoft is changing its update management policy for the Windows operating system to give users more control over when and how updates are installed. This shift comes after years of user dissatisfaction with the automatic update model implemented in 2015, which often led to unexpected system restarts and disruptions. The new policy allows users to pause updates indefinitely and choose when to install them, improving predictability and convenience. Additionally, Microsoft plans to enhance transparency by providing detailed notifications about updates before installation. While users generally welcome these changes, experts warn that delaying updates could increase vulnerability to cyber threats. Microsoft is also refining Windows 11 to improve speed and user interface, including updates to the integration of Copilot and restoring taskbar customization options.

Tech Optimizer

March 24, 2026

This tax-themed malvertising attack can blind security software before it arrives — and then unleashes ransomware

Cybercriminals are targeting taxpayers with phishing schemes and malware attacks as the April 15 tax deadline approaches. They create fake tax form websites that appear in Google Ads, leading users to download malicious software like ScreenConnect, which can disable device security. These tactics aim to steal sensitive information and potentially facilitate ransomware attacks. Counterfeit Chrome updates are also being used in similar schemes. Taxpayers are advised to verify the authenticity of websites and rely on trusted sources to protect their personal information.

AppWizard

March 23, 2026

Google adds ‘Advanced Flow’ for safe APK sideloading on Android

Google has introduced a new mechanism called Advanced Flow within Android to facilitate the sideloading of APKs from unverified developers for power users while enhancing security. This system will launch in August and aims to balance user flexibility with protection against malware and scams, which caused losses of approximately billion last year. To install APKs from unverified developers, users must complete a one-time process that includes activating Developer Mode, confirming they are not influenced by threat actors, restarting the device, and verifying the legitimacy of modifications after a day. Once completed, users can install applications from unverified developers and choose to enable them for a week or indefinitely, with Android providing a warning about the unverified source. The Advanced Flow process is designed to prevent users from being coerced into installing malicious software during scam attempts. Google emphasizes that this system is a compromise between Android's openness and necessary user protections, leading to upcoming developer verification requirements. All Android app publishers will need to undergo identity verification by Google, with non-compliance resulting in blocked software installations on certified Android devices. This verification initiative is now set for rollout in August 2026.

AppWizard

March 20, 2026

This is Android’s new ‘advanced flow’ for sideloading apps without verification, includes one-day waiting period [Gallery]

Google will introduce a new Android developer verification process later this year to enhance user security and accommodate power users. This will include an "advanced flow" that allows users to disable the verification requirement and install software from unverified developers. Users must activate Developer mode, confirm they are not being guided by a malicious actor, restart their device, and undergo a mandatory one-day "Security wait" period for identity verification through biometric authentication or a device PIN. After this, they can install apps from unverified developers indefinitely, with a temporary option for seven days. Users will still receive a warning when installing apps from unverified developers but can choose to proceed. The rollout is set for August, alongside new developer verification requirements. Additionally, Google will offer limited distribution accounts for developers to share apps with up to 20 users without registration fees or government ID.

AppWizard

March 19, 2026

Google gives Android users a way to install unverified apps if they prove they really, really want to

Google has announced that Android users will now be able to install apps from unverified developers, responding to user feedback against the previously planned developer verification requirement set for September 2026. The original plan required apps on certified Android devices to be linked to verified developer accounts, which faced criticism from various groups. In response, Google has implemented a one-time installation process for apps from unverified developers, requiring users to enable developer mode, confirm their decision, restart their device, and wait a day before proceeding. Users can then install apps from unverified developers for seven days or indefinitely. Additionally, a separate installation flow will allow students and hobbyists to share apps with a small group without verification. These changes are set to roll out in August.

Tech Optimizer

March 19, 2026

How AI And Hacking Professionalism Are Overwhelming Endpoint Security

The digital landscape is transforming due to the professionalization of cybercrime, which is now a significant part of organized crime, second only to drug trafficking. Malware includes various types such as viruses, browser hijackers, password stealers, Trojans, botnet malware, and ransomware. Traditional antivirus solutions rely on signature-based detection, heuristic analysis, and behavior monitoring, but these methods can lead to false positives and negatives. The evolution of cybersecurity has seen the rise of "Ransomware-as-a-Service" (RaaS) and the use of polymorphic malware that changes its signature, making traditional defenses ineffective. Hackers are also using AI and machine learning to evade behavioral monitoring. New defense strategies include Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR), which focus on monitoring for breaches rather than preventing them. Leading vendors in this space include CrowdStrike, SentinelOne, Microsoft, and Palo Alto Networks. The zero trust security framework treats all access attempts as potentially hostile and emphasizes the integration of various security technologies. Emerging startups like FinalAV Security are developing zero trust solutions for consumers and small businesses, focusing on prevention rather than detection.

Tech Optimizer

March 17, 2026

Up to 86% Off Surfshark One — Lock in This All-in-One Cybersecurity Deal

Surfshark has launched the Surfshark One bundle, which includes a VPN, antivirus protection, data breach monitoring, alternative ID features, and private search capabilities. The 24-month plan offers significant savings, costing approximately .49 per month, while the 12-month plan costs .99 per month. The antivirus tool scans for malware and provides real-time monitoring. It also alerts users if their personal information appears in data breach databases, allowing them to take action. The private search tool ensures searches are not tracked or linked to personal profiles. All plans come with a 30-day money-back guarantee.

Winsage

March 17, 2026

5 security features in Windows 11 Pro to keep you protected against even the smartest cyberattacks

Windows 11 Pro includes a comprehensive suite of cybersecurity features that enhance protection against vulnerabilities such as lost devices, stolen passwords, risky downloads, and phishing attempts. Key features include: - BitLocker: Encrypts drive contents to secure sensitive information on laptops, particularly useful for mobile devices. - Windows Hello for Business: Replaces traditional passwords with a device-bound PIN or biometric verification, reducing the risk of credential theft. - Smart App Control: Prevents malicious software from executing by evaluating applications before they run, effective against modern threats. - Windows Sandbox: Allows users to run potentially risky software in a secure, isolated environment that resets upon closure. - Windows Firewall: Regulates network traffic to and from the PC, filtering based on application, port, protocol, and network type, and helps manage application interactions with the network.

AppWizard

March 16, 2026

Advanced Protection Mode in Android 17 prevents apps from misusing Accessibility Services

Android 17 has introduced Advanced Protection Mode (AAPM) to enhance user security by preventing non-accessibility applications from using the Accessibility API, which has been exploited by malware. AAPM allows only verified accessibility tools to utilize the API and implements stricter security settings, including blocking installations from unknown sources, limiting USB data access, and mandating Google Play Protect scans. Applications must declare themselves as accessibility tools with the attribute isAccessibilityTool="true" to use the Accessibility Services API. Additionally, Android 17 features a new contacts picker that allows applications to request access to specific contact fields instead of the entire address book, enhancing user privacy.

AppWizard

March 13, 2026

Did a Steam Game Give Your PC Malware? The FBI Wants to Know

The FBI has launched an investigation into malware threats associated with PC games on Steam, particularly targeting users from May 2024 to January 2026. The games identified include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova, all linked to malware incidents. For example, PirateFi was designed to steal browser cookies, Chemia updated itself with malicious software, and BlockBlasters was identified as a Trojan that siphoned cryptocurrency. The FBI's alert also mentions Lampy, which may harbor malware. Valve, the parent company of Steam, has not responded to inquiries but has warned users about the affected games. The investigation suggests a potential link to a single group or individual, with reports indicating that victims were lured through Telegram messages offering free game keys or job opportunities.